Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(661)

Unified Diff: content/browser/frame_host/render_frame_host_impl.cc

Issue 2550113002: Send a subtree of same-process PageStates for back/forward child frames.
Patch Set: Rebase Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/navigator_impl.cc ('k') | content/common/frame_messages.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/render_frame_host_impl.cc
diff --git a/content/browser/frame_host/render_frame_host_impl.cc b/content/browser/frame_host/render_frame_host_impl.cc
index c8d66dc67f8bb41762bb38acbeee63283063152a..84257f9ed276183e0babf56cae3f1f4255fb15fe 100644
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
@@ -3087,9 +3087,15 @@ void RenderFrameHostImpl::UpdatePermissionsForNavigation(
// access again. Abuse is prevented, because the files listed in the page
// state are validated earlier, when they are received from the renderer (in
// RenderFrameHostImpl::CanAccessFilesOfPageState).
- if (request_params.page_state.IsValid())
+ if (request_params.page_state.IsValid()) {
GrantFileAccessFromPageState(request_params.page_state);
+ // Iterate over the subtree of PageStates as well, since the renderer will
+ // attempt to load each of these without asking the browser process.
+ for (const auto& iter : request_params.subtree_page_states)
+ GrantFileAccessFromPageState(iter.second);
+ }
+
// We may be here after transferring navigation to a different renderer
// process. In this case, we need to ensure that the new renderer retains
// ability to access files that the old renderer could access. Abuse is
« no previous file with comments | « content/browser/frame_host/navigator_impl.cc ('k') | content/common/frame_messages.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698