Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(726)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/frame_host/render_frame_host_impl.cc

Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Addressed comments Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/frame_host/render_frame_host_manager.cc » ('j') | content/common/frame_messages.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/render_frame_host_impl.cc
diff --git a/content/browser/frame_host/render_frame_host_impl.cc b/content/browser/frame_host/render_frame_host_impl.cc
index ff676db56414b28a6a8986670d5def976e6e88b8..e448a54e7ebf99e4b40d5dcaf04ea4d284cc2d17 100644
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
@@ -853,6 +853,30 @@ void RenderFrameHostImpl::RenderProcessGone(SiteInstanceImpl* site_instance) {
set_nav_entry_id(0);
}
+void RenderFrameHostImpl::LogToConsole(const std::string& message) {
+ AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_ERROR, message);
+}
+
+void RenderFrameHostImpl::ReportContentSecurityPolicyViolation(
+ const CSPViolationParams& violation_params) {
+ Send(new FrameMsg_ReportContentSecurityPolicyViolation(routing_id_,
+ violation_params));
+}
+
+bool RenderFrameHostImpl::SchemeShouldBypassCSP(
+ const base::StringPiece& scheme) {
+ // Blink uses its SchemeRegistry to check if a scheme should be bypassed.
+ // It can't be used on the browser process. It is used for two things:
+ // 1) Bypassing the "chrome-extension" scheme when chrome is built with the
+ // extensions support.
+ // 2) Bypassing arbitrary scheme for testing purpose only in blink and in V8.
+ // TODO(arthursonzogni): url::GetBypassingCSPScheme() is used instead of the
+ // blink::SchemeRegistry. It contains 1) but not 2).
+ const auto& bypassing_schemes = url::GetCSPBypassingSchemes();
+ return std::find(bypassing_schemes.begin(), bypassing_schemes.end(),
+ scheme) != bypassing_schemes.end();
+}
+
bool RenderFrameHostImpl::CreateRenderFrame(int proxy_routing_id,
int opener_routing_id,
int parent_routing_id,
@@ -1050,6 +1074,11 @@ void RenderFrameHostImpl::OnCreateNewWindow(
// ViewMsg_Close if the above step did not adopt |main_frame_route_id|.
}
+void RenderFrameHostImpl::SetLastCommittedOrigin(const url::Origin& origin) {
+ last_committed_origin_ = origin;
+ CSPContext::SetSelf(origin);
+}
+
void RenderFrameHostImpl::OnDetach() {
frame_tree_->RemoveFrame(frame_tree_node_);
}
@@ -1809,7 +1838,9 @@ void RenderFrameHostImpl::OnDidSetFeaturePolicyHeader(
void RenderFrameHostImpl::OnDidAddContentSecurityPolicy(
const ContentSecurityPolicyHeader& header,
const std::vector<ContentSecurityPolicy>& policies) {
- frame_tree_node()->AddContentSecurityPolicy(header, policies);
+ frame_tree_node()->AddContentSecurityPolicy(header);
+ for (const ContentSecurityPolicy& policy : policies)
+ AddContentSecurityPolicy(policy);
}
void RenderFrameHostImpl::OnEnforceInsecureRequestPolicy(
@@ -2481,7 +2512,8 @@ void RenderFrameHostImpl::NavigateToInterstitialURL(const GURL& data_url) {
data_url, Referrer(), ui::PAGE_TRANSITION_LINK,
FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT, false, false,
base::TimeTicks::Now(), FrameMsg_UILoadMetricsReportType::NO_REPORT,
- GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr);
+ GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr,
+ false /* should_bypass_main_world_csp */);
if (IsBrowserSideNavigationEnabled()) {
CommitNavigation(nullptr, nullptr, common_params, RequestNavigationParams(),
false);
@@ -3409,7 +3441,9 @@ RenderFrameHostImpl::TakeNavigationHandleForCommit(
return NavigationHandleImpl::Create(
params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
params.was_within_same_page, base::TimeTicks::Now(),
- pending_nav_entry_id, false); // started_from_context_menu
+ pending_nav_entry_id,
+ false, // started_from_context_menu
+ false); // should_bypass_main_world_csp
}
// Determine if the current NavigationHandle can be used.
@@ -3461,7 +3495,9 @@ RenderFrameHostImpl::TakeNavigationHandleForCommit(
return NavigationHandleImpl::Create(
params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
params.was_within_same_page, base::TimeTicks::Now(),
- entry_id_for_data_nav, false); // started_from_context_menu
+ entry_id_for_data_nav,
+ false, // started_from_context_menu
+ false); // should_bypass_main_world_csp
}
} // namespace content
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/frame_host/render_frame_host_manager.cc » ('j') | content/common/frame_messages.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698