Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(81)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/loader/FrameLoader.cpp

Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Rebase. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/loader/EmptyClients.cpp ('k') | third_party/WebKit/Source/web/LocalFrameClientImpl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights
3 * reserved. 3 * reserved.
4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) 4 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. 5 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved.
6 * (http://www.torchmobile.com/) 6 * (http://www.torchmobile.com/)
7 * Copyright (C) 2008 Alp Toker <alp@atoker.com> 7 * Copyright (C) 2008 Alp Toker <alp@atoker.com>
8 * Copyright (C) Research In Motion Limited 2009. All rights reserved. 8 * Copyright (C) Research In Motion Limited 2009. All rights reserved.
9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> 9 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com>
10 * Copyright (C) 2011 Google Inc. All rights reserved. 10 * Copyright (C) 2011 Google Inc. All rights reserved.
(...skipping 1642 matching lines...) Expand 10 before | Expand all | Expand 10 after
1653 ContentSecurityPolicyDisposition shouldCheckMainWorldContentSecurityPolicy, 1653 ContentSecurityPolicyDisposition shouldCheckMainWorldContentSecurityPolicy,
1654 NavigationType type, 1654 NavigationType type,
1655 NavigationPolicy policy, 1655 NavigationPolicy policy,
1656 FrameLoadType frameLoadType, 1656 FrameLoadType frameLoadType,
1657 bool isClientRedirect, 1657 bool isClientRedirect,
1658 HTMLFormElement* form) { 1658 HTMLFormElement* form) {
1659 // Don't ask if we are loading an empty URL. 1659 // Don't ask if we are loading an empty URL.
1660 if (request.url().isEmpty() || substituteData.isValid()) 1660 if (request.url().isEmpty() || substituteData.isValid())
1661 return NavigationPolicyCurrentTab; 1661 return NavigationPolicyCurrentTab;
1662 1662
1663 Settings* settings = m_frame->settings();
1664 bool browserSideNavigationEnabled =
1665 settings && settings->getBrowserSideNavigationEnabled();
1666
1663 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check 1667 // If we're loading content into |m_frame| (NavigationPolicyCurrentTab), check
1664 // against the parent's Content Security Policy and kill the load if that 1668 // against the parent's Content Security Policy and kill the load if that
1665 // check fails, unless we should bypass the main world's CSP. 1669 // check fails, unless we should bypass the main world's CSP.
1666 if (policy == NavigationPolicyCurrentTab && 1670 if (policy == NavigationPolicyCurrentTab &&
1667 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy) { 1671 shouldCheckMainWorldContentSecurityPolicy == CheckContentSecurityPolicy &&
1672 // TODO(arthursonzogni): 'frame-src' check is disabled on the
1673 // renderer side with browser-side-navigation, but is enforced on the
1674 // browser side. See http://crbug.com/692595 for understanding why it
1675 // can't be enforced on both sides instead.
1676 !browserSideNavigationEnabled) {
1668 Frame* parentFrame = m_frame->tree().parent(); 1677 Frame* parentFrame = m_frame->tree().parent();
1669 if (parentFrame) { 1678 if (parentFrame) {
1670 ContentSecurityPolicy* parentPolicy = 1679 ContentSecurityPolicy* parentPolicy =
1671 parentFrame->securityContext()->contentSecurityPolicy(); 1680 parentFrame->securityContext()->contentSecurityPolicy();
1672 if (!parentPolicy->allowFrameFromSource(request.url(), 1681 if (!parentPolicy->allowFrameFromSource(request.url(),
1673 request.redirectStatus())) { 1682 request.redirectStatus())) {
1674 // Fire a load event, as timing attacks would otherwise reveal that the 1683 // Fire a load event, as timing attacks would otherwise reveal that the
1675 // frame was blocked. This way, it looks like every other cross-origin 1684 // frame was blocked. This way, it looks like every other cross-origin
1676 // page load. 1685 // page load.
1677 m_frame->document()->enforceSandboxFlags(SandboxOrigin); 1686 m_frame->document()->enforceSandboxFlags(SandboxOrigin);
1678 m_frame->owner()->dispatchLoad(); 1687 m_frame->owner()->dispatchLoad();
1679 return NavigationPolicyIgnore; 1688 return NavigationPolicyIgnore;
1680 } 1689 }
1681 } 1690 }
1682 } 1691 }
1683 1692
1684 bool isFormSubmission = type == NavigationTypeFormSubmitted || 1693 bool isFormSubmission = type == NavigationTypeFormSubmitted ||
1685 type == NavigationTypeFormResubmitted; 1694 type == NavigationTypeFormResubmitted;
1686 if (isFormSubmission && 1695 if (isFormSubmission &&
1687 !m_frame->document()->contentSecurityPolicy()->allowFormAction( 1696 !m_frame->document()->contentSecurityPolicy()->allowFormAction(
1688 request.url(), request.redirectStatus())) { 1697 request.url(), request.redirectStatus())) {
1689 return NavigationPolicyIgnore; 1698 return NavigationPolicyIgnore;
1690 } 1699 }
1691 1700
1692 bool replacesCurrentHistoryItem = 1701 bool replacesCurrentHistoryItem =
1693 frameLoadType == FrameLoadTypeReplaceCurrentItem; 1702 frameLoadType == FrameLoadTypeReplaceCurrentItem;
1694 policy = client()->decidePolicyForNavigation(request, loader, type, policy, 1703 policy = client()->decidePolicyForNavigation(
1695 replacesCurrentHistoryItem, 1704 request, loader, type, policy, replacesCurrentHistoryItem,
1696 isClientRedirect, form); 1705 isClientRedirect, form, shouldCheckMainWorldContentSecurityPolicy);
1697 if (policy == NavigationPolicyCurrentTab || 1706 if (policy == NavigationPolicyCurrentTab ||
1698 policy == NavigationPolicyIgnore || 1707 policy == NavigationPolicyIgnore ||
1699 policy == NavigationPolicyHandledByClient || 1708 policy == NavigationPolicyHandledByClient ||
1700 policy == NavigationPolicyHandledByClientForInitialHistory) { 1709 policy == NavigationPolicyHandledByClientForInitialHistory) {
1701 return policy; 1710 return policy;
1702 } 1711 }
1703 1712
1704 if (!LocalDOMWindow::allowPopUp(*m_frame) && 1713 if (!LocalDOMWindow::allowPopUp(*m_frame) &&
1705 !UserGestureIndicator::utilizeUserGesture()) 1714 !UserGestureIndicator::utilizeUserGesture())
1706 return NavigationPolicyIgnore; 1715 return NavigationPolicyIgnore;
(...skipping 312 matching lines...) Expand 10 before | Expand all | Expand 10 after
2019 frameLoadRequest.clientRedirect()); 2028 frameLoadRequest.clientRedirect());
2020 2029
2021 loader->setLoadType(loadType); 2030 loader->setLoadType(loadType);
2022 loader->setNavigationType(navigationType); 2031 loader->setNavigationType(navigationType);
2023 loader->setReplacesCurrentHistoryItem(loadType == 2032 loader->setReplacesCurrentHistoryItem(loadType ==
2024 FrameLoadTypeReplaceCurrentItem); 2033 FrameLoadTypeReplaceCurrentItem);
2025 return loader; 2034 return loader;
2026 } 2035 }
2027 2036
2028 } // namespace blink 2037 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/loader/EmptyClients.cpp ('k') | third_party/WebKit/Source/web/LocalFrameClientImpl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698