Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(104)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/frame_host/ancestor_throttle.cc

Issue 2756913002: Revert of PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/ancestor_throttle.h ('k') | content/browser/frame_host/frame_tree_node.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/ancestor_throttle.cc
diff --git a/content/browser/frame_host/ancestor_throttle.cc b/content/browser/frame_host/ancestor_throttle.cc
index cba286784a2e914a9f35e79578900da220198d10..ca87f0a221d797c54f9304669bd016aa961c9bcc 100644
--- a/content/browser/frame_host/ancestor_throttle.cc
+++ b/content/browser/frame_host/ancestor_throttle.cc
@@ -11,11 +11,9 @@
#include "content/browser/frame_host/frame_tree.h"
#include "content/browser/frame_host/frame_tree_node.h"
#include "content/browser/frame_host/navigation_handle_impl.h"
-#include "content/browser/frame_host/navigation_request.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/navigation_handle.h"
#include "content/public/browser/navigation_throttle.h"
-#include "content/public/common/browser_side_navigation_policy.h"
#include "content/public/common/console_message_level.h"
#include "net/http/http_response_headers.h"
#include "url/origin.h"
@@ -167,43 +165,6 @@
return NavigationThrottle::BLOCK_RESPONSE;
}
-NavigationThrottle::ThrottleCheckResult
-AncestorThrottle::CheckContentSecurityPolicyFrameSrc(bool is_redirect) {
- // If PlzNavigate is enabled, "frame-src" is enforced on the browser side,
- // else on the renderer side.
- if (!IsBrowserSideNavigationEnabled())
- return NavigationThrottle::PROCEED;
-
- const GURL& url = navigation_handle()->GetURL();
- if (url.SchemeIs(url::kAboutScheme))
- return NavigationThrottle::PROCEED;
-
- NavigationHandleImpl* handle =
- static_cast<NavigationHandleImpl*>(navigation_handle());
-
- if (handle->should_check_main_world_csp() == CSPDisposition::DO_NOT_CHECK)
- return NavigationThrottle::PROCEED;
-
- FrameTreeNode* parent_ftn = handle->frame_tree_node()->parent();
- DCHECK(parent_ftn);
- RenderFrameHostImpl* parent = parent_ftn->current_frame_host();
- DCHECK(parent);
-
- if (!parent->IsAllowedByCsp(CSPDirective::FrameSrc, url, is_redirect))
- return NavigationThrottle::BLOCK_REQUEST;
-
- return NavigationThrottle::PROCEED;
-}
-
-NavigationThrottle::ThrottleCheckResult AncestorThrottle::WillStartRequest() {
- return CheckContentSecurityPolicyFrameSrc(false);
-}
-
-NavigationThrottle::ThrottleCheckResult
-AncestorThrottle::WillRedirectRequest() {
- return CheckContentSecurityPolicyFrameSrc(true);
-}
-
AncestorThrottle::AncestorThrottle(NavigationHandle* handle)
: NavigationThrottle(handle) {}
« no previous file with comments | « content/browser/frame_host/ancestor_throttle.h ('k') | content/browser/frame_host/frame_tree_node.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698