| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/render_frame_host_impl.h" | 5 #include "content/browser/frame_host/render_frame_host_impl.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 #include "content/public/browser/browser_thread.h" | 75 #include "content/public/browser/browser_thread.h" |
| 76 #include "content/public/browser/content_browser_client.h" | 76 #include "content/public/browser/content_browser_client.h" |
| 77 #include "content/public/browser/permission_manager.h" | 77 #include "content/public/browser/permission_manager.h" |
| 78 #include "content/public/browser/permission_type.h" | 78 #include "content/public/browser/permission_type.h" |
| 79 #include "content/public/browser/render_process_host.h" | 79 #include "content/public/browser/render_process_host.h" |
| 80 #include "content/public/browser/render_widget_host_view.h" | 80 #include "content/public/browser/render_widget_host_view.h" |
| 81 #include "content/public/browser/resource_context.h" | 81 #include "content/public/browser/resource_context.h" |
| 82 #include "content/public/browser/storage_partition.h" | 82 #include "content/public/browser/storage_partition.h" |
| 83 #include "content/public/browser/stream_handle.h" | 83 #include "content/public/browser/stream_handle.h" |
| 84 #include "content/public/browser/user_metrics.h" | 84 #include "content/public/browser/user_metrics.h" |
| 85 #include "content/public/common/bindings_policy.h" |
| 85 #include "content/public/common/browser_side_navigation_policy.h" | 86 #include "content/public/common/browser_side_navigation_policy.h" |
| 86 #include "content/public/common/content_constants.h" | 87 #include "content/public/common/content_constants.h" |
| 87 #include "content/public/common/content_features.h" | 88 #include "content/public/common/content_features.h" |
| 88 #include "content/public/common/content_switches.h" | 89 #include "content/public/common/content_switches.h" |
| 89 #include "content/public/common/file_chooser_file_info.h" | 90 #include "content/public/common/file_chooser_file_info.h" |
| 90 #include "content/public/common/file_chooser_params.h" | 91 #include "content/public/common/file_chooser_params.h" |
| 91 #include "content/public/common/form_field_data.h" | 92 #include "content/public/common/form_field_data.h" |
| 92 #include "content/public/common/isolated_world_ids.h" | 93 #include "content/public/common/isolated_world_ids.h" |
| 93 #include "content/public/common/service_manager_connection.h" | 94 #include "content/public/common/service_manager_connection.h" |
| 94 #include "content/public/common/service_names.mojom.h" | 95 #include "content/public/common/service_names.mojom.h" |
| (...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 353 this)); | 354 this)); |
| 354 site_instance_->AddObserver(this); | 355 site_instance_->AddObserver(this); |
| 355 GetSiteInstance()->IncrementActiveFrameCount(); | 356 GetSiteInstance()->IncrementActiveFrameCount(); |
| 356 | 357 |
| 357 if (frame_tree_node_->parent()) { | 358 if (frame_tree_node_->parent()) { |
| 358 // Keep track of the parent RenderFrameHost, which shouldn't change even if | 359 // Keep track of the parent RenderFrameHost, which shouldn't change even if |
| 359 // this RenderFrameHost is on the pending deletion list and the parent | 360 // this RenderFrameHost is on the pending deletion list and the parent |
| 360 // FrameTreeNode has changed its current RenderFrameHost. | 361 // FrameTreeNode has changed its current RenderFrameHost. |
| 361 parent_ = frame_tree_node_->parent()->current_frame_host(); | 362 parent_ = frame_tree_node_->parent()->current_frame_host(); |
| 362 | 363 |
| 364 // All frames in a page are expected to have the same bindings. |
| 365 if (parent_->GetEnabledBindings()) |
| 366 enabled_bindings_ = parent_->GetEnabledBindings(); |
| 367 |
| 363 // New child frames should inherit the nav_entry_id of their parent. | 368 // New child frames should inherit the nav_entry_id of their parent. |
| 364 set_nav_entry_id( | 369 set_nav_entry_id( |
| 365 frame_tree_node_->parent()->current_frame_host()->nav_entry_id()); | 370 frame_tree_node_->parent()->current_frame_host()->nav_entry_id()); |
| 366 } | 371 } |
| 367 | 372 |
| 368 SetUpMojoIfNeeded(); | 373 SetUpMojoIfNeeded(); |
| 369 swapout_event_monitor_timeout_.reset(new TimeoutMonitor(base::Bind( | 374 swapout_event_monitor_timeout_.reset(new TimeoutMonitor(base::Bind( |
| 370 &RenderFrameHostImpl::OnSwappedOut, weak_ptr_factory_.GetWeakPtr()))); | 375 &RenderFrameHostImpl::OnSwappedOut, weak_ptr_factory_.GetWeakPtr()))); |
| 371 | 376 |
| 372 if (widget_routing_id != MSG_ROUTING_NONE) { | 377 if (widget_routing_id != MSG_ROUTING_NONE) { |
| (...skipping 581 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 954 if (created) { | 959 if (created) { |
| 955 SetUpMojoIfNeeded(); | 960 SetUpMojoIfNeeded(); |
| 956 delegate_->RenderFrameCreated(this); | 961 delegate_->RenderFrameCreated(this); |
| 957 } else { | 962 } else { |
| 958 delegate_->RenderFrameDeleted(this); | 963 delegate_->RenderFrameDeleted(this); |
| 959 } | 964 } |
| 960 } | 965 } |
| 961 | 966 |
| 962 if (created && render_widget_host_) | 967 if (created && render_widget_host_) |
| 963 render_widget_host_->InitForFrame(); | 968 render_widget_host_->InitForFrame(); |
| 969 |
| 970 if (enabled_bindings_ && created) { |
| 971 if (!frame_bindings_control_) |
| 972 GetRemoteAssociatedInterfaces()->GetInterface(&frame_bindings_control_); |
| 973 frame_bindings_control_->AllowBindings(enabled_bindings_); |
| 974 } |
| 964 } | 975 } |
| 965 | 976 |
| 966 void RenderFrameHostImpl::Init() { | 977 void RenderFrameHostImpl::Init() { |
| 967 ResourceDispatcherHost::ResumeBlockedRequestsForFrameFromUI(this); | 978 ResourceDispatcherHost::ResumeBlockedRequestsForFrameFromUI(this); |
| 968 if (!waiting_for_init_) | 979 if (!waiting_for_init_) |
| 969 return; | 980 return; |
| 970 | 981 |
| 971 waiting_for_init_ = false; | 982 waiting_for_init_ = false; |
| 972 if (pendinging_navigate_) { | 983 if (pendinging_navigate_) { |
| 973 frame_tree_node()->navigator()->OnBeginNavigation( | 984 frame_tree_node()->navigator()->OnBeginNavigation( |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1019 // TODO(lukasza): Call ReceivedBadMessage when |frame_unique_name| is empty. | 1030 // TODO(lukasza): Call ReceivedBadMessage when |frame_unique_name| is empty. |
| 1020 DCHECK(!frame_unique_name.empty()); | 1031 DCHECK(!frame_unique_name.empty()); |
| 1021 | 1032 |
| 1022 // It is possible that while a new RenderFrameHost was committed, the | 1033 // It is possible that while a new RenderFrameHost was committed, the |
| 1023 // RenderFrame corresponding to this host sent an IPC message to create a | 1034 // RenderFrame corresponding to this host sent an IPC message to create a |
| 1024 // frame and it is delivered after this host is swapped out. | 1035 // frame and it is delivered after this host is swapped out. |
| 1025 // Ignore such messages, as we know this RenderFrameHost is going away. | 1036 // Ignore such messages, as we know this RenderFrameHost is going away. |
| 1026 if (!is_active() || frame_tree_node_->current_frame_host() != this) | 1037 if (!is_active() || frame_tree_node_->current_frame_host() != this) |
| 1027 return; | 1038 return; |
| 1028 | 1039 |
| 1029 frame_tree_->AddFrame(frame_tree_node_, GetProcess()->GetID(), new_routing_id, | 1040 frame_tree_->AddFrame( |
| 1030 scope, frame_name, frame_unique_name, sandbox_flags, | 1041 frame_tree_node_, GetProcess()->GetID(), new_routing_id, scope, |
| 1031 frame_owner_properties); | 1042 frame_name, frame_unique_name, sandbox_flags, frame_owner_properties); |
| 1032 } | 1043 } |
| 1033 | 1044 |
| 1034 void RenderFrameHostImpl::OnCreateNewWindow( | 1045 void RenderFrameHostImpl::OnCreateNewWindow( |
| 1035 int32_t render_view_route_id, | 1046 int32_t render_view_route_id, |
| 1036 int32_t main_frame_route_id, | 1047 int32_t main_frame_route_id, |
| 1037 int32_t main_frame_widget_route_id, | 1048 int32_t main_frame_widget_route_id, |
| 1038 const mojom::CreateNewWindowParams& params, | 1049 const mojom::CreateNewWindowParams& params, |
| 1039 SessionStorageNamespace* session_storage_namespace) { | 1050 SessionStorageNamespace* session_storage_namespace) { |
| 1040 mojom::CreateNewWindowParamsPtr validated_params(params.Clone()); | 1051 mojom::CreateNewWindowParamsPtr validated_params(params.Clone()); |
| 1041 GetProcess()->FilterURL(false, &validated_params->target_url); | 1052 GetProcess()->FilterURL(false, &validated_params->target_url); |
| (...skipping 301 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1343 } | 1354 } |
| 1344 | 1355 |
| 1345 RenderWidgetHostView* RenderFrameHostImpl::GetView() { | 1356 RenderWidgetHostView* RenderFrameHostImpl::GetView() { |
| 1346 return GetRenderWidgetHost()->GetView(); | 1357 return GetRenderWidgetHost()->GetView(); |
| 1347 } | 1358 } |
| 1348 | 1359 |
| 1349 GlobalFrameRoutingId RenderFrameHostImpl::GetGlobalFrameRoutingId() { | 1360 GlobalFrameRoutingId RenderFrameHostImpl::GetGlobalFrameRoutingId() { |
| 1350 return GlobalFrameRoutingId(GetProcess()->GetID(), GetRoutingID()); | 1361 return GlobalFrameRoutingId(GetProcess()->GetID(), GetRoutingID()); |
| 1351 } | 1362 } |
| 1352 | 1363 |
| 1353 int RenderFrameHostImpl::GetEnabledBindings() { | |
| 1354 return render_view_host_->GetEnabledBindings(); | |
| 1355 } | |
| 1356 | |
| 1357 void RenderFrameHostImpl::SetNavigationHandle( | 1364 void RenderFrameHostImpl::SetNavigationHandle( |
| 1358 std::unique_ptr<NavigationHandleImpl> navigation_handle) { | 1365 std::unique_ptr<NavigationHandleImpl> navigation_handle) { |
| 1359 navigation_handle_ = std::move(navigation_handle); | 1366 navigation_handle_ = std::move(navigation_handle); |
| 1360 | 1367 |
| 1361 // TODO(clamy): Remove this debug code once we understand better how we get to | 1368 // TODO(clamy): Remove this debug code once we understand better how we get to |
| 1362 // the point of attempting to transfer a navigation from a RFH that is no | 1369 // the point of attempting to transfer a navigation from a RFH that is no |
| 1363 // longer active. | 1370 // longer active. |
| 1364 if (navigation_handle_ && !is_active()) | 1371 if (navigation_handle_ && !is_active()) |
| 1365 base::debug::DumpWithoutCrashing(); | 1372 base::debug::DumpWithoutCrashing(); |
| 1366 } | 1373 } |
| (...skipping 364 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1731 } | 1738 } |
| 1732 | 1739 |
| 1733 void RenderFrameHostImpl::RequestFocusedFormFieldData( | 1740 void RenderFrameHostImpl::RequestFocusedFormFieldData( |
| 1734 FormFieldDataCallback& callback) { | 1741 FormFieldDataCallback& callback) { |
| 1735 static int next_id = 1; | 1742 static int next_id = 1; |
| 1736 int request_id = ++next_id; | 1743 int request_id = ++next_id; |
| 1737 form_field_data_callbacks_[request_id] = callback; | 1744 form_field_data_callbacks_[request_id] = callback; |
| 1738 Send(new FrameMsg_FocusedFormFieldDataRequest(GetRoutingID(), request_id)); | 1745 Send(new FrameMsg_FocusedFormFieldDataRequest(GetRoutingID(), request_id)); |
| 1739 } | 1746 } |
| 1740 | 1747 |
| 1748 void RenderFrameHostImpl::AllowBindings(int bindings_flags) { |
| 1749 // Never grant any bindings to browser plugin guests. |
| 1750 if (GetProcess()->IsForGuestsOnly()) { |
| 1751 NOTREACHED() << "Never grant bindings to a guest process."; |
| 1752 return; |
| 1753 } |
| 1754 |
| 1755 // Ensure we aren't granting WebUI bindings to a process that has already |
| 1756 // been used for non-privileged views. |
| 1757 if (bindings_flags & BINDINGS_POLICY_WEB_UI && |
| 1758 GetProcess()->HasConnection() && |
| 1759 !ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( |
| 1760 GetProcess()->GetID())) { |
| 1761 // This process has no bindings yet. Make sure it does not have more |
| 1762 // than this single active view. |
| 1763 // --single-process only has one renderer. |
| 1764 if (GetProcess()->GetActiveViewCount() > 1 && |
| 1765 !base::CommandLine::ForCurrentProcess()->HasSwitch( |
| 1766 switches::kSingleProcess)) |
| 1767 return; |
| 1768 } |
| 1769 |
| 1770 if (bindings_flags & BINDINGS_POLICY_WEB_UI) { |
| 1771 ChildProcessSecurityPolicyImpl::GetInstance()->GrantWebUIBindings( |
| 1772 GetProcess()->GetID()); |
| 1773 } |
| 1774 |
| 1775 enabled_bindings_ |= bindings_flags; |
| 1776 if (GetParent()) |
| 1777 DCHECK_EQ(GetParent()->GetEnabledBindings(), GetEnabledBindings()); |
| 1778 |
| 1779 if (render_frame_created_) { |
| 1780 if (!frame_bindings_control_) |
| 1781 GetRemoteAssociatedInterfaces()->GetInterface(&frame_bindings_control_); |
| 1782 frame_bindings_control_->AllowBindings(enabled_bindings_); |
| 1783 } |
| 1784 } |
| 1785 |
| 1786 int RenderFrameHostImpl::GetEnabledBindings() const { |
| 1787 return enabled_bindings_; |
| 1788 } |
| 1789 |
| 1741 void RenderFrameHostImpl::OnFocusedFormFieldDataResponse( | 1790 void RenderFrameHostImpl::OnFocusedFormFieldDataResponse( |
| 1742 int request_id, | 1791 int request_id, |
| 1743 const FormFieldData& field_data) { | 1792 const FormFieldData& field_data) { |
| 1744 auto it = form_field_data_callbacks_.find(request_id); | 1793 auto it = form_field_data_callbacks_.find(request_id); |
| 1745 if (it != form_field_data_callbacks_.end()) { | 1794 if (it != form_field_data_callbacks_.end()) { |
| 1746 it->second.Run(field_data); | 1795 it->second.Run(field_data); |
| 1747 form_field_data_callbacks_.erase(it); | 1796 form_field_data_callbacks_.erase(it); |
| 1748 } | 1797 } |
| 1749 } | 1798 } |
| 1750 | 1799 |
| (...skipping 984 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2735 BrowserContext::GetServiceManagerConnectionFor( | 2784 BrowserContext::GetServiceManagerConnectionFor( |
| 2736 GetProcess()->GetBrowserContext()); | 2785 GetProcess()->GetBrowserContext()); |
| 2737 // |service_manager_connection| may be null in tests using TestBrowserContext. | 2786 // |service_manager_connection| may be null in tests using TestBrowserContext. |
| 2738 if (service_manager_connection) { | 2787 if (service_manager_connection) { |
| 2739 service_manager_connection->RemoveOnConnectHandler(on_connect_handler_id_); | 2788 service_manager_connection->RemoveOnConnectHandler(on_connect_handler_id_); |
| 2740 on_connect_handler_id_ = 0; | 2789 on_connect_handler_id_ = 0; |
| 2741 } | 2790 } |
| 2742 | 2791 |
| 2743 frame_.reset(); | 2792 frame_.reset(); |
| 2744 frame_host_binding_.Close(); | 2793 frame_host_binding_.Close(); |
| 2794 frame_bindings_control_.reset(); |
| 2745 | 2795 |
| 2746 // Disconnect with ImageDownloader Mojo service in RenderFrame. | 2796 // Disconnect with ImageDownloader Mojo service in RenderFrame. |
| 2747 mojo_image_downloader_.reset(); | 2797 mojo_image_downloader_.reset(); |
| 2748 } | 2798 } |
| 2749 | 2799 |
| 2750 bool RenderFrameHostImpl::IsFocused() { | 2800 bool RenderFrameHostImpl::IsFocused() { |
| 2751 return GetRenderWidgetHost()->is_focused() && | 2801 return GetRenderWidgetHost()->is_focused() && |
| 2752 frame_tree_->GetFocusedFrame() && | 2802 frame_tree_->GetFocusedFrame() && |
| 2753 (frame_tree_->GetFocusedFrame() == frame_tree_node() || | 2803 (frame_tree_->GetFocusedFrame() == frame_tree_node() || |
| 2754 frame_tree_->GetFocusedFrame()->IsDescendantOf(frame_tree_node())); | 2804 frame_tree_->GetFocusedFrame()->IsDescendantOf(frame_tree_node())); |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2793 base::UserMetricsAction("ProcessSwapBindingsMismatch_RVHM")); | 2843 base::UserMetricsAction("ProcessSwapBindingsMismatch_RVHM")); |
| 2794 ClearPendingWebUI(); | 2844 ClearPendingWebUI(); |
| 2795 } | 2845 } |
| 2796 } | 2846 } |
| 2797 } | 2847 } |
| 2798 DCHECK_EQ(!pending_web_ui_, pending_web_ui_type_ == WebUI::kNoWebUI); | 2848 DCHECK_EQ(!pending_web_ui_, pending_web_ui_type_ == WebUI::kNoWebUI); |
| 2799 | 2849 |
| 2800 // Either grant or check the RenderViewHost with/for proper bindings. | 2850 // Either grant or check the RenderViewHost with/for proper bindings. |
| 2801 if (pending_web_ui_ && !render_view_host_->GetProcess()->IsForGuestsOnly()) { | 2851 if (pending_web_ui_ && !render_view_host_->GetProcess()->IsForGuestsOnly()) { |
| 2802 // If a WebUI was created for the URL and the RenderView is not in a guest | 2852 // If a WebUI was created for the URL and the RenderView is not in a guest |
| 2803 // process, then enable missing bindings with the RenderViewHost. | 2853 // process, then enable missing bindings. |
| 2804 int new_bindings = pending_web_ui_->GetBindings(); | 2854 int new_bindings = pending_web_ui_->GetBindings(); |
| 2805 if ((render_view_host_->GetEnabledBindings() & new_bindings) != | 2855 if ((GetEnabledBindings() & new_bindings) != new_bindings) { |
| 2806 new_bindings) { | 2856 AllowBindings(new_bindings); |
| 2807 render_view_host_->AllowBindings(new_bindings); | |
| 2808 } | 2857 } |
| 2809 } else if (render_view_host_->is_active()) { | 2858 } else if (render_view_host_->is_active()) { |
| 2810 // If the ongoing navigation is not to a WebUI or the RenderView is in a | 2859 // If the ongoing navigation is not to a WebUI or the RenderView is in a |
| 2811 // guest process, ensure that we don't create an unprivileged RenderView in | 2860 // guest process, ensure that we don't create an unprivileged RenderView in |
| 2812 // a WebUI-enabled process unless it's swapped out. | 2861 // a WebUI-enabled process unless it's swapped out. |
| 2813 bool url_acceptable_for_webui = | 2862 bool url_acceptable_for_webui = |
| 2814 WebUIControllerFactoryRegistry::GetInstance()->IsURLAcceptableForWebUI( | 2863 WebUIControllerFactoryRegistry::GetInstance()->IsURLAcceptableForWebUI( |
| 2815 GetSiteInstance()->GetBrowserContext(), dest_url); | 2864 GetSiteInstance()->GetBrowserContext(), dest_url); |
| 2816 if (!url_acceptable_for_webui) { | 2865 if (!url_acceptable_for_webui) { |
| 2817 CHECK(!ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( | 2866 CHECK(!ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings( |
| (...skipping 588 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3406 // There is no pending NavigationEntry in these cases, so pass 0 as the | 3455 // There is no pending NavigationEntry in these cases, so pass 0 as the |
| 3407 // pending_nav_entry_id. If the previous handle was a prematurely aborted | 3456 // pending_nav_entry_id. If the previous handle was a prematurely aborted |
| 3408 // navigation loaded via LoadDataWithBaseURL, propagate the entry id. | 3457 // navigation loaded via LoadDataWithBaseURL, propagate the entry id. |
| 3409 return NavigationHandleImpl::Create( | 3458 return NavigationHandleImpl::Create( |
| 3410 params.url, frame_tree_node_, is_renderer_initiated, | 3459 params.url, frame_tree_node_, is_renderer_initiated, |
| 3411 params.was_within_same_page, base::TimeTicks::Now(), | 3460 params.was_within_same_page, base::TimeTicks::Now(), |
| 3412 entry_id_for_data_nav, false); // started_from_context_menu | 3461 entry_id_for_data_nav, false); // started_from_context_menu |
| 3413 } | 3462 } |
| 3414 | 3463 |
| 3415 } // namespace content | 3464 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2566583002:
Change allowed bindings to be per RenderFrame instead of per RenderView. (Closed)
