content/common/content_security_policy/content_security_policy.cc - Issue 2869423002: PlzNavigate: Do not disclose urls between cross-origin renderers.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/common/content_security_policy/content_security_policy.cc

Issue 2869423002: PlzNavigate: Do not disclose urls between cross-origin renderers. (Closed)

Patch Set: Add [ Failure ] for virtual/off-main-thread-fetch/[...]/onload-detach-during-csp-frame-src-none.html Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: content/common/content_security_policy/content_security_policy.cc

diff --git a/content/common/content_security_policy/content_security_policy.cc b/content/common/content_security_policy/content_security_policy.cc

index 87b035eb1c2ef44916452f1ea3e186ae29f75d64..299a4c2468cb3921ae60cddb40cd8d12f74bfb63 100644

--- a/content/common/content_security_policy/content_security_policy.cc

+++ b/content/common/content_security_policy/content_security_policy.cc

@@ -50,6 +50,15 @@ void ReportViolation(CSPContext* context,

DCHECK_NE(directive_name, CSPDirective::DefaultSrc);

DCHECK_NE(directive_name, CSPDirective::ChildSrc);

+ // For security reasons, some urls must not be disclosed. This includes the

+ // blocked url and the source location of the error. Care must be taken to

+ // ensure that these are not transmitted between different cross-origin

+ // renderers.

+ GURL safe_url = url;

+ SourceLocation safe_source_location = source_location;

+ context->SanitizeDataForUseInCspViolation(is_redirect, directive_name,

+ &safe_url, &safe_source_location);

std::stringstream message;

if (policy.header.type == blink::kWebContentSecurityPolicyTypeReport)

@@ -60,7 +69,7 @@ void ReportViolation(CSPContext* context,

else if (directive_name == CSPDirective::FrameSrc)

message << "Refused to frame '";

- message << ElideURLForReportViolation(url)

+ message << ElideURLForReportViolation(safe_url)

<< "' because it violates the following Content Security Policy "

"directive: \""

<< directive.ToString() << "\".";

@@ -75,9 +84,9 @@ void ReportViolation(CSPContext* context,

context->ReportContentSecurityPolicyViolation(CSPViolationParams(

CSPDirective::NameToString(directive.name),

- CSPDirective::NameToString(directive_name), message.str(), url,

+ CSPDirective::NameToString(directive_name), message.str(), safe_url,

policy.report_endpoints, policy.header.header_value, policy.header.type,

- is_redirect, source_location));

+ is_redirect, safe_source_location));

}

bool AllowDirective(CSPContext* context,