Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(523)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/net/chrome_extensions_network_delegate.cc

Issue 2552453002: Stop initializing url::Origin in extensions OnBeforeURLRequest when not needed (Closed)
Patch Set: nested conditional Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/net/chrome_extensions_network_delegate.cc
diff --git a/chrome/browser/net/chrome_extensions_network_delegate.cc b/chrome/browser/net/chrome_extensions_network_delegate.cc
index 86161ddd9ee9c5b4466d1aa6b27ea11736962ac7..d08dcec6af345d432c33f32c9f5d099cae8e75c6 100644
--- a/chrome/browser/net/chrome_extensions_network_delegate.cc
+++ b/chrome/browser/net/chrome_extensions_network_delegate.cc
@@ -173,7 +173,7 @@ int ChromeExtensionsNetworkDelegateImpl::OnBeforeURLRequest(
GURL* new_url) {
const content::ResourceRequestInfo* info =
content::ResourceRequestInfo::ForRequest(request);
- GURL url(request->url());
+ const GURL& url(request->url());
// Block top-level navigations to blob: or filesystem: URLs with extension
// origin from non-extension processes. See https://crbug.com/645028.
@@ -188,37 +188,39 @@ int ChromeExtensionsNetworkDelegateImpl::OnBeforeURLRequest(
bool is_nested_url = url.SchemeIsFileSystem() || url.SchemeIsBlob();
bool is_navigation =
info && content::IsResourceTypeFrame(info->GetResourceType());
- url::Origin origin(url);
- if (is_nested_url && is_navigation && info->IsMainFrame() &&
- origin.scheme() == extensions::kExtensionScheme &&
- !extension_info_map_->process_map().Contains(info->GetChildID()) &&
- !content::IsBrowserSideNavigationEnabled()) {
- // Relax this restriction for apps that use <webview>. See
- // https://crbug.com/652077.
- const extensions::Extension* extension =
- extension_info_map_->extensions().GetByID(origin.host());
- bool has_webview_permission =
- extension &&
- extension->permissions_data()->HasAPIPermission(
- extensions::APIPermission::kWebView);
- // Check whether the request is coming from a <webview> guest process via
- // ChildProcessSecurityPolicy. A guest process should have already been
- // granted permission to request |origin| when its WebContents was created.
- // See https://crbug.com/656752.
- auto* policy = content::ChildProcessSecurityPolicy::GetInstance();
- bool from_guest =
- policy->HasSpecificPermissionForOrigin(info->GetChildID(), origin);
- if (!has_webview_permission || !from_guest) {
- // TODO(alexmos): Temporary instrumentation to find any regressions for
- // this blocking. Remove after verifying that this is not breaking any
- // legitimate use cases.
- char origin_copy[256];
- base::strlcpy(origin_copy, origin.Serialize().c_str(),
- arraysize(origin_copy));
- base::debug::Alias(&origin_copy);
- base::debug::Alias(&from_guest);
- base::debug::DumpWithoutCrashing();
- return net::ERR_ABORTED;
+ if (is_nested_url && is_navigation && info->IsMainFrame()) {
+ // Nested conditional so we don't always pay the GURL -> Origin conversion.
+ url::Origin origin = url::Origin(url);
+ if (origin.scheme() == extensions::kExtensionScheme &&
+ !extension_info_map_->process_map().Contains(info->GetChildID()) &&
+ !content::IsBrowserSideNavigationEnabled()) {
+ // Relax this restriction for apps that use <webview>. See
+ // https://crbug.com/652077.
+ const extensions::Extension* extension =
+ extension_info_map_->extensions().GetByID(origin.host());
+ bool has_webview_permission =
+ extension &&
+ extension->permissions_data()->HasAPIPermission(
+ extensions::APIPermission::kWebView);
+ // Check whether the request is coming from a <webview> guest process via
+ // ChildProcessSecurityPolicy. A guest process should have already been
+ // granted permission to request |origin| when its WebContents was
+ // created. See https://crbug.com/656752.
+ auto* policy = content::ChildProcessSecurityPolicy::GetInstance();
+ bool from_guest =
+ policy->HasSpecificPermissionForOrigin(info->GetChildID(), origin);
+ if (!has_webview_permission || !from_guest) {
+ // TODO(alexmos): Temporary instrumentation to find any regressions for
+ // this blocking. Remove after verifying that this is not breaking any
+ // legitimate use cases.
+ char origin_copy[256];
+ base::strlcpy(origin_copy, origin.Serialize().c_str(),
+ arraysize(origin_copy));
+ base::debug::Alias(&origin_copy);
+ base::debug::Alias(&from_guest);
+ base::debug::DumpWithoutCrashing();
+ return net::ERR_ABORTED;
+ }
}
}
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698