| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/render_frame_host_impl.h" | 5 #include "content/browser/frame_host/render_frame_host_impl.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 835 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 846 DCHECK_EQ(site_instance_.get(), site_instance); | 846 DCHECK_EQ(site_instance_.get(), site_instance); |
| 847 | 847 |
| 848 // The renderer process is gone, so this frame can no longer be loading. | 848 // The renderer process is gone, so this frame can no longer be loading. |
| 849 ResetLoadingState(); | 849 ResetLoadingState(); |
| 850 | 850 |
| 851 // Any future UpdateState or UpdateTitle messages from this or a recreated | 851 // Any future UpdateState or UpdateTitle messages from this or a recreated |
| 852 // process should be ignored until the next commit. | 852 // process should be ignored until the next commit. |
| 853 set_nav_entry_id(0); | 853 set_nav_entry_id(0); |
| 854 } | 854 } |
| 855 | 855 |
| 856 void RenderFrameHostImpl::LogToConsole(const std::string& message) { |
| 857 AddMessageToConsole(CONSOLE_MESSAGE_LEVEL_ERROR, message); |
| 858 } |
| 859 |
| 860 void RenderFrameHostImpl::ReportContentSecurityPolicyViolation( |
| 861 const CSPViolationParams& violation_params) { |
| 862 Send(new FrameMsg_ReportContentSecurityPolicyViolation(routing_id_, |
| 863 violation_params)); |
| 864 } |
| 865 |
| 866 bool RenderFrameHostImpl::SchemeShouldBypassCSP( |
| 867 const base::StringPiece& scheme) { |
| 868 // Blink uses its SchemeRegistry to check if a scheme should be bypassed. |
| 869 // It can't be used on the browser process. It is used for two things: |
| 870 // 1) Bypassing the "chrome-extension" scheme when chrome is built with the |
| 871 // extensions support. |
| 872 // 2) Bypassing arbitrary scheme for testing purpose only in blink and in V8. |
| 873 // TODO(arthursonzogni): url::GetBypassingCSPScheme() is used instead of the |
| 874 // blink::SchemeRegistry. It contains 1) but not 2). |
| 875 const auto& bypassing_schemes = url::GetCSPBypassingSchemes(); |
| 876 return std::find(bypassing_schemes.begin(), bypassing_schemes.end(), |
| 877 scheme) != bypassing_schemes.end(); |
| 878 } |
| 879 |
| 856 bool RenderFrameHostImpl::CreateRenderFrame(int proxy_routing_id, | 880 bool RenderFrameHostImpl::CreateRenderFrame(int proxy_routing_id, |
| 857 int opener_routing_id, | 881 int opener_routing_id, |
| 858 int parent_routing_id, | 882 int parent_routing_id, |
| 859 int previous_sibling_routing_id) { | 883 int previous_sibling_routing_id) { |
| 860 TRACE_EVENT0("navigation", "RenderFrameHostImpl::CreateRenderFrame"); | 884 TRACE_EVENT0("navigation", "RenderFrameHostImpl::CreateRenderFrame"); |
| 861 DCHECK(!IsRenderFrameLive()) << "Creating frame twice"; | 885 DCHECK(!IsRenderFrameLive()) << "Creating frame twice"; |
| 862 | 886 |
| 863 // The process may (if we're sharing a process with another host that already | 887 // The process may (if we're sharing a process with another host that already |
| 864 // initialized it) or may not (we have our own process or the old process | 888 // initialized it) or may not (we have our own process or the old process |
| 865 // crashed) have been initialized. Calling Init multiple times will be | 889 // crashed) have been initialized. Calling Init multiple times will be |
| (...skipping 936 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1802 void RenderFrameHostImpl::OnDidSetFeaturePolicyHeader( | 1826 void RenderFrameHostImpl::OnDidSetFeaturePolicyHeader( |
| 1803 const ParsedFeaturePolicyHeader& parsed_header) { | 1827 const ParsedFeaturePolicyHeader& parsed_header) { |
| 1804 frame_tree_node()->SetFeaturePolicyHeader(parsed_header); | 1828 frame_tree_node()->SetFeaturePolicyHeader(parsed_header); |
| 1805 ResetFeaturePolicy(); | 1829 ResetFeaturePolicy(); |
| 1806 feature_policy_->SetHeaderPolicy(parsed_header); | 1830 feature_policy_->SetHeaderPolicy(parsed_header); |
| 1807 } | 1831 } |
| 1808 | 1832 |
| 1809 void RenderFrameHostImpl::OnDidAddContentSecurityPolicy( | 1833 void RenderFrameHostImpl::OnDidAddContentSecurityPolicy( |
| 1810 const ContentSecurityPolicyHeader& header, | 1834 const ContentSecurityPolicyHeader& header, |
| 1811 const std::vector<ContentSecurityPolicy>& policies) { | 1835 const std::vector<ContentSecurityPolicy>& policies) { |
| 1812 frame_tree_node()->AddContentSecurityPolicy(header, policies); | 1836 frame_tree_node()->AddContentSecurityPolicy(header); |
| 1837 for (const ContentSecurityPolicy& policy : policies) |
| 1838 AddContentSecurityPolicy(policy); |
| 1813 } | 1839 } |
| 1814 | 1840 |
| 1815 void RenderFrameHostImpl::OnEnforceInsecureRequestPolicy( | 1841 void RenderFrameHostImpl::OnEnforceInsecureRequestPolicy( |
| 1816 blink::WebInsecureRequestPolicy policy) { | 1842 blink::WebInsecureRequestPolicy policy) { |
| 1817 frame_tree_node()->SetInsecureRequestPolicy(policy); | 1843 frame_tree_node()->SetInsecureRequestPolicy(policy); |
| 1818 } | 1844 } |
| 1819 | 1845 |
| 1820 void RenderFrameHostImpl::OnUpdateToUniqueOrigin( | 1846 void RenderFrameHostImpl::OnUpdateToUniqueOrigin( |
| 1821 bool is_potentially_trustworthy_unique_origin) { | 1847 bool is_potentially_trustworthy_unique_origin) { |
| 1822 url::Origin origin; | 1848 url::Origin origin; |
| (...skipping 651 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2474 OnDidStartLoading(true); | 2500 OnDidStartLoading(true); |
| 2475 } | 2501 } |
| 2476 } | 2502 } |
| 2477 | 2503 |
| 2478 void RenderFrameHostImpl::NavigateToInterstitialURL(const GURL& data_url) { | 2504 void RenderFrameHostImpl::NavigateToInterstitialURL(const GURL& data_url) { |
| 2479 DCHECK(data_url.SchemeIs(url::kDataScheme)); | 2505 DCHECK(data_url.SchemeIs(url::kDataScheme)); |
| 2480 CommonNavigationParams common_params( | 2506 CommonNavigationParams common_params( |
| 2481 data_url, Referrer(), ui::PAGE_TRANSITION_LINK, | 2507 data_url, Referrer(), ui::PAGE_TRANSITION_LINK, |
| 2482 FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT, false, false, | 2508 FrameMsg_Navigate_Type::DIFFERENT_DOCUMENT, false, false, |
| 2483 base::TimeTicks::Now(), FrameMsg_UILoadMetricsReportType::NO_REPORT, | 2509 base::TimeTicks::Now(), FrameMsg_UILoadMetricsReportType::NO_REPORT, |
| 2484 GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr); | 2510 GURL(), GURL(), PREVIEWS_OFF, base::TimeTicks::Now(), "GET", nullptr, |
| 2511 false /* should_bypass_main_world_csp */); |
| 2485 if (IsBrowserSideNavigationEnabled()) { | 2512 if (IsBrowserSideNavigationEnabled()) { |
| 2486 CommitNavigation(nullptr, nullptr, common_params, RequestNavigationParams(), | 2513 CommitNavigation(nullptr, nullptr, common_params, RequestNavigationParams(), |
| 2487 false); | 2514 false); |
| 2488 } else { | 2515 } else { |
| 2489 Navigate(common_params, StartNavigationParams(), RequestNavigationParams()); | 2516 Navigate(common_params, StartNavigationParams(), RequestNavigationParams()); |
| 2490 } | 2517 } |
| 2491 } | 2518 } |
| 2492 | 2519 |
| 2493 void RenderFrameHostImpl::Stop() { | 2520 void RenderFrameHostImpl::Stop() { |
| 2494 Send(new FrameMsg_Stop(routing_id_)); | 2521 Send(new FrameMsg_Stop(routing_id_)); |
| (...skipping 907 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3402 NavigationEntryImpl::FromNavigationEntry( | 3429 NavigationEntryImpl::FromNavigationEntry( |
| 3403 frame_tree_node()->navigator()->GetController()->GetPendingEntry()); | 3430 frame_tree_node()->navigator()->GetController()->GetPendingEntry()); |
| 3404 if (pending_entry && pending_entry->GetUniqueID() == params.nav_entry_id) { | 3431 if (pending_entry && pending_entry->GetUniqueID() == params.nav_entry_id) { |
| 3405 pending_nav_entry_id = params.nav_entry_id; | 3432 pending_nav_entry_id = params.nav_entry_id; |
| 3406 is_renderer_initiated = pending_entry->is_renderer_initiated(); | 3433 is_renderer_initiated = pending_entry->is_renderer_initiated(); |
| 3407 } | 3434 } |
| 3408 | 3435 |
| 3409 return NavigationHandleImpl::Create( | 3436 return NavigationHandleImpl::Create( |
| 3410 params.url, params.redirects, frame_tree_node_, is_renderer_initiated, | 3437 params.url, params.redirects, frame_tree_node_, is_renderer_initiated, |
| 3411 params.was_within_same_page, base::TimeTicks::Now(), | 3438 params.was_within_same_page, base::TimeTicks::Now(), |
| 3412 pending_nav_entry_id, false); // started_from_context_menu | 3439 pending_nav_entry_id, |
| 3440 false, // started_from_context_menu |
| 3441 false); // should_bypass_main_world_csp |
| 3413 } | 3442 } |
| 3414 | 3443 |
| 3415 // Determine if the current NavigationHandle can be used. | 3444 // Determine if the current NavigationHandle can be used. |
| 3416 if (navigation_handle_ && navigation_handle_->GetURL() == params.url) { | 3445 if (navigation_handle_ && navigation_handle_->GetURL() == params.url) { |
| 3417 return std::move(navigation_handle_); | 3446 return std::move(navigation_handle_); |
| 3418 } | 3447 } |
| 3419 | 3448 |
| 3420 // If the URL does not match what the NavigationHandle expects, treat the | 3449 // If the URL does not match what the NavigationHandle expects, treat the |
| 3421 // commit as a new navigation. This can happen when loading a Data | 3450 // commit as a new navigation. This can happen when loading a Data |
| 3422 // navigation with LoadDataWithBaseURL. | 3451 // navigation with LoadDataWithBaseURL. |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3454 // Reset any existing NavigationHandle. | 3483 // Reset any existing NavigationHandle. |
| 3455 navigation_handle_.reset(); | 3484 navigation_handle_.reset(); |
| 3456 } | 3485 } |
| 3457 | 3486 |
| 3458 // There is no pending NavigationEntry in these cases, so pass 0 as the | 3487 // There is no pending NavigationEntry in these cases, so pass 0 as the |
| 3459 // pending_nav_entry_id. If the previous handle was a prematurely aborted | 3488 // pending_nav_entry_id. If the previous handle was a prematurely aborted |
| 3460 // navigation loaded via LoadDataWithBaseURL, propagate the entry id. | 3489 // navigation loaded via LoadDataWithBaseURL, propagate the entry id. |
| 3461 return NavigationHandleImpl::Create( | 3490 return NavigationHandleImpl::Create( |
| 3462 params.url, params.redirects, frame_tree_node_, is_renderer_initiated, | 3491 params.url, params.redirects, frame_tree_node_, is_renderer_initiated, |
| 3463 params.was_within_same_page, base::TimeTicks::Now(), | 3492 params.was_within_same_page, base::TimeTicks::Now(), |
| 3464 entry_id_for_data_nav, false); // started_from_context_menu | 3493 entry_id_for_data_nav, |
| 3494 false, // started_from_context_menu |
| 3495 false); // should_bypass_main_world_csp |
| 3465 } | 3496 } |
| 3466 | 3497 |
| 3467 } // namespace content | 3498 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2727633005:
PlzNavigate: Enforce frame-src CSP on the browser. (Closed)
