content/browser/frame_host/form_submission_throttle.cc - Issue 2689653003: PlzNavigate: Enforce 'form-action' CSP on the browser-side.

Side by Side Diff: content/browser/frame_host/form_submission_throttle.cc

Issue 2689653003: PlzNavigate: Enforce 'form-action' CSP on the browser-side. (Closed)

Patch Set: Rebase. Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« content/browser/frame_host/form_submission_throttle.h ('K') | « content/browser/frame_host/form_submission_throttle.h ('k') | content/browser/frame_host/form_submission_throttle_browsertest.cc » ('j') | content/browser/frame_host/form_submission_throttle_browsertest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "content/browser/frame_host/form_submission_throttle.h"

	6 #include "content/browser/frame_host/navigation_handle_impl.h"

	7 #include "content/public/browser/browser_thread.h"

	8 #include "content/public/browser/navigation_handle.h"

	9 #include "content/public/browser/navigation_throttle.h"

	10 #include "content/public/common/browser_side_navigation_policy.h"

	11

	12 namespace content {

	13

	14 // static

	15 std::unique_ptr<NavigationThrottle>

	16 FormSubmissionThrottle::MaybeCreateThrottleFor(NavigationHandle* handle) {

	17 DCHECK_CURRENTLY_ON(content::BrowserThread::UI);

	18

	19 if (!IsBrowserSideNavigationEnabled())

	20 return nullptr;

	21

	22 NavigationHandleImpl* handle_impl =

	23 static_cast<NavigationHandleImpl*>(handle);

	24

	25 if (!handle_impl->is_form_submission())

	26 return nullptr;

	27

	28 return std::unique_ptr<NavigationThrottle>(

	29 new FormSubmissionThrottle(handle));

	30 }

	31

	32 FormSubmissionThrottle::~FormSubmissionThrottle() {}

	33

	34 NavigationThrottle::ThrottleCheckResult

	35 FormSubmissionThrottle::CheckContentSecurityPolicyFormAction(bool is_redirect) {

	36 NavigationHandleImpl* handle =

	37 static_cast<NavigationHandleImpl*>(navigation_handle());

	38

	39 // Allow the request when it bypasses the CSP.

	40 if (handle->should_bypass_main_world_csp())

	41 return NavigationThrottle::PROCEED;

	42

	43 const GURL& url = handle->GetURL();

	44 RenderFrameHostImpl* render_frame =

	45 handle->frame_tree_node()->current_frame_host();

	46

	47 if (!render_frame->AllowContentSecurityPolicy(CSPDirective::FormAction, url,

	48 is_redirect)) {

	49 return NavigationThrottle::CANCEL;
	Mike West 2017/03/02 10:45:34 How do you plan to deal with violation reports and How do you plan to deal with violation reports and `securitypolicyviolation` events? I don't think you need to block testing PlzNavigate on that, but we ought to be surfacing errors to developers before shipping. arthursonzogni 2017/03/07 16:25:51 The violation report and the 'securitypolicyviolat Show quoted text On 2017/03/02 10:45:34, Mike West (Slow.) wrote: > How do you plan to deal with violation reports and `securitypolicyviolation` > events? I don't think you need to block testing PlzNavigate on that, but we > ought to be surfacing errors to developers before shipping. The violation report and the 'securitypolicyviolation' event are sent when the call to AllowContentSecurityPolicy returns false. Mike West 2017/03/09 08:20:03 I see, thanks! Show quoted text On 2017/03/07 at 16:25:51, arthursonzogni wrote: > On 2017/03/02 10:45:34, Mike West (Slow.) wrote: > > How do you plan to deal with violation reports and `securitypolicyviolation` > > events? I don't think you need to block testing PlzNavigate on that, but we > > ought to be surfacing errors to developers before shipping. > > The violation report and the 'securitypolicyviolation' event are sent when the call to AllowContentSecurityPolicy returns false. I see, thanks! alexmos 2017/03/16 23:05:35 I also found this non-obvious just by reading the Show quoted text On 2017/03/09 08:20:03, Mike West (Slow.) wrote: > On 2017/03/07 at 16:25:51, arthursonzogni wrote: > > On 2017/03/02 10:45:34, Mike West (Slow.) wrote: > > > How do you plan to deal with violation reports and `securitypolicyviolation` > > > events? I don't think you need to block testing PlzNavigate on that, but we > > > ought to be surfacing errors to developers before shipping. > > > > The violation report and the 'securitypolicyviolation' event are sent when the > call to AllowContentSecurityPolicy returns false. > > I see, thanks! I also found this non-obvious just by reading the code and seeing IsAllowedByCsp, as it reads like the function just returns a bool without any side effects. Perhaps we can at least put in a comment on IsAllowedByCsp? And maybe IsAllowedByCsp could be named better to reflect that it also sends violations, but it's ok to consider that in a followup.
	50 }

	51

	52 return NavigationThrottle::PROCEED;

	53 }

	54

	55 NavigationThrottle::ThrottleCheckResult

	56 FormSubmissionThrottle::WillStartRequest() {

	57 return CheckContentSecurityPolicyFormAction(false /* is_redirect */);

	58 }

	59

	60 NavigationThrottle::ThrottleCheckResult

	61 FormSubmissionThrottle::WillRedirectRequest() {

	62 return CheckContentSecurityPolicyFormAction(true /* is_redirect */);

	63 }

	64

	65 FormSubmissionThrottle::FormSubmissionThrottle(NavigationHandle* handle)

	66 : NavigationThrottle(handle) {}

	67

	68 } // namespace content

OLD	NEW