Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(985)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/frame_host/render_frame_host_impl.cc

Issue 2655463006: PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Rebase. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/site_per_process_browsertest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/render_frame_host_impl.cc
diff --git a/content/browser/frame_host/render_frame_host_impl.cc b/content/browser/frame_host/render_frame_host_impl.cc
index b034b708d4da22361bd4ffc6a1cc01f29343ed74..872baffcc9659a67ae620d1f3f99faaa80fbd4d2 100644
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
@@ -868,6 +868,30 @@ void RenderFrameHostImpl::RenderProcessGone(SiteInstanceImpl* site_instance) {
set_nav_entry_id(0);
}
+void RenderFrameHostImpl::LogToConsole(const std::string& message) {
+ AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_ERROR, message);
+}
+
+void RenderFrameHostImpl::ReportContentSecurityPolicyViolation(
+ const CSPViolationParams& violation_params) {
+ Send(new FrameMsg_ReportContentSecurityPolicyViolation(routing_id_,
+ violation_params));
+}
+
+bool RenderFrameHostImpl::SchemeShouldBypassCSP(
+ const base::StringPiece& scheme) {
+ // Blink uses its SchemeRegistry to check if a scheme should be bypassed.
+ // It can't be used on the browser process. It is used for two things:
+ // 1) Bypassing the "chrome-extension" scheme when chrome is built with the
+ // extensions support.
+ // 2) Bypassing arbitrary scheme for testing purpose only in blink and in V8.
+ // TODO(arthursonzogni): url::GetBypassingCSPScheme() is used instead of the
+ // blink::SchemeRegistry. It contains 1) but not 2).
+ const auto& bypassing_schemes = url::GetCSPBypassingSchemes();
+ return std::find(bypassing_schemes.begin(), bypassing_schemes.end(),
+ scheme) != bypassing_schemes.end();
+}
+
bool RenderFrameHostImpl::CreateRenderFrame(int proxy_routing_id,
int opener_routing_id,
int parent_routing_id,
@@ -1066,6 +1090,11 @@ void RenderFrameHostImpl::OnCreateNewWindow(
// ViewMsg_Close if the above step did not adopt |main_frame_route_id|.
}
+void RenderFrameHostImpl::SetLastCommittedOrigin(const url::Origin& origin) {
+ last_committed_origin_ = origin;
+ CSPContext::SetSelf(origin);
+}
+
void RenderFrameHostImpl::OnDetach() {
frame_tree_->RemoveFrame(frame_tree_node_);
}
@@ -1831,7 +1860,9 @@ void RenderFrameHostImpl::OnDidSetFeaturePolicyHeader(
void RenderFrameHostImpl::OnDidAddContentSecurityPolicy(
const ContentSecurityPolicyHeader& header,
const std::vector<ContentSecurityPolicy>& policies) {
- frame_tree_node()->AddContentSecurityPolicy(header, policies);
+ frame_tree_node()->AddContentSecurityPolicy(header);
+ for (const ContentSecurityPolicy& policy : policies)
+ AddContentSecurityPolicy(policy);
}
void RenderFrameHostImpl::OnEnforceInsecureRequestPolicy(
@@ -2519,7 +2550,8 @@ void RenderFrameHostImpl::NavigateToInterstitialURL(const GURL& data_url) {
FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT, false, false,
base::TimeTicks::Now(), FrameMsg_UILoadMetricsReportType::NO_REPORT,
GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr,
- base::Optional<SourceLocation>());
+ base::Optional<SourceLocation>(),
+ CSPDisposition::CHECK /* should_check_main_world_csp */);
if (IsBrowserSideNavigationEnabled()) {
CommitNavigation(nullptr, nullptr, common_params, RequestNavigationParams(),
false);
@@ -3434,7 +3466,9 @@ RenderFrameHostImpl::TakeNavigationHandleForCommit(
return NavigationHandleImpl::Create(
params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
params.was_within_same_document, base::TimeTicks::Now(),
- pending_nav_entry_id, false); // started_from_context_menu
+ pending_nav_entry_id,
+ false, // started_from_context_menu
+ CSPDisposition::CHECK); // should_check_main_world_csp
}
// Determine if the current NavigationHandle can be used.
@@ -3486,7 +3520,9 @@ RenderFrameHostImpl::TakeNavigationHandleForCommit(
return NavigationHandleImpl::Create(
params.url, params.redirects, frame_tree_node_, is_renderer_initiated,
params.was_within_same_document, base::TimeTicks::Now(),
- entry_id_for_data_nav, false); // started_from_context_menu
+ entry_id_for_data_nav,
+ false, // started_from_context_menu
+ CSPDisposition::CHECK); // should_check_main_world_csp
}
void RenderFrameHostImpl::BeforeUnloadTimeout() {
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/site_per_process_browsertest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698