OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/frame_host/render_frame_host_impl.h" | 5 #include "content/browser/frame_host/render_frame_host_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 2170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2181 blink::WebInsecureRequestPolicy policy) { | 2181 blink::WebInsecureRequestPolicy policy) { |
2182 frame_tree_node()->SetInsecureRequestPolicy(policy); | 2182 frame_tree_node()->SetInsecureRequestPolicy(policy); |
2183 } | 2183 } |
2184 | 2184 |
2185 void RenderFrameHostImpl::OnUpdateToUniqueOrigin( | 2185 void RenderFrameHostImpl::OnUpdateToUniqueOrigin( |
2186 bool is_potentially_trustworthy_unique_origin) { | 2186 bool is_potentially_trustworthy_unique_origin) { |
2187 TRACE_EVENT1("navigation", "RenderFrameHostImpl::OnUpdateToUniqueOrigin", | 2187 TRACE_EVENT1("navigation", "RenderFrameHostImpl::OnUpdateToUniqueOrigin", |
2188 "frame_tree_node", frame_tree_node_->frame_tree_node_id()); | 2188 "frame_tree_node", frame_tree_node_->frame_tree_node_id()); |
2189 | 2189 |
2190 url::Origin origin; | 2190 url::Origin origin; |
2191 DCHECK(origin.unique()); | 2191 DCHECK(origin.opaque()); |
2192 frame_tree_node()->SetCurrentOrigin(origin, | 2192 frame_tree_node()->SetCurrentOrigin(origin, |
2193 is_potentially_trustworthy_unique_origin); | 2193 is_potentially_trustworthy_unique_origin); |
2194 } | 2194 } |
2195 | 2195 |
2196 FrameTreeNode* RenderFrameHostImpl::FindAndVerifyChild( | 2196 FrameTreeNode* RenderFrameHostImpl::FindAndVerifyChild( |
2197 int32_t child_frame_routing_id, | 2197 int32_t child_frame_routing_id, |
2198 bad_message::BadMessageReason reason) { | 2198 bad_message::BadMessageReason reason) { |
2199 FrameTreeNode* child = frame_tree_node()->frame_tree()->FindByRoutingID( | 2199 FrameTreeNode* child = frame_tree_node()->frame_tree()->FindByRoutingID( |
2200 GetProcess()->GetID(), child_frame_routing_id); | 2200 GetProcess()->GetID(), child_frame_routing_id); |
2201 // A race can result in |child| to be nullptr. Avoid killing the renderer in | 2201 // A race can result in |child| to be nullptr. Avoid killing the renderer in |
(...skipping 824 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3026 return true; | 3026 return true; |
3027 } | 3027 } |
3028 | 3028 |
3029 // file: URLs can be allowed to access any other origin, based on settings. | 3029 // file: URLs can be allowed to access any other origin, based on settings. |
3030 if (origin.scheme() == url::kFileScheme) { | 3030 if (origin.scheme() == url::kFileScheme) { |
3031 WebPreferences prefs = render_view_host_->GetWebkitPreferences(); | 3031 WebPreferences prefs = render_view_host_->GetWebkitPreferences(); |
3032 if (prefs.allow_universal_access_from_file_urls) | 3032 if (prefs.allow_universal_access_from_file_urls) |
3033 return true; | 3033 return true; |
3034 } | 3034 } |
3035 | 3035 |
3036 // It is safe to commit into a unique origin, regardless of the URL, as it is | 3036 // It is safe to commit into a opaque origin, regardless of the URL, as it is |
3037 // restricted from accessing other origins. | 3037 // restricted from accessing other origins. |
3038 if (origin.unique()) | 3038 if (origin.opaque()) |
3039 return true; | 3039 return true; |
3040 | 3040 |
3041 // Standard URLs must match the reported origin. | 3041 // Standard URLs must match the reported origin. |
3042 if (url.IsStandard() && !origin.IsSamePhysicalOriginWith(url::Origin(url))) | 3042 if (url.IsStandard() && !origin.IsSamePhysicalOriginWith(url::Origin(url))) |
3043 return false; | 3043 return false; |
3044 | 3044 |
3045 // A non-unique origin must be a valid URL, which allows us to safely do a | 3045 // A non-opaque origin must be a valid URL, which allows us to safely do a |
3046 // conversion to GURL. | 3046 // conversion to GURL. |
3047 GURL origin_url = origin.GetPhysicalOrigin().GetURL(); | 3047 GURL origin_url = origin.GetPhysicalOrigin().GetURL(); |
3048 | 3048 |
3049 // Verify that the origin is allowed to commit in this process. | 3049 // Verify that the origin is allowed to commit in this process. |
3050 // Note: This also handles non-standard cases for |url|, such as | 3050 // Note: This also handles non-standard cases for |url|, such as |
3051 // about:blank, data, and blob URLs. | 3051 // about:blank, data, and blob URLs. |
3052 return CanCommitURL(origin_url); | 3052 return CanCommitURL(origin_url); |
3053 } | 3053 } |
3054 | 3054 |
3055 void RenderFrameHostImpl::Navigate( | 3055 void RenderFrameHostImpl::Navigate( |
(...skipping 1188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
4244 } | 4244 } |
4245 | 4245 |
4246 void RenderFrameHostImpl::ForwardGetInterfaceToRenderFrame( | 4246 void RenderFrameHostImpl::ForwardGetInterfaceToRenderFrame( |
4247 const std::string& interface_name, | 4247 const std::string& interface_name, |
4248 mojo::ScopedMessagePipeHandle pipe) { | 4248 mojo::ScopedMessagePipeHandle pipe) { |
4249 GetRemoteInterfaces()->GetInterface(interface_name, std::move(pipe)); | 4249 GetRemoteInterfaces()->GetInterface(interface_name, std::move(pipe)); |
4250 } | 4250 } |
4251 #endif | 4251 #endif |
4252 | 4252 |
4253 } // namespace content | 4253 } // namespace content |
OLD | NEW |