| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/navigation_handle_impl.h" | 5 #include "content/browser/frame_host/navigation_handle_impl.h" |
| 6 | 6 |
| 7 #include <iterator> | 7 #include <iterator> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "content/browser/appcache/appcache_navigation_handle.h" | 10 #include "content/browser/appcache/appcache_navigation_handle.h" |
| 11 #include "content/browser/appcache/appcache_service_impl.h" | 11 #include "content/browser/appcache/appcache_service_impl.h" |
| 12 #include "content/browser/browsing_data/clear_site_data_throttle.h" | 12 #include "content/browser/browsing_data/clear_site_data_throttle.h" |
| 13 #include "content/browser/child_process_security_policy_impl.h" | 13 #include "content/browser/child_process_security_policy_impl.h" |
| 14 #include "content/browser/devtools/render_frame_devtools_agent_host.h" | 14 #include "content/browser/devtools/render_frame_devtools_agent_host.h" |
| 15 #include "content/browser/frame_host/ancestor_throttle.h" | 15 #include "content/browser/frame_host/ancestor_throttle.h" |
| 16 #include "content/browser/frame_host/data_url_navigation_throttle.h" |
| 16 #include "content/browser/frame_host/debug_urls.h" | 17 #include "content/browser/frame_host/debug_urls.h" |
| 17 #include "content/browser/frame_host/form_submission_throttle.h" | 18 #include "content/browser/frame_host/form_submission_throttle.h" |
| 18 #include "content/browser/frame_host/frame_tree_node.h" | 19 #include "content/browser/frame_host/frame_tree_node.h" |
| 19 #include "content/browser/frame_host/mixed_content_navigation_throttle.h" | 20 #include "content/browser/frame_host/mixed_content_navigation_throttle.h" |
| 20 #include "content/browser/frame_host/navigation_controller_impl.h" | 21 #include "content/browser/frame_host/navigation_controller_impl.h" |
| 21 #include "content/browser/frame_host/navigation_entry_impl.h" | 22 #include "content/browser/frame_host/navigation_entry_impl.h" |
| 22 #include "content/browser/frame_host/navigator.h" | 23 #include "content/browser/frame_host/navigator.h" |
| 23 #include "content/browser/frame_host/navigator_delegate.h" | 24 #include "content/browser/frame_host/navigator_delegate.h" |
| 24 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 25 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
| 25 #include "content/browser/service_worker/service_worker_context_wrapper.h" | 26 #include "content/browser/service_worker/service_worker_context_wrapper.h" |
| (...skipping 647 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 673 subframe_entry_committed_ = navigation_entry_committed; | 674 subframe_entry_committed_ = navigation_entry_committed; |
| 674 | 675 |
| 675 // If an error page reloads, net_error_code might be 200 but we still want to | 676 // If an error page reloads, net_error_code might be 200 but we still want to |
| 676 // count it as an error page. | 677 // count it as an error page. |
| 677 if (params.base_url.spec() == kUnreachableWebDataURL || | 678 if (params.base_url.spec() == kUnreachableWebDataURL || |
| 678 net_error_code_ != net::OK) { | 679 net_error_code_ != net::OK) { |
| 679 state_ = DID_COMMIT_ERROR_PAGE; | 680 state_ = DID_COMMIT_ERROR_PAGE; |
| 680 } else { | 681 } else { |
| 681 state_ = DID_COMMIT; | 682 state_ = DID_COMMIT; |
| 682 } | 683 } |
| 683 | |
| 684 if (url_.SchemeIs(url::kDataScheme) && IsInMainFrame() && | |
| 685 IsRendererInitiated()) { | |
| 686 GetRenderFrameHost()->AddMessageToConsole( | |
| 687 CONSOLE_MESSAGE_LEVEL_WARNING, | |
| 688 "Upcoming versions will block content-initiated top frame navigations " | |
| 689 "to data: URLs. For more information, see https://goo.gl/BaZAea."); | |
| 690 } | |
| 691 } | 684 } |
| 692 | 685 |
| 693 void NavigationHandleImpl::Transfer() { | 686 void NavigationHandleImpl::Transfer() { |
| 694 DCHECK(!IsBrowserSideNavigationEnabled()); | 687 DCHECK(!IsBrowserSideNavigationEnabled()); |
| 695 // This is an actual transfer. Inform the NavigationResourceThrottle. This | 688 // This is an actual transfer. Inform the NavigationResourceThrottle. This |
| 696 // will allow to mark the URLRequest as transferring. When it is marked as | 689 // will allow to mark the URLRequest as transferring. When it is marked as |
| 697 // transferring, the URLRequest can no longer be cancelled by its original | 690 // transferring, the URLRequest can no longer be cancelled by its original |
| 698 // RenderFrame. Instead it will persist until being picked up by the transfer | 691 // RenderFrame. Instead it will persist until being picked up by the transfer |
| 699 // RenderFrame, even if the original RenderFrame is destroyed. | 692 // RenderFrame, even if the original RenderFrame is destroyed. |
| 700 // Note: |transfer_callback_| can be null in unit tests. | 693 // Note: |transfer_callback_| can be null in unit tests. |
| (...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 922 // Register the navigation throttles. The vector returned by | 915 // Register the navigation throttles. The vector returned by |
| 923 // CreateThrottlesForNavigation is not assigned to throttles_ directly because | 916 // CreateThrottlesForNavigation is not assigned to throttles_ directly because |
| 924 // it would overwrite any throttles previously added with | 917 // it would overwrite any throttles previously added with |
| 925 // RegisterThrottleForTesting. | 918 // RegisterThrottleForTesting. |
| 926 // TODO(carlosk, arthursonzogni): should simplify this to either use | 919 // TODO(carlosk, arthursonzogni): should simplify this to either use |
| 927 // |throttles_| directly (except for the case described above) or | 920 // |throttles_| directly (except for the case described above) or |
| 928 // |throttles_to_register| for registering all throttles. | 921 // |throttles_to_register| for registering all throttles. |
| 929 std::vector<std::unique_ptr<NavigationThrottle>> throttles_to_register = | 922 std::vector<std::unique_ptr<NavigationThrottle>> throttles_to_register = |
| 930 GetDelegate()->CreateThrottlesForNavigation(this); | 923 GetDelegate()->CreateThrottlesForNavigation(this); |
| 931 | 924 |
| 925 // Check for renderer-inititated main frame navigations to data URLs. This is |
| 926 // done first as it may block the main frame navigation altogether. |
| 927 std::unique_ptr<NavigationThrottle> data_url_navigation_throttle = |
| 928 DataUrlNavigationThrottle::CreateThrottleForNavigation(this); |
| 929 if (data_url_navigation_throttle) |
| 930 throttles_to_register.push_back(std::move(data_url_navigation_throttle)); |
| 931 |
| 932 std::unique_ptr<content::NavigationThrottle> ancestor_throttle = | 932 std::unique_ptr<content::NavigationThrottle> ancestor_throttle = |
| 933 content::AncestorThrottle::MaybeCreateThrottleFor(this); | 933 content::AncestorThrottle::MaybeCreateThrottleFor(this); |
| 934 if (ancestor_throttle) | 934 if (ancestor_throttle) |
| 935 throttles_.push_back(std::move(ancestor_throttle)); | 935 throttles_.push_back(std::move(ancestor_throttle)); |
| 936 | 936 |
| 937 std::unique_ptr<content::NavigationThrottle> form_submission_throttle = | 937 std::unique_ptr<content::NavigationThrottle> form_submission_throttle = |
| 938 content::FormSubmissionThrottle::MaybeCreateThrottleFor(this); | 938 content::FormSubmissionThrottle::MaybeCreateThrottleFor(this); |
| 939 if (form_submission_throttle) | 939 if (form_submission_throttle) |
| 940 throttles_.push_back(std::move(form_submission_throttle)); | 940 throttles_.push_back(std::move(form_submission_throttle)); |
| 941 | 941 |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 982 if (node->current_url().EqualsIgnoringRef(url_)) { | 982 if (node->current_url().EqualsIgnoringRef(url_)) { |
| 983 if (found_self_reference) | 983 if (found_self_reference) |
| 984 return true; | 984 return true; |
| 985 found_self_reference = true; | 985 found_self_reference = true; |
| 986 } | 986 } |
| 987 } | 987 } |
| 988 return false; | 988 return false; |
| 989 } | 989 } |
| 990 | 990 |
| 991 } // namespace content | 991 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2702503002:
Block renderer-initiated main frame navigations to data URLs (Closed)
