Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(43)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/renderer/render_frame_impl.cc

Issue 2612793002: Implement ContentSecurityPolicy on the browser-side. (Closed)
Patch Set: Temporary re-add the parser + transmit parsed CSP over IPC. Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/common/frame_messages.h ('k') | content/renderer/render_frame_proxy.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/renderer/render_frame_impl.h" 5 #include "content/renderer/render_frame_impl.h"
6 6
7 #include <map> 7 #include <map>
8 #include <string> 8 #include <string>
9 #include <utility> 9 #include <utility>
10 #include <vector> 10 #include <vector>
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
45 #include "content/child/v8_value_converter_impl.h" 45 #include "content/child/v8_value_converter_impl.h"
46 #include "content/child/web_url_loader_impl.h" 46 #include "content/child/web_url_loader_impl.h"
47 #include "content/child/web_url_request_util.h" 47 #include "content/child/web_url_request_util.h"
48 #include "content/child/webmessageportchannel_impl.h" 48 #include "content/child/webmessageportchannel_impl.h"
49 #include "content/child/weburlresponse_extradata_impl.h" 49 #include "content/child/weburlresponse_extradata_impl.h"
50 #include "content/common/accessibility_messages.h" 50 #include "content/common/accessibility_messages.h"
51 #include "content/common/associated_interface_provider_impl.h" 51 #include "content/common/associated_interface_provider_impl.h"
52 #include "content/common/associated_interfaces.mojom.h" 52 #include "content/common/associated_interfaces.mojom.h"
53 #include "content/common/clipboard_messages.h" 53 #include "content/common/clipboard_messages.h"
54 #include "content/common/content_constants_internal.h" 54 #include "content/common/content_constants_internal.h"
55 #include "content/common/content_security_policy/csp_context.h"
55 #include "content/common/content_security_policy_header.h" 56 #include "content/common/content_security_policy_header.h"
56 #include "content/common/download/mhtml_save_status.h" 57 #include "content/common/download/mhtml_save_status.h"
57 #include "content/common/edit_command.h" 58 #include "content/common/edit_command.h"
58 #include "content/common/frame_messages.h" 59 #include "content/common/frame_messages.h"
59 #include "content/common/frame_owner_properties.h" 60 #include "content/common/frame_owner_properties.h"
60 #include "content/common/frame_replication_state.h" 61 #include "content/common/frame_replication_state.h"
61 #include "content/common/input_messages.h" 62 #include "content/common/input_messages.h"
62 #include "content/common/navigation_params.h" 63 #include "content/common/navigation_params.h"
63 #include "content/common/page_messages.h" 64 #include "content/common/page_messages.h"
64 #include "content/common/savable_subframe.h" 65 #include "content/common/savable_subframe.h"
(...skipping 3124 matching lines...) Expand 10 before | Expand all | Expand 10 after
3189 void RenderFrameImpl::didSetFeaturePolicyHeader( 3190 void RenderFrameImpl::didSetFeaturePolicyHeader(
3190 const blink::WebParsedFeaturePolicy& parsed_header) { 3191 const blink::WebParsedFeaturePolicy& parsed_header) {
3191 Send(new FrameHostMsg_DidSetFeaturePolicyHeader( 3192 Send(new FrameHostMsg_DidSetFeaturePolicyHeader(
3192 routing_id_, ToParsedFeaturePolicy(parsed_header))); 3193 routing_id_, ToParsedFeaturePolicy(parsed_header)));
3193 } 3194 }
3194 3195
3195 void RenderFrameImpl::didAddContentSecurityPolicy( 3196 void RenderFrameImpl::didAddContentSecurityPolicy(
3196 const blink::WebString& header_value, 3197 const blink::WebString& header_value,
3197 blink::WebContentSecurityPolicyType type, 3198 blink::WebContentSecurityPolicyType type,
3198 blink::WebContentSecurityPolicySource source) { 3199 blink::WebContentSecurityPolicySource source) {
3199 if (!SiteIsolationPolicy::AreCrossProcessFramesPossible()) 3200 //if (!SiteIsolationPolicy::AreCrossProcessFramesPossible())
nasko 2017/01/23 22:54:50 nit: Hopefully not committing this, right? :)
3200 return; 3201 //return;
3201 3202
3202 ContentSecurityPolicyHeader header; 3203 ContentSecurityPolicyHeader header;
3203 header.header_value = base::UTF16ToUTF8(base::StringPiece16(header_value)); 3204 header.header_value = base::UTF16ToUTF8(base::StringPiece16(header_value));
3204 header.type = type; 3205 header.type = type;
3205 header.source = source; 3206 header.source = source;
3206 Send(new FrameHostMsg_DidAddContentSecurityPolicy(routing_id_, header)); 3207 CSPContext context;
3208 Send(new FrameHostMsg_DidAddContentSecurityPolicy(
3209 routing_id_, header, CSPPolicy::Parse(&context, header)));
3207 } 3210 }
3208 3211
3209 void RenderFrameImpl::didChangeFrameOwnerProperties( 3212 void RenderFrameImpl::didChangeFrameOwnerProperties(
3210 blink::WebFrame* child_frame, 3213 blink::WebFrame* child_frame,
3211 const blink::WebFrameOwnerProperties& frame_owner_properties) { 3214 const blink::WebFrameOwnerProperties& frame_owner_properties) {
3212 Send(new FrameHostMsg_DidChangeFrameOwnerProperties( 3215 Send(new FrameHostMsg_DidChangeFrameOwnerProperties(
3213 routing_id_, GetRoutingIdForFrameOrProxy(child_frame), 3216 routing_id_, GetRoutingIdForFrameOrProxy(child_frame),
3214 FrameOwnerProperties(frame_owner_properties))); 3217 FrameOwnerProperties(frame_owner_properties)));
3215 } 3218 }
3216 3219
(...skipping 3649 matching lines...) Expand 10 before | Expand all | Expand 10 after
6866 // event target. Potentially a Pepper plugin will receive the event. 6869 // event target. Potentially a Pepper plugin will receive the event.
6867 // In order to tell whether a plugin gets the last mouse event and which it 6870 // In order to tell whether a plugin gets the last mouse event and which it
6868 // is, we set |pepper_last_mouse_event_target_| to null here. If a plugin gets 6871 // is, we set |pepper_last_mouse_event_target_| to null here. If a plugin gets
6869 // the event, it will notify us via DidReceiveMouseEvent() and set itself as 6872 // the event, it will notify us via DidReceiveMouseEvent() and set itself as
6870 // |pepper_last_mouse_event_target_|. 6873 // |pepper_last_mouse_event_target_|.
6871 pepper_last_mouse_event_target_ = nullptr; 6874 pepper_last_mouse_event_target_ = nullptr;
6872 #endif 6875 #endif
6873 } 6876 }
6874 6877
6875 } // namespace content 6878 } // namespace content
OLDNEW
« no previous file with comments | « content/common/frame_messages.h ('k') | content/renderer/render_frame_proxy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698