Chromium Code Reviews Chromium Code Reviews
Issue 2655463006:
PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/navigation_handle_impl.h" | 5 #include "content/browser/frame_host/navigation_handle_impl.h" |
| 6 | 6 |
| 7 #include <iterator> | 7 #include <iterator> |
| 8 | 8 |
| 9 #include "base/debug/dump_without_crashing.h" | 9 #include "base/debug/dump_without_crashing.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 58 | 58 |
| 59 // static | 59 // static |
| 60 std::unique_ptr<NavigationHandleImpl> NavigationHandleImpl::Create( | 60 std::unique_ptr<NavigationHandleImpl> NavigationHandleImpl::Create( |
| 61 const GURL& url, | 61 const GURL& url, |
| 62 const std::vector<GURL>& redirect_chain, | 62 const std::vector<GURL>& redirect_chain, |
| 63 FrameTreeNode* frame_tree_node, | 63 FrameTreeNode* frame_tree_node, |
| 64 bool is_renderer_initiated, | 64 bool is_renderer_initiated, |
| 65 bool is_same_page, | 65 bool is_same_page, |
| 66 const base::TimeTicks& navigation_start, | 66 const base::TimeTicks& navigation_start, |
| 67 int pending_nav_entry_id, | 67 int pending_nav_entry_id, |
| 68 bool started_from_context_menu) { | 68 bool started_from_context_menu, |
| 69 bool should_bypass_main_world_csp) { | |
| 69 return std::unique_ptr<NavigationHandleImpl>(new NavigationHandleImpl( | 70 return std::unique_ptr<NavigationHandleImpl>(new NavigationHandleImpl( |
| 70 url, redirect_chain, frame_tree_node, is_renderer_initiated, is_same_page, | 71 url, redirect_chain, frame_tree_node, is_renderer_initiated, is_same_page, |
| 71 navigation_start, pending_nav_entry_id, | 72 navigation_start, pending_nav_entry_id, started_from_context_menu, |
| 72 started_from_context_menu)); | 73 should_bypass_main_world_csp)); |
| 73 } | 74 } |
| 74 | 75 |
| 75 NavigationHandleImpl::NavigationHandleImpl( | 76 NavigationHandleImpl::NavigationHandleImpl( |
| 76 const GURL& url, | 77 const GURL& url, |
| 77 const std::vector<GURL>& redirect_chain, | 78 const std::vector<GURL>& redirect_chain, |
| 78 FrameTreeNode* frame_tree_node, | 79 FrameTreeNode* frame_tree_node, |
| 79 bool is_renderer_initiated, | 80 bool is_renderer_initiated, |
| 80 bool is_same_page, | 81 bool is_same_page, |
| 81 const base::TimeTicks& navigation_start, | 82 const base::TimeTicks& navigation_start, |
| 82 int pending_nav_entry_id, | 83 int pending_nav_entry_id, |
| 83 bool started_from_context_menu) | 84 bool started_from_context_menu, |
| 85 bool should_bypass_main_world_csp) | |
| 84 : url_(url), | 86 : url_(url), |
| 85 has_user_gesture_(false), | 87 has_user_gesture_(false), |
| 86 transition_(ui::PAGE_TRANSITION_LINK), | 88 transition_(ui::PAGE_TRANSITION_LINK), |
| 87 is_external_protocol_(false), | 89 is_external_protocol_(false), |
| 88 net_error_code_(net::OK), | 90 net_error_code_(net::OK), |
| 89 render_frame_host_(nullptr), | 91 render_frame_host_(nullptr), |
| 90 is_renderer_initiated_(is_renderer_initiated), | 92 is_renderer_initiated_(is_renderer_initiated), |
| 91 is_same_page_(is_same_page), | 93 is_same_page_(is_same_page), |
| 92 was_redirected_(false), | 94 was_redirected_(false), |
| 93 did_replace_entry_(false), | 95 did_replace_entry_(false), |
| 94 should_update_history_(false), | 96 should_update_history_(false), |
| 95 connection_info_(net::HttpResponseInfo::CONNECTION_INFO_UNKNOWN), | 97 connection_info_(net::HttpResponseInfo::CONNECTION_INFO_UNKNOWN), |
| 96 original_url_(url), | 98 original_url_(url), |
| 97 state_(INITIAL), | 99 state_(INITIAL), |
| 98 is_transferring_(false), | 100 is_transferring_(false), |
| 99 frame_tree_node_(frame_tree_node), | 101 frame_tree_node_(frame_tree_node), |
| 100 next_index_(0), | 102 next_index_(0), |
| 101 navigation_start_(navigation_start), | 103 navigation_start_(navigation_start), |
| 102 pending_nav_entry_id_(pending_nav_entry_id), | 104 pending_nav_entry_id_(pending_nav_entry_id), |
| 103 request_context_type_(REQUEST_CONTEXT_TYPE_UNSPECIFIED), | 105 request_context_type_(REQUEST_CONTEXT_TYPE_UNSPECIFIED), |
| 104 mixed_content_context_type_(blink::WebMixedContentContextType::Blockable), | 106 mixed_content_context_type_(blink::WebMixedContentContextType::Blockable), |
| 105 should_replace_current_entry_(false), | 107 should_replace_current_entry_(false), |
| 106 redirect_chain_(redirect_chain), | 108 redirect_chain_(redirect_chain), |
| 107 is_download_(false), | 109 is_download_(false), |
| 108 is_stream_(false), | 110 is_stream_(false), |
| 109 started_from_context_menu_(started_from_context_menu), | 111 started_from_context_menu_(started_from_context_menu), |
| 110 reload_type_(ReloadType::NONE), | 112 reload_type_(ReloadType::NONE), |
| 111 navigation_type_(NAVIGATION_TYPE_UNKNOWN), | 113 navigation_type_(NAVIGATION_TYPE_UNKNOWN), |
| 114 should_bypass_main_world_csp_(should_bypass_main_world_csp), | |
| 112 weak_factory_(this) { | 115 weak_factory_(this) { |
| 113 DCHECK(!navigation_start.is_null()); | 116 DCHECK(!navigation_start.is_null()); |
| 114 if (redirect_chain_.empty()) | 117 if (redirect_chain_.empty()) |
| 115 redirect_chain_.push_back(url); | 118 redirect_chain_.push_back(url); |
| 116 | 119 |
| 117 starting_site_instance_ = | 120 starting_site_instance_ = |
| 118 frame_tree_node_->current_frame_host()->GetSiteInstance(); | 121 frame_tree_node_->current_frame_host()->GetSiteInstance(); |
| 119 | 122 |
| 120 if (pending_nav_entry_id_) { | 123 if (pending_nav_entry_id_) { |
| 121 NavigationControllerImpl* nav_controller = | 124 NavigationControllerImpl* nav_controller = |
| (...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 449 } | 452 } |
| 450 | 453 |
| 451 ReloadType NavigationHandleImpl::GetReloadType() { | 454 ReloadType NavigationHandleImpl::GetReloadType() { |
| 452 return reload_type_; | 455 return reload_type_; |
| 453 } | 456 } |
| 454 | 457 |
| 455 NavigationData* NavigationHandleImpl::GetNavigationData() { | 458 NavigationData* NavigationHandleImpl::GetNavigationData() { |
| 456 return navigation_data_.get(); | 459 return navigation_data_.get(); |
| 457 } | 460 } |
| 458 | 461 |
| 462 bool NavigationHandleImpl::ShouldBypassMainWorldCSP() const { | |
|
alexmos
2017/02/14 06:57:20
nit: you can move this simple getter into to the h
arthursonzogni
2017/02/15 09:26:09
Done, but I can't move the implementation in the h
alexmos
2017/02/24 06:40:27
Ack, though that's surprising to me, as should_byp
arthursonzogni
2017/02/24 16:13:29
You are right, after this change, I removed the "o
| |
| 463 return should_bypass_main_world_csp_; | |
| 464 } | |
| 465 | |
| 459 const GlobalRequestID& NavigationHandleImpl::GetGlobalRequestID() { | 466 const GlobalRequestID& NavigationHandleImpl::GetGlobalRequestID() { |
| 460 DCHECK(state_ == WILL_PROCESS_RESPONSE || state_ == DEFERRING_RESPONSE || | 467 DCHECK(state_ == WILL_PROCESS_RESPONSE || state_ == DEFERRING_RESPONSE || |
| 461 state_ == READY_TO_COMMIT); | 468 state_ == READY_TO_COMMIT); |
| 462 return request_id_; | 469 return request_id_; |
| 463 } | 470 } |
| 464 | 471 |
| 465 void NavigationHandleImpl::InitServiceWorkerHandle( | 472 void NavigationHandleImpl::InitServiceWorkerHandle( |
| 466 ServiceWorkerContextWrapper* service_worker_context) { | 473 ServiceWorkerContextWrapper* service_worker_context) { |
| 467 DCHECK(IsBrowserSideNavigationEnabled()); | 474 DCHECK(IsBrowserSideNavigationEnabled()); |
| 468 service_worker_handle_.reset( | 475 service_worker_handle_.reset( |
| (...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 656 DCHECK(state_ == WILL_SEND_REQUEST || state_ == DEFERRING_START); | 663 DCHECK(state_ == WILL_SEND_REQUEST || state_ == DEFERRING_START); |
| 657 DCHECK(state_ != WILL_SEND_REQUEST || next_index_ == 0); | 664 DCHECK(state_ != WILL_SEND_REQUEST || next_index_ == 0); |
| 658 DCHECK(state_ != DEFERRING_START || next_index_ != 0); | 665 DCHECK(state_ != DEFERRING_START || next_index_ != 0); |
| 659 for (size_t i = next_index_; i < throttles_.size(); ++i) { | 666 for (size_t i = next_index_; i < throttles_.size(); ++i) { |
| 660 NavigationThrottle::ThrottleCheckResult result = | 667 NavigationThrottle::ThrottleCheckResult result = |
| 661 throttles_[i]->WillStartRequest(); | 668 throttles_[i]->WillStartRequest(); |
| 662 switch (result) { | 669 switch (result) { |
| 663 case NavigationThrottle::PROCEED: | 670 case NavigationThrottle::PROCEED: |
| 664 continue; | 671 continue; |
| 665 | 672 |
| 673 case NavigationThrottle::BLOCK_REQUEST: | |
| 666 case NavigationThrottle::CANCEL: | 674 case NavigationThrottle::CANCEL: |
| 667 case NavigationThrottle::CANCEL_AND_IGNORE: | 675 case NavigationThrottle::CANCEL_AND_IGNORE: |
| 668 case NavigationThrottle::BLOCK_REQUEST: | |
| 669 state_ = CANCELING; | 676 state_ = CANCELING; |
| 670 return result; | 677 return result; |
| 671 | 678 |
| 672 case NavigationThrottle::DEFER: | 679 case NavigationThrottle::DEFER: |
| 673 state_ = DEFERRING_START; | 680 state_ = DEFERRING_START; |
| 674 next_index_ = i + 1; | 681 next_index_ = i + 1; |
| 675 return result; | 682 return result; |
| 676 | 683 |
| 677 case NavigationThrottle::BLOCK_RESPONSE: | 684 case NavigationThrottle::BLOCK_RESPONSE: |
| 678 NOTREACHED(); | 685 NOTREACHED(); |
| 679 } | 686 } |
| 680 } | 687 } |
| 681 next_index_ = 0; | 688 next_index_ = 0; |
| 682 state_ = WILL_SEND_REQUEST; | 689 state_ = WILL_SEND_REQUEST; |
| 683 return NavigationThrottle::PROCEED; | 690 return NavigationThrottle::PROCEED; |
| 684 } | 691 } |
| 685 | 692 |
| 686 NavigationThrottle::ThrottleCheckResult | 693 NavigationThrottle::ThrottleCheckResult |
| 687 NavigationHandleImpl::CheckWillRedirectRequest() { | 694 NavigationHandleImpl::CheckWillRedirectRequest() { |
| 688 DCHECK(state_ == WILL_REDIRECT_REQUEST || state_ == DEFERRING_REDIRECT); | 695 DCHECK(state_ == WILL_REDIRECT_REQUEST || state_ == DEFERRING_REDIRECT); |
| 689 DCHECK(state_ != WILL_REDIRECT_REQUEST || next_index_ == 0); | 696 DCHECK(state_ != WILL_REDIRECT_REQUEST || next_index_ == 0); |
| 690 DCHECK(state_ != DEFERRING_REDIRECT || next_index_ != 0); | 697 DCHECK(state_ != DEFERRING_REDIRECT || next_index_ != 0); |
| 691 for (size_t i = next_index_; i < throttles_.size(); ++i) { | 698 for (size_t i = next_index_; i < throttles_.size(); ++i) { |
| 692 NavigationThrottle::ThrottleCheckResult result = | 699 NavigationThrottle::ThrottleCheckResult result = |
| 693 throttles_[i]->WillRedirectRequest(); | 700 throttles_[i]->WillRedirectRequest(); |
| 694 switch (result) { | 701 switch (result) { |
| 695 case NavigationThrottle::PROCEED: | 702 case NavigationThrottle::PROCEED: |
| 696 continue; | 703 continue; |
| 697 | 704 |
| 705 case NavigationThrottle::BLOCK_REQUEST: | |
| 698 case NavigationThrottle::CANCEL: | 706 case NavigationThrottle::CANCEL: |
| 699 case NavigationThrottle::CANCEL_AND_IGNORE: | 707 case NavigationThrottle::CANCEL_AND_IGNORE: |
| 700 state_ = CANCELING; | 708 state_ = CANCELING; |
| 701 return result; | 709 return result; |
| 702 | 710 |
| 703 case NavigationThrottle::DEFER: | 711 case NavigationThrottle::DEFER: |
| 704 state_ = DEFERRING_REDIRECT; | 712 state_ = DEFERRING_REDIRECT; |
| 705 next_index_ = i + 1; | 713 next_index_ = i + 1; |
| 706 return result; | 714 return result; |
| 707 | 715 |
| 708 case NavigationThrottle::BLOCK_REQUEST: | |
| 709 case NavigationThrottle::BLOCK_RESPONSE: | 716 case NavigationThrottle::BLOCK_RESPONSE: |
| 710 NOTREACHED(); | 717 NOTREACHED(); |
| 711 } | 718 } |
| 712 } | 719 } |
| 713 next_index_ = 0; | 720 next_index_ = 0; |
| 714 state_ = WILL_REDIRECT_REQUEST; | 721 state_ = WILL_REDIRECT_REQUEST; |
| 715 | 722 |
| 716 // Notify the delegate that a redirect was encountered and will be followed. | 723 // Notify the delegate that a redirect was encountered and will be followed. |
| 717 if (GetDelegate()) | 724 if (GetDelegate()) |
| 718 GetDelegate()->DidRedirectNavigation(this); | 725 GetDelegate()->DidRedirectNavigation(this); |
| (...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 883 content::AncestorThrottle::MaybeCreateThrottleFor(this); | 890 content::AncestorThrottle::MaybeCreateThrottleFor(this); |
| 884 if (ancestor_throttle) | 891 if (ancestor_throttle) |
| 885 throttles_.push_back(std::move(ancestor_throttle)); | 892 throttles_.push_back(std::move(ancestor_throttle)); |
| 886 | 893 |
| 887 throttles_.insert(throttles_.begin(), | 894 throttles_.insert(throttles_.begin(), |
| 888 std::make_move_iterator(throttles_to_register.begin()), | 895 std::make_move_iterator(throttles_to_register.begin()), |
| 889 std::make_move_iterator(throttles_to_register.end())); | 896 std::make_move_iterator(throttles_to_register.end())); |
| 890 } | 897 } |
| 891 | 898 |
| 892 } // namespace content | 899 } // namespace content |
| OLD | NEW |
