| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/render_frame_host_impl.h" | 5 #include "content/browser/frame_host/render_frame_host_impl.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 #include "content/public/browser/browser_thread.h" | 75 #include "content/public/browser/browser_thread.h" |
| 76 #include "content/public/browser/content_browser_client.h" | 76 #include "content/public/browser/content_browser_client.h" |
| 77 #include "content/public/browser/permission_manager.h" | 77 #include "content/public/browser/permission_manager.h" |
| 78 #include "content/public/browser/permission_type.h" | 78 #include "content/public/browser/permission_type.h" |
| 79 #include "content/public/browser/render_process_host.h" | 79 #include "content/public/browser/render_process_host.h" |
| 80 #include "content/public/browser/render_widget_host_view.h" | 80 #include "content/public/browser/render_widget_host_view.h" |
| 81 #include "content/public/browser/resource_context.h" | 81 #include "content/public/browser/resource_context.h" |
| 82 #include "content/public/browser/storage_partition.h" | 82 #include "content/public/browser/storage_partition.h" |
| 83 #include "content/public/browser/stream_handle.h" | 83 #include "content/public/browser/stream_handle.h" |
| 84 #include "content/public/browser/user_metrics.h" | 84 #include "content/public/browser/user_metrics.h" |
| 85 #include "content/public/common/bindings_policy.h" |
| 85 #include "content/public/common/browser_side_navigation_policy.h" | 86 #include "content/public/common/browser_side_navigation_policy.h" |
| 86 #include "content/public/common/content_constants.h" | 87 #include "content/public/common/content_constants.h" |
| 87 #include "content/public/common/content_features.h" | 88 #include "content/public/common/content_features.h" |
| 88 #include "content/public/common/content_switches.h" | 89 #include "content/public/common/content_switches.h" |
| 89 #include "content/public/common/file_chooser_file_info.h" | 90 #include "content/public/common/file_chooser_file_info.h" |
| 90 #include "content/public/common/file_chooser_params.h" | 91 #include "content/public/common/file_chooser_params.h" |
| 91 #include "content/public/common/form_field_data.h" | 92 #include "content/public/common/form_field_data.h" |
| 92 #include "content/public/common/isolated_world_ids.h" | 93 #include "content/public/common/isolated_world_ids.h" |
| 93 #include "content/public/common/service_manager_connection.h" | 94 #include "content/public/common/service_manager_connection.h" |
| 94 #include "content/public/common/service_names.mojom.h" | 95 #include "content/public/common/service_names.mojom.h" |
| (...skipping 255 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 350 this)); | 351 this)); |
| 351 site_instance_->AddObserver(this); | 352 site_instance_->AddObserver(this); |
| 352 GetSiteInstance()->IncrementActiveFrameCount(); | 353 GetSiteInstance()->IncrementActiveFrameCount(); |
| 353 | 354 |
| 354 if (frame_tree_node_->parent()) { | 355 if (frame_tree_node_->parent()) { |
| 355 // Keep track of the parent RenderFrameHost, which shouldn't change even if | 356 // Keep track of the parent RenderFrameHost, which shouldn't change even if |
| 356 // this RenderFrameHost is on the pending deletion list and the parent | 357 // this RenderFrameHost is on the pending deletion list and the parent |
| 357 // FrameTreeNode has changed its current RenderFrameHost. | 358 // FrameTreeNode has changed its current RenderFrameHost. |
| 358 parent_ = frame_tree_node_->parent()->current_frame_host(); | 359 parent_ = frame_tree_node_->parent()->current_frame_host(); |
| 359 | 360 |
| 361 // All frames in a page are expected to have the same bindings. |
| 362 if (parent_->GetEnabledBindings()) |
| 363 enabled_bindings_ = parent_->GetEnabledBindings(); |
| 364 |
| 360 // New child frames should inherit the nav_entry_id of their parent. | 365 // New child frames should inherit the nav_entry_id of their parent. |
| 361 set_nav_entry_id( | 366 set_nav_entry_id( |
| 362 frame_tree_node_->parent()->current_frame_host()->nav_entry_id()); | 367 frame_tree_node_->parent()->current_frame_host()->nav_entry_id()); |
| 363 } | 368 } |
| 364 | 369 |
| 365 SetUpMojoIfNeeded(); | 370 SetUpMojoIfNeeded(); |
| 366 swapout_event_monitor_timeout_.reset(new TimeoutMonitor(base::Bind( | 371 swapout_event_monitor_timeout_.reset(new TimeoutMonitor(base::Bind( |
| 367 &RenderFrameHostImpl::OnSwappedOut, weak_ptr_factory_.GetWeakPtr()))); | 372 &RenderFrameHostImpl::OnSwappedOut, weak_ptr_factory_.GetWeakPtr()))); |
| 368 | 373 |
| 369 if (widget_routing_id != MSG_ROUTING_NONE) { | 374 if (widget_routing_id != MSG_ROUTING_NONE) { |
| (...skipping 579 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 949 if (created) { | 954 if (created) { |
| 950 SetUpMojoIfNeeded(); | 955 SetUpMojoIfNeeded(); |
| 951 delegate_->RenderFrameCreated(this); | 956 delegate_->RenderFrameCreated(this); |
| 952 } else { | 957 } else { |
| 953 delegate_->RenderFrameDeleted(this); | 958 delegate_->RenderFrameDeleted(this); |
| 954 } | 959 } |
| 955 } | 960 } |
| 956 | 961 |
| 957 if (created && render_widget_host_) | 962 if (created && render_widget_host_) |
| 958 render_widget_host_->InitForFrame(); | 963 render_widget_host_->InitForFrame(); |
| 964 |
| 965 if (enabled_bindings_ && created) { |
| 966 if (!frame_bindings_control_) |
| 967 GetRemoteAssociatedInterfaces()->GetInterface(&frame_bindings_control_); |
| 968 frame_bindings_control_->AllowBindings(enabled_bindings_); |
| 969 } |
| 959 } | 970 } |
| 960 | 971 |
| 961 void RenderFrameHostImpl::Init() { | 972 void RenderFrameHostImpl::Init() { |
| 962 ResourceDispatcherHost::ResumeBlockedRequestsForFrameFromUI(this); | 973 ResourceDispatcherHost::ResumeBlockedRequestsForFrameFromUI(this); |
| 963 if (!waiting_for_init_) | 974 if (!waiting_for_init_) |
| 964 return; | 975 return; |
| 965 | 976 |
| 966 waiting_for_init_ = false; | 977 waiting_for_init_ = false; |
| 967 if (pendinging_navigate_) { | 978 if (pendinging_navigate_) { |
| 968 frame_tree_node()->navigator()->OnBeginNavigation( | 979 frame_tree_node()->navigator()->OnBeginNavigation( |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1014 // TODO(lukasza): Call ReceivedBadMessage when |frame_unique_name| is empty. | 1025 // TODO(lukasza): Call ReceivedBadMessage when |frame_unique_name| is empty. |
| 1015 DCHECK(!frame_unique_name.empty()); | 1026 DCHECK(!frame_unique_name.empty()); |
| 1016 | 1027 |
| 1017 // It is possible that while a new RenderFrameHost was committed, the | 1028 // It is possible that while a new RenderFrameHost was committed, the |
| 1018 // RenderFrame corresponding to this host sent an IPC message to create a | 1029 // RenderFrame corresponding to this host sent an IPC message to create a |
| 1019 // frame and it is delivered after this host is swapped out. | 1030 // frame and it is delivered after this host is swapped out. |
| 1020 // Ignore such messages, as we know this RenderFrameHost is going away. | 1031 // Ignore such messages, as we know this RenderFrameHost is going away. |
| 1021 if (!is_active() || frame_tree_node_->current_frame_host() != this) | 1032 if (!is_active() || frame_tree_node_->current_frame_host() != this) |
| 1022 return; | 1033 return; |
| 1023 | 1034 |
| 1024 frame_tree_->AddFrame(frame_tree_node_, GetProcess()->GetID(), new_routing_id, | 1035 frame_tree_->AddFrame( |
| 1025 scope, frame_name, frame_unique_name, sandbox_flags, | 1036 frame_tree_node_, GetProcess()->GetID(), new_routing_id, scope, |
| 1026 frame_owner_properties); | 1037 frame_name, frame_unique_name, sandbox_flags, frame_owner_properties); |
| 1027 } | 1038 } |
| 1028 | 1039 |
| 1029 void RenderFrameHostImpl::OnCreateNewWindow( | 1040 void RenderFrameHostImpl::OnCreateNewWindow( |
| 1030 int32_t render_view_route_id, | 1041 int32_t render_view_route_id, |
| 1031 int32_t main_frame_route_id, | 1042 int32_t main_frame_route_id, |
| 1032 int32_t main_frame_widget_route_id, | 1043 int32_t main_frame_widget_route_id, |
| 1033 const mojom::CreateNewWindowParams& params, | 1044 const mojom::CreateNewWindowParams& params, |
| 1034 SessionStorageNamespace* session_storage_namespace) { | 1045 SessionStorageNamespace* session_storage_namespace) { |
| 1035 mojom::CreateNewWindowParamsPtr validated_params(params.Clone()); | 1046 mojom::CreateNewWindowParamsPtr validated_params(params.Clone()); |
| 1036 GetProcess()->FilterURL(false, &validated_params->target_url); | 1047 GetProcess()->FilterURL(false, &validated_params->target_url); |
| (...skipping 303 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1340 } | 1351 } |
| 1341 | 1352 |
| 1342 RenderWidgetHostView* RenderFrameHostImpl::GetView() { | 1353 RenderWidgetHostView* RenderFrameHostImpl::GetView() { |
| 1343 return GetRenderWidgetHost()->GetView(); | 1354 return GetRenderWidgetHost()->GetView(); |
| 1344 } | 1355 } |
| 1345 | 1356 |
| 1346 GlobalFrameRoutingId RenderFrameHostImpl::GetGlobalFrameRoutingId() { | 1357 GlobalFrameRoutingId RenderFrameHostImpl::GetGlobalFrameRoutingId() { |
| 1347 return GlobalFrameRoutingId(GetProcess()->GetID(), GetRoutingID()); | 1358 return GlobalFrameRoutingId(GetProcess()->GetID(), GetRoutingID()); |
| 1348 } | 1359 } |
| 1349 | 1360 |
| 1350 int RenderFrameHostImpl::GetEnabledBindings() { | |
| 1351 return render_view_host_->GetEnabledBindings(); | |
| 1352 } | |
| 1353 | |
| 1354 void RenderFrameHostImpl::SetNavigationHandle( | 1361 void RenderFrameHostImpl::SetNavigationHandle( |
| 1355 std::unique_ptr<NavigationHandleImpl> navigation_handle) { | 1362 std::unique_ptr<NavigationHandleImpl> navigation_handle) { |
| 1356 navigation_handle_ = std::move(navigation_handle); | 1363 navigation_handle_ = std::move(navigation_handle); |
| 1357 | 1364 |
| 1358 // TODO(clamy): Remove this debug code once we understand better how we get to | 1365 // TODO(clamy): Remove this debug code once we understand better how we get to |
| 1359 // the point of attempting to transfer a navigation from a RFH that is no | 1366 // the point of attempting to transfer a navigation from a RFH that is no |
| 1360 // longer active. | 1367 // longer active. |
| 1361 if (navigation_handle_ && !is_active()) | 1368 if (navigation_handle_ && !is_active()) |
| 1362 base::debug::DumpWithoutCrashing(); | 1369 base::debug::DumpWithoutCrashing(); |
| 1363 } | 1370 } |
| (...skipping 365 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1729 } | 1736 } |
| 1730 | 1737 |
| 1731 void RenderFrameHostImpl::RequestFocusedFormFieldData( | 1738 void RenderFrameHostImpl::RequestFocusedFormFieldData( |
| 1732 FormFieldDataCallback& callback) { | 1739 FormFieldDataCallback& callback) { |
| 1733 static int next_id = 1; | 1740 static int next_id = 1; |
| 1734 int request_id = ++next_id; | 1741 int request_id = ++next_id; |
| 1735 form_field_data_callbacks_[request_id] = callback; | 1742 form_field_data_callbacks_[request_id] = callback; |
| 1736 Send(new FrameMsg_FocusedFormFieldDataRequest(GetRoutingID(), request_id)); | 1743 Send(new FrameMsg_FocusedFormFieldDataRequest(GetRoutingID(), request_id)); |
| 1737 } | 1744 } |
| 1738 | 1745 |
| 1746 void RenderFrameHostImpl::AllowBindings(int bindings_flags) { |
| 1747 // Never grant any bindings to browser plugin guests. |
| 1748 if (GetProcess()->IsForGuestsOnly()) { |
| 1749 NOTREACHED() << "Never grant bindings to a guest process."; |
| 1750 return; |
| 1751 } |
| 1752 |
| 1753 // Ensure we aren't granting WebUI bindings to a process that has already |
| 1754 // been used for non-privileged views. |
| 1755 if (bindings_flags & BINDINGS_POLICY_WEB_UI && |
| 1756 GetProcess()->HasConnection() && |
| 1757 !ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( |
| 1758 GetProcess()->GetID())) { |
| 1759 // This process has no bindings yet. Make sure it does not have more |
| 1760 // than this single active view. |
| 1761 // --single-process only has one renderer. |
| 1762 if (GetProcess()->GetActiveViewCount() > 1 && |
| 1763 !base::CommandLine::ForCurrentProcess()->HasSwitch( |
| 1764 switches::kSingleProcess)) |
| 1765 return; |
| 1766 } |
| 1767 |
| 1768 if (bindings_flags & BINDINGS_POLICY_WEB_UI) { |
| 1769 ChildProcessSecurityPolicyImpl::GetInstance()->GrantWebUIBindings( |
| 1770 GetProcess()->GetID()); |
| 1771 } |
| 1772 |
| 1773 enabled_bindings_ |= bindings_flags; |
| 1774 if (GetParent()) |
| 1775 DCHECK_EQ(GetParent()->GetEnabledBindings(), GetEnabledBindings()); |
| 1776 |
| 1777 if (render_frame_created_) { |
| 1778 if (!frame_bindings_control_) |
| 1779 GetRemoteAssociatedInterfaces()->GetInterface(&frame_bindings_control_); |
| 1780 frame_bindings_control_->AllowBindings(enabled_bindings_); |
| 1781 } |
| 1782 } |
| 1783 |
| 1784 int RenderFrameHostImpl::GetEnabledBindings() const { |
| 1785 return enabled_bindings_; |
| 1786 } |
| 1787 |
| 1739 void RenderFrameHostImpl::OnFocusedFormFieldDataResponse( | 1788 void RenderFrameHostImpl::OnFocusedFormFieldDataResponse( |
| 1740 int request_id, | 1789 int request_id, |
| 1741 const FormFieldData& field_data) { | 1790 const FormFieldData& field_data) { |
| 1742 auto it = form_field_data_callbacks_.find(request_id); | 1791 auto it = form_field_data_callbacks_.find(request_id); |
| 1743 if (it != form_field_data_callbacks_.end()) { | 1792 if (it != form_field_data_callbacks_.end()) { |
| 1744 it->second.Run(field_data); | 1793 it->second.Run(field_data); |
| 1745 form_field_data_callbacks_.erase(it); | 1794 form_field_data_callbacks_.erase(it); |
| 1746 } | 1795 } |
| 1747 } | 1796 } |
| 1748 | 1797 |
| (...skipping 975 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2724 BrowserContext::GetServiceManagerConnectionFor( | 2773 BrowserContext::GetServiceManagerConnectionFor( |
| 2725 GetProcess()->GetBrowserContext()); | 2774 GetProcess()->GetBrowserContext()); |
| 2726 // |service_manager_connection| may be null in tests using TestBrowserContext. | 2775 // |service_manager_connection| may be null in tests using TestBrowserContext. |
| 2727 if (service_manager_connection) { | 2776 if (service_manager_connection) { |
| 2728 service_manager_connection->RemoveOnConnectHandler(on_connect_handler_id_); | 2777 service_manager_connection->RemoveOnConnectHandler(on_connect_handler_id_); |
| 2729 on_connect_handler_id_ = 0; | 2778 on_connect_handler_id_ = 0; |
| 2730 } | 2779 } |
| 2731 | 2780 |
| 2732 frame_.reset(); | 2781 frame_.reset(); |
| 2733 frame_host_binding_.Close(); | 2782 frame_host_binding_.Close(); |
| 2783 frame_bindings_control_.reset(); |
| 2734 | 2784 |
| 2735 // Disconnect with ImageDownloader Mojo service in RenderFrame. | 2785 // Disconnect with ImageDownloader Mojo service in RenderFrame. |
| 2736 mojo_image_downloader_.reset(); | 2786 mojo_image_downloader_.reset(); |
| 2737 } | 2787 } |
| 2738 | 2788 |
| 2739 bool RenderFrameHostImpl::IsFocused() { | 2789 bool RenderFrameHostImpl::IsFocused() { |
| 2740 return GetRenderWidgetHost()->is_focused() && | 2790 return GetRenderWidgetHost()->is_focused() && |
| 2741 frame_tree_->GetFocusedFrame() && | 2791 frame_tree_->GetFocusedFrame() && |
| 2742 (frame_tree_->GetFocusedFrame() == frame_tree_node() || | 2792 (frame_tree_->GetFocusedFrame() == frame_tree_node() || |
| 2743 frame_tree_->GetFocusedFrame()->IsDescendantOf(frame_tree_node())); | 2793 frame_tree_->GetFocusedFrame()->IsDescendantOf(frame_tree_node())); |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2782 base::UserMetricsAction("ProcessSwapBindingsMismatch_RVHM")); | 2832 base::UserMetricsAction("ProcessSwapBindingsMismatch_RVHM")); |
| 2783 ClearPendingWebUI(); | 2833 ClearPendingWebUI(); |
| 2784 } | 2834 } |
| 2785 } | 2835 } |
| 2786 } | 2836 } |
| 2787 DCHECK_EQ(!pending_web_ui_, pending_web_ui_type_ == WebUI::kNoWebUI); | 2837 DCHECK_EQ(!pending_web_ui_, pending_web_ui_type_ == WebUI::kNoWebUI); |
| 2788 | 2838 |
| 2789 // Either grant or check the RenderViewHost with/for proper bindings. | 2839 // Either grant or check the RenderViewHost with/for proper bindings. |
| 2790 if (pending_web_ui_ && !render_view_host_->GetProcess()->IsForGuestsOnly()) { | 2840 if (pending_web_ui_ && !render_view_host_->GetProcess()->IsForGuestsOnly()) { |
| 2791 // If a WebUI was created for the URL and the RenderView is not in a guest | 2841 // If a WebUI was created for the URL and the RenderView is not in a guest |
| 2792 // process, then enable missing bindings with the RenderViewHost. | 2842 // process, then enable missing bindings. |
| 2793 int new_bindings = pending_web_ui_->GetBindings(); | 2843 int new_bindings = pending_web_ui_->GetBindings(); |
| 2794 if ((render_view_host_->GetEnabledBindings() & new_bindings) != | 2844 if ((GetEnabledBindings() & new_bindings) != new_bindings) { |
| 2795 new_bindings) { | 2845 AllowBindings(new_bindings); |
| 2796 render_view_host_->AllowBindings(new_bindings); | |
| 2797 } | 2846 } |
| 2798 } else if (render_view_host_->is_active()) { | 2847 } else if (render_view_host_->is_active()) { |
| 2799 // If the ongoing navigation is not to a WebUI or the RenderView is in a | 2848 // If the ongoing navigation is not to a WebUI or the RenderView is in a |
| 2800 // guest process, ensure that we don't create an unprivileged RenderView in | 2849 // guest process, ensure that we don't create an unprivileged RenderView in |
| 2801 // a WebUI-enabled process unless it's swapped out. | 2850 // a WebUI-enabled process unless it's swapped out. |
| 2802 bool url_acceptable_for_webui = | 2851 bool url_acceptable_for_webui = |
| 2803 WebUIControllerFactoryRegistry::GetInstance()->IsURLAcceptableForWebUI( | 2852 WebUIControllerFactoryRegistry::GetInstance()->IsURLAcceptableForWebUI( |
| 2804 GetSiteInstance()->GetBrowserContext(), dest_url); | 2853 GetSiteInstance()->GetBrowserContext(), dest_url); |
| 2805 if (!url_acceptable_for_webui) { | 2854 if (!url_acceptable_for_webui) { |
| 2806 CHECK(!ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( | 2855 CHECK(!ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( |
| (...skipping 588 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3395 // There is no pending NavigationEntry in these cases, so pass 0 as the | 3444 // There is no pending NavigationEntry in these cases, so pass 0 as the |
| 3396 // pending_nav_entry_id. If the previous handle was a prematurely aborted | 3445 // pending_nav_entry_id. If the previous handle was a prematurely aborted |
| 3397 // navigation loaded via LoadDataWithBaseURL, propagate the entry id. | 3446 // navigation loaded via LoadDataWithBaseURL, propagate the entry id. |
| 3398 return NavigationHandleImpl::Create( | 3447 return NavigationHandleImpl::Create( |
| 3399 params.url, frame_tree_node_, is_renderer_initiated, | 3448 params.url, frame_tree_node_, is_renderer_initiated, |
| 3400 params.was_within_same_page, base::TimeTicks::Now(), | 3449 params.was_within_same_page, base::TimeTicks::Now(), |
| 3401 entry_id_for_data_nav, false); // started_from_context_menu | 3450 entry_id_for_data_nav, false); // started_from_context_menu |
| 3402 } | 3451 } |
| 3403 | 3452 |
| 3404 } // namespace content | 3453 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2566583002:
Change allowed bindings to be per RenderFrame instead of per RenderView. (Closed)
