Revert of PlzNavigate: Enforce 'frame-src' CSP on the browser.

content/browser/frame_host/ancestor_throttle.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/frame_host/ancestor_throttle.h"
 
 #include "base/metrics/histogram_macros.h"
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "content/browser/frame_host/frame_tree.h"
 #include "content/browser/frame_host/frame_tree_node.h"
 #include "content/browser/frame_host/navigation_handle_impl.h"
-#include "content/browser/frame_host/navigation_request.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/navigation_handle.h"
 #include "content/public/browser/navigation_throttle.h"
-#include "content/public/common/browser_side_navigation_policy.h"
 #include "content/public/common/console_message_level.h"
 #include "net/http/http_response_headers.h"
 #include "url/origin.h"
 
 namespace content {
 
 namespace {
 const char kXFrameOptionsSameOriginHistogram[] = "Security.XFrameOptions";
 
 // This enum is used for UMA metrics. Keep these enums up to date with
@@ skipping 131 matching lines @@
       RecordXFrameOptionsUsage(BYPASS);
       return NavigationThrottle::PROCEED;
     case HeaderDisposition::ALLOWALL:
       RecordXFrameOptionsUsage(ALLOWALL);
       return NavigationThrottle::PROCEED;
   }
   NOTREACHED();
   return NavigationThrottle::BLOCK_RESPONSE;
 }
 
-NavigationThrottle::ThrottleCheckResult
-AncestorThrottle::CheckContentSecurityPolicyFrameSrc(bool is_redirect) {
-  // If PlzNavigate is enabled, "frame-src" is enforced on the browser side,
-  // else on the renderer side.
-  if (!IsBrowserSideNavigationEnabled())
-    return NavigationThrottle::PROCEED;
-
-  const GURL& url = navigation_handle()->GetURL();
-  if (url.SchemeIs(url::kAboutScheme))
-    return NavigationThrottle::PROCEED;
-
-  NavigationHandleImpl* handle =
-      static_cast<NavigationHandleImpl*>(navigation_handle());
-
-  if (handle->should_check_main_world_csp() == CSPDisposition::DO_NOT_CHECK)
-    return NavigationThrottle::PROCEED;
-
-  FrameTreeNode* parent_ftn = handle->frame_tree_node()->parent();
-  DCHECK(parent_ftn);
-  RenderFrameHostImpl* parent = parent_ftn->current_frame_host();
-  DCHECK(parent);
-
-  if (!parent->IsAllowedByCsp(CSPDirective::FrameSrc, url, is_redirect))
-    return NavigationThrottle::BLOCK_REQUEST;
-
-  return NavigationThrottle::PROCEED;
-}
-
-NavigationThrottle::ThrottleCheckResult AncestorThrottle::WillStartRequest() {
-  return CheckContentSecurityPolicyFrameSrc(false);
-}
-
-NavigationThrottle::ThrottleCheckResult
-AncestorThrottle::WillRedirectRequest() {
-  return CheckContentSecurityPolicyFrameSrc(true);
-}
-
 AncestorThrottle::AncestorThrottle(NavigationHandle* handle)
     : NavigationThrottle(handle) {}
 
 void AncestorThrottle::ParseError(const std::string& value,
                                   HeaderDisposition disposition) {
   DCHECK(disposition == HeaderDisposition::CONFLICT ||
          disposition == HeaderDisposition::INVALID);
   if (!navigation_handle()->GetRenderFrameHost())
     return;  // Some responses won't have a RFH (i.e. 204/205s or downloads).
 
@@ skipping 82 matching lines @@
       HeadersContainFrameAncestorsCSP(headers)) {
     // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should
     // handle it here instead. Until then, don't block the request, and let
     // Blink handle it. https://crbug.com/555418
     return HeaderDisposition::BYPASS;
   }
   return result;
 }
 
 }  // namespace content