Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(853)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/web_contents/web_contents_impl.cc

Issue 2856653004: Require a process ID when looking up RFHs by FrameTreeNode ID. (Closed)
Patch Set: Add comment. Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/web_contents/web_contents_impl.h ('k') | content/public/browser/navigation_handle.h » ('j') | content/public/browser/navigation_handle.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/web_contents/web_contents_impl.cc
diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
index 18572e8f4826a6f64bdc6c2af133abee283e5ab9..0c8f6c41ce7d0cb4d5154590b4d3fd61d0ccd21b 100644
--- a/content/browser/web_contents/web_contents_impl.cc
+++ b/content/browser/web_contents/web_contents_impl.cc
@@ -915,7 +915,24 @@ RenderFrameHostImpl* WebContentsImpl::GetFocusedFrame() {
}
RenderFrameHostImpl* WebContentsImpl::FindFrameByFrameTreeNodeId(
+ int frame_tree_node_id,
+ int process_id) {
+ FrameTreeNode* frame = frame_tree_.FindByID(frame_tree_node_id);
+
+ // Sanity check that this is in the caller's expected process. Otherwise a
+ // recent cross-process navigation may have led to a privilege change that the
+ // caller is not expecting.
+ RenderFrameHostImpl* current_frame_host = frame->current_frame_host();
+ if (!frame || current_frame_host->GetProcess()->GetID() != process_id)
+ return nullptr;
+
+ return current_frame_host;
+}
+
+RenderFrameHostImpl* WebContentsImpl::UnsafeFindFrameByFrameTreeNodeId(
int frame_tree_node_id) {
+ // Beware using this! The RenderFrameHost may have changed since the caller
+ // obtained frame_tree_node_id.
FrameTreeNode* frame = frame_tree_.FindByID(frame_tree_node_id);
return frame ? frame->current_frame_host() : nullptr;
}
« no previous file with comments | « content/browser/web_contents/web_contents_impl.h ('k') | content/public/browser/navigation_handle.h » ('j') | content/public/browser/navigation_handle.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698