OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/frame_host/render_frame_message_filter.h" | 5 #include "content/browser/frame_host/render_frame_message_filter.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/macros.h" | 8 #include "base/macros.h" |
9 #include "base/metrics/field_trial.h" | |
10 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
11 #include "build/build_config.h" | 10 #include "build/build_config.h" |
12 #include "content/browser/bad_message.h" | 11 #include "content/browser/bad_message.h" |
13 #include "content/browser/blob_storage/chrome_blob_storage_context.h" | 12 #include "content/browser/blob_storage/chrome_blob_storage_context.h" |
14 #include "content/browser/child_process_security_policy_impl.h" | 13 #include "content/browser/child_process_security_policy_impl.h" |
15 #include "content/browser/download/download_stats.h" | 14 #include "content/browser/download/download_stats.h" |
16 #include "content/browser/frame_host/render_frame_host_impl.h" | 15 #include "content/browser/frame_host/render_frame_host_impl.h" |
17 #include "content/browser/gpu/gpu_data_manager_impl.h" | 16 #include "content/browser/gpu/gpu_data_manager_impl.h" |
18 #include "content/browser/renderer_host/render_widget_helper.h" | 17 #include "content/browser/renderer_host/render_widget_helper.h" |
19 #include "content/browser/resource_context_impl.h" | 18 #include "content/browser/resource_context_impl.h" |
20 #include "content/common/content_constants_internal.h" | 19 #include "content/common/content_constants_internal.h" |
21 #include "content/common/frame_messages.h" | 20 #include "content/common/frame_messages.h" |
22 #include "content/common/frame_owner_properties.h" | 21 #include "content/common/frame_owner_properties.h" |
23 #include "content/common/view_messages.h" | 22 #include "content/common/view_messages.h" |
24 #include "content/public/browser/browser_context.h" | 23 #include "content/public/browser/browser_context.h" |
25 #include "content/public/browser/browser_thread.h" | 24 #include "content/public/browser/browser_thread.h" |
26 #include "content/public/browser/download_manager.h" | 25 #include "content/public/browser/download_manager.h" |
27 #include "content/public/browser/download_url_parameters.h" | 26 #include "content/public/browser/download_url_parameters.h" |
28 #include "content/public/common/content_constants.h" | 27 #include "content/public/common/content_constants.h" |
29 #include "content/public/common/content_switches.h" | |
30 #include "gpu/GLES2/gl2extchromium.h" | 28 #include "gpu/GLES2/gl2extchromium.h" |
31 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" | 29 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
32 #include "net/cookies/cookie_options.h" | 30 #include "net/cookies/cookie_options.h" |
33 #include "net/cookies/cookie_store.h" | 31 #include "net/cookies/cookie_store.h" |
34 #include "net/url_request/url_request_context.h" | 32 #include "net/url_request/url_request_context.h" |
35 #include "net/url_request/url_request_context_getter.h" | 33 #include "net/url_request/url_request_context_getter.h" |
36 #include "ppapi/features/features.h" | 34 #include "ppapi/features/features.h" |
37 #include "storage/browser/blob/blob_storage_context.h" | 35 #include "storage/browser/blob/blob_storage_context.h" |
38 #include "url/gurl.h" | 36 #include "url/gurl.h" |
39 #include "url/origin.h" | 37 #include "url/origin.h" |
(...skipping 10 matching lines...) Expand all Loading... |
50 #endif | 48 #endif |
51 | 49 |
52 namespace content { | 50 namespace content { |
53 | 51 |
54 namespace { | 52 namespace { |
55 | 53 |
56 #if BUILDFLAG(ENABLE_PLUGINS) | 54 #if BUILDFLAG(ENABLE_PLUGINS) |
57 const int kPluginsRefreshThresholdInSeconds = 3; | 55 const int kPluginsRefreshThresholdInSeconds = 3; |
58 #endif | 56 #endif |
59 | 57 |
60 const char kEnforceStrictSecureExperiment[] = "StrictSecureCookies"; | |
61 | |
62 void CreateChildFrameOnUI(int process_id, | 58 void CreateChildFrameOnUI(int process_id, |
63 int parent_routing_id, | 59 int parent_routing_id, |
64 blink::WebTreeScopeType scope, | 60 blink::WebTreeScopeType scope, |
65 const std::string& frame_name, | 61 const std::string& frame_name, |
66 const std::string& frame_unique_name, | 62 const std::string& frame_unique_name, |
67 blink::WebSandboxFlags sandbox_flags, | 63 blink::WebSandboxFlags sandbox_flags, |
68 const FrameOwnerProperties& frame_owner_properties, | 64 const FrameOwnerProperties& frame_owner_properties, |
69 int new_routing_id) { | 65 int new_routing_id) { |
70 DCHECK_CURRENTLY_ON(BrowserThread::UI); | 66 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
71 RenderFrameHostImpl* render_frame_host = | 67 RenderFrameHostImpl* render_frame_host = |
(...skipping 317 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
389 const std::string& cookie) { | 385 const std::string& cookie) { |
390 ChildProcessSecurityPolicyImpl* policy = | 386 ChildProcessSecurityPolicyImpl* policy = |
391 ChildProcessSecurityPolicyImpl::GetInstance(); | 387 ChildProcessSecurityPolicyImpl::GetInstance(); |
392 if (!policy->CanAccessDataForOrigin(render_process_id_, url)) { | 388 if (!policy->CanAccessDataForOrigin(render_process_id_, url)) { |
393 bad_message::ReceivedBadMessage(this, | 389 bad_message::ReceivedBadMessage(this, |
394 bad_message::RFMF_SET_COOKIE_BAD_ORIGIN); | 390 bad_message::RFMF_SET_COOKIE_BAD_ORIGIN); |
395 return; | 391 return; |
396 } | 392 } |
397 | 393 |
398 net::CookieOptions options; | 394 net::CookieOptions options; |
399 bool experimental_web_platform_features_enabled = | |
400 base::CommandLine::ForCurrentProcess()->HasSwitch( | |
401 switches::kEnableExperimentalWebPlatformFeatures); | |
402 const std::string enforce_strict_secure_group = | |
403 base::FieldTrialList::FindFullName(kEnforceStrictSecureExperiment); | |
404 if (experimental_web_platform_features_enabled || | |
405 base::StartsWith(enforce_strict_secure_group, "Enabled", | |
406 base::CompareCase::INSENSITIVE_ASCII)) { | |
407 options.set_enforce_strict_secure(); | |
408 } | |
409 if (GetContentClient()->browser()->AllowSetCookie( | 395 if (GetContentClient()->browser()->AllowSetCookie( |
410 url, first_party_for_cookies, cookie, resource_context_, | 396 url, first_party_for_cookies, cookie, resource_context_, |
411 render_process_id_, render_frame_id, options)) { | 397 render_process_id_, render_frame_id, options)) { |
412 net::URLRequestContext* context = GetRequestContextForURL(url); | 398 net::URLRequestContext* context = GetRequestContextForURL(url); |
413 // Pass a null callback since we don't care about when the 'set' completes. | 399 // Pass a null callback since we don't care about when the 'set' completes. |
414 context->cookie_store()->SetCookieWithOptionsAsync( | 400 context->cookie_store()->SetCookieWithOptionsAsync( |
415 url, cookie, options, net::CookieStore::SetCookiesCallback()); | 401 url, cookie, options, net::CookieStore::SetCookiesCallback()); |
416 } | 402 } |
417 } | 403 } |
418 | 404 |
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
604 net::URLRequestContext* context = | 590 net::URLRequestContext* context = |
605 GetContentClient()->browser()->OverrideRequestContextForURL( | 591 GetContentClient()->browser()->OverrideRequestContextForURL( |
606 url, resource_context_); | 592 url, resource_context_); |
607 if (!context) | 593 if (!context) |
608 context = request_context_->GetURLRequestContext(); | 594 context = request_context_->GetURLRequestContext(); |
609 | 595 |
610 return context; | 596 return context; |
611 } | 597 } |
612 | 598 |
613 } // namespace content | 599 } // namespace content |
OLD | NEW |