Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(870)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/web_contents/web_contents_impl.cc

Issue 2856653004: Require a process ID when looking up RFHs by FrameTreeNode ID. (Closed)
Patch Set: Simplify ExtNavThrottle Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/web_contents/web_contents_impl.h ('k') | content/public/browser/navigation_handle.h » ('j') | extensions/browser/extension_navigation_throttle.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/web_contents/web_contents_impl.cc
diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
index f98971ab43196f879bbe75a5494b461b3c8d2bfe..c4e6c16e2400196297b13bc18475af672e2d3247 100644
--- a/content/browser/web_contents/web_contents_impl.cc
+++ b/content/browser/web_contents/web_contents_impl.cc
@@ -915,7 +915,24 @@ RenderFrameHostImpl* WebContentsImpl::GetFocusedFrame() {
}
RenderFrameHostImpl* WebContentsImpl::FindFrameByFrameTreeNodeId(
+ int frame_tree_node_id,
+ int process_id) {
+ FrameTreeNode* frame = frame_tree_.FindByID(frame_tree_node_id);
+
+ // Sanity check that this is in the caller's expected process. Otherwise a
+ // recent cross-process navigation may have led to a privilege change that the
+ // caller is not expecting.
+ if (!frame ||
+ frame->current_frame_host()->GetProcess()->GetID() != process_id)
+ return nullptr;
+
+ return frame->current_frame_host();
+}
+
+RenderFrameHostImpl* WebContentsImpl::UnsafeFindFrameByFrameTreeNodeId(
int frame_tree_node_id) {
+ // Beware using this! The RenderFrameHost may have changed since the caller
+ // obtained frame_tree_node_id.
FrameTreeNode* frame = frame_tree_.FindByID(frame_tree_node_id);
return frame ? frame->current_frame_host() : nullptr;
}
« no previous file with comments | « content/browser/web_contents/web_contents_impl.h ('k') | content/public/browser/navigation_handle.h » ('j') | extensions/browser/extension_navigation_throttle.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698