PlzNavigate: Enforce 'frame-src' CSP on the browser.

content/browser/frame_host/render_frame_host_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/frame_host/render_frame_host_impl.h"
 
 #include <algorithm>
 #include <utility>
 
 #include "base/bind.h"
@@ skipping 845 matching lines @@
   DCHECK_EQ(site_instance_.get(), site_instance);
 
   // The renderer process is gone, so this frame can no longer be loading.
   ResetLoadingState();
 
   // Any future UpdateState or UpdateTitle messages from this or a recreated
   // process should be ignored until the next commit.
   set_nav_entry_id(0);
 }
 
+void RenderFrameHostImpl::LogToConsole(const std::string& message) {
+  AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_ERROR, message);
+}
+
+void RenderFrameHostImpl::ReportContentSecurityPolicyViolation(
+    const CSPViolationParams& violation_params) {
+  Send(new FrameMsg_ReportContentSecurityPolicyViolation(routing_id_,
+                                                         violation_params));
+}
+
+bool RenderFrameHostImpl::SchemeShouldBypassCSP(
+    const base::StringPiece& scheme) {
+  // Blink uses its SchemeRegistry to check if a scheme should be bypassed.
+  // It can't be used on the browser process. It is used for two things:
+  // 1) Bypassing the "chrome-extension" scheme when chrome is built with the
+  //    extensions support.
+  // 2) Bypassing arbitrary scheme for testing purpose only in blink and in V8.
+  // TODO(arthursonzogni): url::GetBypassingCSPScheme() is used instead of the
+  // blink::SchemeRegistry. It contains 1) but not 2).
+  const auto& bypassing_schemes = url::GetCSPBypassingSchemes();
+  return std::find(bypassing_schemes.begin(), bypassing_schemes.end(),
+                   scheme) != bypassing_schemes.end();
+}
+
 bool RenderFrameHostImpl::CreateRenderFrame(int proxy_routing_id,
                                             int opener_routing_id,
                                             int parent_routing_id,
                                             int previous_sibling_routing_id) {
   TRACE_EVENT0("navigation", "RenderFrameHostImpl::CreateRenderFrame");
   DCHECK(!IsRenderFrameLive()) << "Creating frame twice";
 
   // The process may (if we're sharing a process with another host that already
   // initialized it) or may not (we have our own process or the old process
   // crashed) have been initialized. Calling Init multiple times will be
@@ skipping 178 matching lines @@
   if (frame_tree_node_->current_frame_host() == this) {
     delegate_->CreateNewWindow(GetSiteInstance(), render_view_route_id,
                                main_frame_route_id, main_frame_widget_route_id,
                                *validated_params, session_storage_namespace);
   }
 
   // Our caller (RenderWidgetHelper::OnCreateNewWindowOnUI) will send
   // ViewMsg_Close if the above step did not adopt |main_frame_route_id|.
 }
 
+void RenderFrameHostImpl::SetLastCommittedOrigin(const url::Origin& origin) {
+  last_committed_origin_ = origin;
+  CSPContext::SetSelf(origin);
+}
+
 void RenderFrameHostImpl::OnDetach() {
   frame_tree_->RemoveFrame(frame_tree_node_);
 }
 
 void RenderFrameHostImpl::OnFrameFocused() {
   delegate_->SetFocusedFrame(frame_tree_node_, GetSiteInstance());
 }
 
 void RenderFrameHostImpl::OnOpenURL(const FrameHostMsg_OpenURL_Params& params) {
   GURL validated_url(params.url);
@@ skipping 739 matching lines @@
 void RenderFrameHostImpl::OnDidSetFeaturePolicyHeader(
     const ParsedFeaturePolicyHeader& parsed_header) {
   frame_tree_node()->SetFeaturePolicyHeader(parsed_header);
   ResetFeaturePolicy();
   feature_policy_->SetHeaderPolicy(parsed_header);
 }
 
 void RenderFrameHostImpl::OnDidAddContentSecurityPolicy(
     const ContentSecurityPolicyHeader& header,
     const std::vector<ContentSecurityPolicy>& policies) {
-  frame_tree_node()->AddContentSecurityPolicy(header, policies);
+  frame_tree_node()->AddContentSecurityPolicy(header);
+  for (const ContentSecurityPolicy& policy : policies)
+    AddContentSecurityPolicy(policy);
 }
 
 void RenderFrameHostImpl::OnEnforceInsecureRequestPolicy(
     blink::WebInsecureRequestPolicy policy) {
   frame_tree_node()->SetInsecureRequestPolicy(policy);
 }
 
 void RenderFrameHostImpl::OnUpdateToUniqueOrigin(
     bool is_potentially_trustworthy_unique_origin) {
   url::Origin origin;
@@ skipping 667 matching lines @@
     OnDidStartLoading(true);
   }
 }
 
 void RenderFrameHostImpl::NavigateToInterstitialURL(const GURL& data_url) {
   DCHECK(data_url.SchemeIs(url::kDataScheme));
   CommonNavigationParams common_params(
       data_url, Referrer(), ui::PAGE_TRANSITION_LINK,
       FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT, false, false,
       base::TimeTicks::Now(), FrameMsg_UILoadMetricsReportType::NO_REPORT,
-      GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr);
+      GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr,
+      false /* should_bypass_main_world_csp */);
   if (IsBrowserSideNavigationEnabled()) {
     CommitNavigation(nullptr, nullptr, common_params, RequestNavigationParams(),
                      false);
   } else {
     Navigate(common_params, StartNavigationParams(), RequestNavigationParams());
   }
 }
 
 void RenderFrameHostImpl::Stop() {
   Send(new FrameMsg_Stop(routing_id_));
@@ skipping 904 matching lines @@
         NavigationEntryImpl::FromNavigationEntry(
             frame_tree_node()->navigator()->GetController()->GetPendingEntry());
     if (pending_entry && pending_entry->GetUniqueID() == params.nav_entry_id) {
       pending_nav_entry_id = params.nav_entry_id;
       is_renderer_initiated = pending_entry->is_renderer_initiated();
     }
 
     return NavigationHandleImpl::Create(
         params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
         params.was_within_same_page, base::TimeTicks::Now(),
-        pending_nav_entry_id, false);  // started_from_context_menu
+        pending_nav_entry_id,
+        false,   // started_from_context_menu
+        false);  // should_bypass_main_world_csp
   }
 
   // Determine if the current NavigationHandle can be used.
   if (navigation_handle_ && navigation_handle_->GetURL() == params.url) {
     return std::move(navigation_handle_);
   }
 
   // If the URL does not match what the NavigationHandle expects, treat the
   // commit as a new navigation. This can happen when loading a Data
   // navigation with LoadDataWithBaseURL.
@@ skipping 31 matching lines @@
     // Reset any existing NavigationHandle.
     navigation_handle_.reset();
   }
 
   // There is no pending NavigationEntry in these cases, so pass 0 as the
   // pending_nav_entry_id. If the previous handle was a prematurely aborted
   // navigation loaded via LoadDataWithBaseURL, propagate the entry id.
   return NavigationHandleImpl::Create(
       params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
       params.was_within_same_page, base::TimeTicks::Now(),
-      entry_id_for_data_nav, false);  // started_from_context_menu
+      entry_id_for_data_nav,
+      false,   // started_from_context_menu
+      false);  // should_bypass_main_world_csp
 }
 
 #if defined(OS_ANDROID)
 base::android::ScopedJavaLocalRef<jobject>
 RenderFrameHostImpl::GetJavaRenderFrameHost() {
   RenderFrameHostAndroid* render_frame_host_android =
       static_cast<RenderFrameHostAndroid*>(
           GetUserData(kRenderFrameHostAndroidKey));
   if (!render_frame_host_android) {
     render_frame_host_android = new RenderFrameHostAndroid(this);
     SetUserData(kRenderFrameHostAndroidKey, render_frame_host_android);
   }
   return render_frame_host_android->GetJavaObject();
 }
 #endif
 
 }  // namespace content