OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/frame_host/ancestor_throttle.h" | 5 #include "content/browser/frame_host/ancestor_throttle.h" |
6 | 6 |
7 #include "base/metrics/histogram_macros.h" | 7 #include "base/metrics/histogram_macros.h" |
8 #include "base/strings/string_split.h" | 8 #include "base/strings/string_split.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
(...skipping 154 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
165 return NavigationThrottle::BLOCK_RESPONSE; | 165 return NavigationThrottle::BLOCK_RESPONSE; |
166 } | 166 } |
167 | 167 |
168 AncestorThrottle::AncestorThrottle(NavigationHandle* handle) | 168 AncestorThrottle::AncestorThrottle(NavigationHandle* handle) |
169 : NavigationThrottle(handle) {} | 169 : NavigationThrottle(handle) {} |
170 | 170 |
171 void AncestorThrottle::ParseError(const std::string& value, | 171 void AncestorThrottle::ParseError(const std::string& value, |
172 HeaderDisposition disposition) { | 172 HeaderDisposition disposition) { |
173 DCHECK(disposition == HeaderDisposition::CONFLICT || | 173 DCHECK(disposition == HeaderDisposition::CONFLICT || |
174 disposition == HeaderDisposition::INVALID); | 174 disposition == HeaderDisposition::INVALID); |
| 175 if (!navigation_handle()->GetRenderFrameHost()) |
| 176 return; // Some responses won't have a RFH (i.e. 204/205s or downloads). |
175 | 177 |
176 std::string message; | 178 std::string message; |
177 if (disposition == HeaderDisposition::CONFLICT) { | 179 if (disposition == HeaderDisposition::CONFLICT) { |
178 message = base::StringPrintf( | 180 message = base::StringPrintf( |
179 "Refused to display '%s' in a frame because it set multiple " | 181 "Refused to display '%s' in a frame because it set multiple " |
180 "'X-Frame-Options' headers with conflicting values " | 182 "'X-Frame-Options' headers with conflicting values " |
181 "('%s'). Falling back to 'deny'.", | 183 "('%s'). Falling back to 'deny'.", |
182 navigation_handle()->GetURL().spec().c_str(), value.c_str()); | 184 navigation_handle()->GetURL().spec().c_str(), value.c_str()); |
183 } else { | 185 } else { |
184 message = base::StringPrintf( | 186 message = base::StringPrintf( |
185 "Invalid 'X-Frame-Options' header encountered when loading '%s': " | 187 "Invalid 'X-Frame-Options' header encountered when loading '%s': " |
186 "'%s' is not a recognized directive. The header will be ignored.", | 188 "'%s' is not a recognized directive. The header will be ignored.", |
187 navigation_handle()->GetURL().spec().c_str(), value.c_str()); | 189 navigation_handle()->GetURL().spec().c_str(), value.c_str()); |
188 } | 190 } |
189 | 191 |
190 // Log a console error in the parent of the current RenderFrameHost (as | 192 // Log a console error in the parent of the current RenderFrameHost (as |
191 // the current RenderFrameHost itself doesn't yet have a document). | 193 // the current RenderFrameHost itself doesn't yet have a document). |
192 navigation_handle()->GetRenderFrameHost()->GetParent()->AddMessageToConsole( | 194 navigation_handle()->GetRenderFrameHost()->GetParent()->AddMessageToConsole( |
193 CONSOLE_MESSAGE_LEVEL_ERROR, message); | 195 CONSOLE_MESSAGE_LEVEL_ERROR, message); |
194 } | 196 } |
195 | 197 |
196 void AncestorThrottle::ConsoleError(HeaderDisposition disposition) { | 198 void AncestorThrottle::ConsoleError(HeaderDisposition disposition) { |
197 DCHECK(disposition == HeaderDisposition::DENY || | 199 DCHECK(disposition == HeaderDisposition::DENY || |
198 disposition == HeaderDisposition::SAMEORIGIN); | 200 disposition == HeaderDisposition::SAMEORIGIN); |
| 201 if (!navigation_handle()->GetRenderFrameHost()) |
| 202 return; // Some responses won't have a RFH (i.e. 204/205s or downloads). |
| 203 |
199 std::string message = base::StringPrintf( | 204 std::string message = base::StringPrintf( |
200 "Refused to display '%s' in a frame because it set 'X-Frame-Options' " | 205 "Refused to display '%s' in a frame because it set 'X-Frame-Options' " |
201 "to '%s'.", | 206 "to '%s'.", |
202 navigation_handle()->GetURL().spec().c_str(), | 207 navigation_handle()->GetURL().spec().c_str(), |
203 disposition == HeaderDisposition::DENY ? "deny" : "sameorigin"); | 208 disposition == HeaderDisposition::DENY ? "deny" : "sameorigin"); |
204 | 209 |
205 // Log a console error in the parent of the current RenderFrameHost (as | 210 // Log a console error in the parent of the current RenderFrameHost (as |
206 // the current RenderFrameHost itself doesn't yet have a document). | 211 // the current RenderFrameHost itself doesn't yet have a document). |
207 navigation_handle()->GetRenderFrameHost()->GetParent()->AddMessageToConsole( | 212 navigation_handle()->GetRenderFrameHost()->GetParent()->AddMessageToConsole( |
208 CONSOLE_MESSAGE_LEVEL_ERROR, message); | 213 CONSOLE_MESSAGE_LEVEL_ERROR, message); |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
255 HeadersContainFrameAncestorsCSP(headers)) { | 260 HeadersContainFrameAncestorsCSP(headers)) { |
256 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should | 261 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should |
257 // handle it here instead. Until then, don't block the request, and let | 262 // handle it here instead. Until then, don't block the request, and let |
258 // Blink handle it. https://crbug.com/555418 | 263 // Blink handle it. https://crbug.com/555418 |
259 return HeaderDisposition::BYPASS; | 264 return HeaderDisposition::BYPASS; |
260 } | 265 } |
261 return result; | 266 return result; |
262 } | 267 } |
263 | 268 |
264 } // namespace content | 269 } // namespace content |
OLD | NEW |