Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1014)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/frame_host/render_frame_host_impl.cc

Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Addressed comments Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/site_per_process_browsertest.cc » ('j') | third_party/WebKit/public/web/WebFrameClient.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/render_frame_host_impl.cc
diff --git a/content/browser/frame_host/render_frame_host_impl.cc b/content/browser/frame_host/render_frame_host_impl.cc
index 6f244fc522f20b59ad033139b4ab2b71d5f14cba..75f670885fe1fb5088b338c4defc57a134682138 100644
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
@@ -863,6 +863,30 @@ void RenderFrameHostImpl::RenderProcessGone(SiteInstanceImpl* site_instance) {
set_nav_entry_id(0);
}
+void RenderFrameHostImpl::LogToConsole(const std::string& message) {
+ AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_ERROR, message);
+}
+
+void RenderFrameHostImpl::ReportContentSecurityPolicyViolation(
+ const CSPViolationParams& violation_params) {
+ Send(new FrameMsg_ReportContentSecurityPolicyViolation(routing_id_,
+ violation_params));
+}
+
+bool RenderFrameHostImpl::SchemeShouldBypassCSP(
+ const base::StringPiece& scheme) {
+ // Blink uses its SchemeRegistry to check if a scheme should be bypassed.
+ // It can't be used on the browser process. It is used for two things:
+ // 1) Bypassing the "chrome-extension" scheme when chrome is built with the
+ // extensions support.
+ // 2) Bypassing arbitrary scheme for testing purpose only in blink and in V8.
+ // TODO(arthursonzogni): url::GetBypassingCSPScheme() is used instead of the
+ // blink::SchemeRegistry. It contains 1) but not 2).
+ const auto& bypassing_schemes = url::GetCSPBypassingSchemes();
+ return std::find(bypassing_schemes.begin(), bypassing_schemes.end(),
+ scheme) != bypassing_schemes.end();
+}
+
bool RenderFrameHostImpl::CreateRenderFrame(int proxy_routing_id,
int opener_routing_id,
int parent_routing_id,
@@ -1061,6 +1085,11 @@ void RenderFrameHostImpl::OnCreateNewWindow(
// ViewMsg_Close if the above step did not adopt |main_frame_route_id|.
}
+void RenderFrameHostImpl::SetLastCommittedOrigin(const url::Origin& origin) {
+ last_committed_origin_ = origin;
+ CSPContext::SetSelf(origin);
+}
+
void RenderFrameHostImpl::OnDetach() {
frame_tree_->RemoveFrame(frame_tree_node_);
}
@@ -1820,7 +1849,9 @@ void RenderFrameHostImpl::OnDidSetFeaturePolicyHeader(
void RenderFrameHostImpl::OnDidAddContentSecurityPolicy(
const ContentSecurityPolicyHeader& header,
const std::vector<ContentSecurityPolicy>& policies) {
- frame_tree_node()->AddContentSecurityPolicy(header, policies);
+ frame_tree_node()->AddContentSecurityPolicy(header);
+ for (const ContentSecurityPolicy& policy : policies)
+ AddContentSecurityPolicy(policy);
}
void RenderFrameHostImpl::OnEnforceInsecureRequestPolicy(
@@ -2508,7 +2539,8 @@ void RenderFrameHostImpl::NavigateToInterstitialURL(const GURL& data_url) {
data_url, Referrer(), ui::PAGE_TRANSITION_LINK,
FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT, false, false,
base::TimeTicks::Now(), FrameMsg_UILoadMetricsReportType::NO_REPORT,
- GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr);
+ GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr,
+ false /* should_bypass_main_world_csp */);
if (IsBrowserSideNavigationEnabled()) {
CommitNavigation(nullptr, nullptr, common_params, RequestNavigationParams(),
false);
@@ -3433,7 +3465,9 @@ RenderFrameHostImpl::TakeNavigationHandleForCommit(
return NavigationHandleImpl::Create(
params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
params.was_within_same_page, base::TimeTicks::Now(),
- pending_nav_entry_id, false); // started_from_context_menu
+ pending_nav_entry_id,
+ false, // started_from_context_menu
+ false); // should_bypass_main_world_csp
}
// Determine if the current NavigationHandle can be used.
@@ -3485,7 +3519,9 @@ RenderFrameHostImpl::TakeNavigationHandleForCommit(
return NavigationHandleImpl::Create(
params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
params.was_within_same_page, base::TimeTicks::Now(),
- entry_id_for_data_nav, false); // started_from_context_menu
+ entry_id_for_data_nav,
+ false, // started_from_context_menu
+ false); // should_bypass_main_world_csp
}
#if defined(OS_ANDROID)
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/site_per_process_browsertest.cc » ('j') | third_party/WebKit/public/web/WebFrameClient.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698