Chromium Code Reviews Chromium Code Reviews
Issue 2881393002:
Count cross-origin property access. (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 20 matching lines...) Expand all Loading... | |
| 31 #include "bindings/core/v8/BindingSecurity.h" | 31 #include "bindings/core/v8/BindingSecurity.h" |
| 32 | 32 |
| 33 #include "bindings/core/v8/ExceptionState.h" | 33 #include "bindings/core/v8/ExceptionState.h" |
| 34 #include "bindings/core/v8/V8BindingForCore.h" | 34 #include "bindings/core/v8/V8BindingForCore.h" |
| 35 #include "bindings/core/v8/V8Location.h" | 35 #include "bindings/core/v8/V8Location.h" |
| 36 #include "core/dom/Document.h" | 36 #include "core/dom/Document.h" |
| 37 #include "core/frame/LocalDOMWindow.h" | 37 #include "core/frame/LocalDOMWindow.h" |
| 38 #include "core/frame/LocalFrame.h" | 38 #include "core/frame/LocalFrame.h" |
| 39 #include "core/frame/Location.h" | 39 #include "core/frame/Location.h" |
| 40 #include "core/frame/Settings.h" | 40 #include "core/frame/Settings.h" |
| 41 #include "core/frame/UseCounter.h" | |
| 41 #include "core/html/HTMLFrameElementBase.h" | 42 #include "core/html/HTMLFrameElementBase.h" |
| 42 #include "core/workers/MainThreadWorkletGlobalScope.h" | 43 #include "core/workers/MainThreadWorkletGlobalScope.h" |
| 43 #include "platform/bindings/WrapperCreationSecurityCheck.h" | 44 #include "platform/bindings/WrapperCreationSecurityCheck.h" |
| 44 #include "platform/weborigin/SecurityOrigin.h" | 45 #include "platform/weborigin/SecurityOrigin.h" |
| 45 | 46 |
| 46 namespace blink { | 47 namespace blink { |
| 47 | 48 |
| 48 namespace { | 49 namespace { |
| 49 | 50 |
| 50 bool CanAccessFrameInternal(const LocalDOMWindow* accessing_window, | 51 bool CanAccessFrameInternal(const LocalDOMWindow* accessing_window, |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 107 } // namespace | 108 } // namespace |
| 108 | 109 |
| 109 bool BindingSecurity::ShouldAllowAccessTo( | 110 bool BindingSecurity::ShouldAllowAccessTo( |
| 110 const LocalDOMWindow* accessing_window, | 111 const LocalDOMWindow* accessing_window, |
| 111 const DOMWindow* target, | 112 const DOMWindow* target, |
| 112 ExceptionState& exception_state) { | 113 ExceptionState& exception_state) { |
| 113 DCHECK(target); | 114 DCHECK(target); |
| 114 const Frame* frame = target->GetFrame(); | 115 const Frame* frame = target->GetFrame(); |
| 115 if (!frame || !frame->GetSecurityContext()) | 116 if (!frame || !frame->GetSecurityContext()) |
| 116 return false; | 117 return false; |
| 117 return CanAccessFrame(accessing_window, | 118 bool can_access = CanAccessFrame( |
| 118 frame->GetSecurityContext()->GetSecurityOrigin(), | 119 accessing_window, frame->GetSecurityContext()->GetSecurityOrigin(), |
| 119 target, exception_state); | 120 target, exception_state); |
| 121 | |
| 122 if (!can_access) { | |
| 123 UseCounter::Count(accessing_window->GetFrame(), | |
| 124 UseCounter::kCrossOriginPropertyAccess); | |
| 125 if (target->opener() == accessing_window) { | |
| 126 UseCounter::Count(accessing_window->GetFrame(), | |
| 127 UseCounter::kCrossOriginPropertyAccessFromOpener); | |
| 128 } | |
| 129 } | |
|
Mike West
2017/05/16 14:54:31
Does this do what I think it does?
jochen (gone - plz use gerrit)
2017/05/17 07:36:06
not sure, but kCrossOriginPropertyAccessFromOpener
| |
| 130 | |
| 131 return can_access; | |
| 120 } | 132 } |
| 121 | 133 |
| 122 bool BindingSecurity::ShouldAllowAccessTo( | 134 bool BindingSecurity::ShouldAllowAccessTo( |
| 123 const LocalDOMWindow* accessing_window, | 135 const LocalDOMWindow* accessing_window, |
| 124 const DOMWindow* target, | 136 const DOMWindow* target, |
| 125 ErrorReportOption reporting_option) { | 137 ErrorReportOption reporting_option) { |
| 126 DCHECK(target); | 138 DCHECK(target); |
| 127 const Frame* frame = target->GetFrame(); | 139 const Frame* frame = target->GetFrame(); |
| 128 if (!frame || !frame->GetSecurityContext()) | 140 if (!frame || !frame->GetSecurityContext()) |
| 129 return false; | 141 return false; |
| 130 return CanAccessFrame(accessing_window, | 142 bool can_access = CanAccessFrame( |
| 131 frame->GetSecurityContext()->GetSecurityOrigin(), | 143 accessing_window, frame->GetSecurityContext()->GetSecurityOrigin(), |
| 132 target, reporting_option); | 144 target, reporting_option); |
| 145 | |
| 146 if (!can_access) { | |
|
Yuki
2017/05/17 05:31:11
If we're going to put this into CanAccessFrame, th
| |
| 147 UseCounter::Count(accessing_window->GetFrame(), | |
| 148 UseCounter::kCrossOriginPropertyAccess); | |
| 149 if (target->opener() == accessing_window) { | |
| 150 UseCounter::Count(accessing_window->GetFrame(), | |
| 151 UseCounter::kCrossOriginPropertyAccessFromOpener); | |
| 152 } | |
| 153 } | |
| 154 | |
| 155 return can_access; | |
| 133 } | 156 } |
| 134 | 157 |
| 135 bool BindingSecurity::ShouldAllowAccessTo( | 158 bool BindingSecurity::ShouldAllowAccessTo( |
| 136 const LocalDOMWindow* accessing_window, | |
| 137 const EventTarget* target, | |
| 138 ExceptionState& exception_state) { | |
| 139 DCHECK(target); | |
| 140 const DOMWindow* window = target->ToDOMWindow(); | |
| 141 if (!window) { | |
| 142 // We only need to check the access to Window objects which are | |
| 143 // cross-origin accessible. If it's not a Window, the object's | |
| 144 // origin must always be the same origin (or it already leaked). | |
| 145 return true; | |
| 146 } | |
| 147 const Frame* frame = window->GetFrame(); | |
| 148 if (!frame || !frame->GetSecurityContext()) | |
| 149 return false; | |
| 150 return CanAccessFrame(accessing_window, | |
| 151 frame->GetSecurityContext()->GetSecurityOrigin(), | |
| 152 window, exception_state); | |
| 153 } | |
| 154 | |
| 155 bool BindingSecurity::ShouldAllowAccessTo( | |
| 156 const LocalDOMWindow* accessing_window, | 159 const LocalDOMWindow* accessing_window, |
| 157 const Location* target, | 160 const Location* target, |
| 158 ExceptionState& exception_state) { | 161 ExceptionState& exception_state) { |
| 159 DCHECK(target); | 162 DCHECK(target); |
| 160 const Frame* frame = target->GetFrame(); | 163 const Frame* frame = target->GetFrame(); |
| 161 if (!frame || !frame->GetSecurityContext()) | 164 if (!frame || !frame->GetSecurityContext()) |
| 162 return false; | 165 return false; |
| 163 return CanAccessFrame(accessing_window, | 166 bool can_access = CanAccessFrame( |
| 164 frame->GetSecurityContext()->GetSecurityOrigin(), | 167 accessing_window, frame->GetSecurityContext()->GetSecurityOrigin(), |
| 165 frame->DomWindow(), exception_state); | 168 frame->DomWindow(), exception_state); |
| 169 | |
| 170 if (!can_access) { | |
| 171 UseCounter::Count(accessing_window->GetFrame(), | |
| 172 UseCounter::kCrossOriginPropertyAccess); | |
| 173 if (target->DomWindow()->opener() == accessing_window) { | |
| 174 UseCounter::Count(accessing_window->GetFrame(), | |
| 175 UseCounter::kCrossOriginPropertyAccessFromOpener); | |
| 176 } | |
| 177 } | |
| 178 | |
| 179 return can_access; | |
| 166 } | 180 } |
| 167 | 181 |
| 168 bool BindingSecurity::ShouldAllowAccessTo( | 182 bool BindingSecurity::ShouldAllowAccessTo( |
| 169 const LocalDOMWindow* accessing_window, | 183 const LocalDOMWindow* accessing_window, |
| 170 const Location* target, | 184 const Location* target, |
| 171 ErrorReportOption reporting_option) { | 185 ErrorReportOption reporting_option) { |
| 172 DCHECK(target); | 186 DCHECK(target); |
| 173 const Frame* frame = target->GetFrame(); | 187 const Frame* frame = target->GetFrame(); |
| 174 if (!frame || !frame->GetSecurityContext()) | 188 if (!frame || !frame->GetSecurityContext()) |
| 175 return false; | 189 return false; |
| 176 return CanAccessFrame(accessing_window, | 190 bool can_access = CanAccessFrame( |
| 177 frame->GetSecurityContext()->GetSecurityOrigin(), | 191 accessing_window, frame->GetSecurityContext()->GetSecurityOrigin(), |
| 178 frame->DomWindow(), reporting_option); | 192 frame->DomWindow(), reporting_option); |
| 193 | |
| 194 if (!can_access) { | |
| 195 UseCounter::Count(accessing_window->GetFrame(), | |
| 196 UseCounter::kCrossOriginPropertyAccess); | |
| 197 if (target->DomWindow()->opener() == accessing_window) { | |
| 198 UseCounter::Count(accessing_window->GetFrame(), | |
| 199 UseCounter::kCrossOriginPropertyAccessFromOpener); | |
| 200 } | |
| 201 } | |
| 202 | |
| 203 return can_access; | |
| 179 } | 204 } |
| 180 | 205 |
| 181 bool BindingSecurity::ShouldAllowAccessTo( | 206 bool BindingSecurity::ShouldAllowAccessTo( |
| 182 const LocalDOMWindow* accessing_window, | 207 const LocalDOMWindow* accessing_window, |
| 183 const Node* target, | 208 const Node* target, |
| 184 ExceptionState& exception_state) { | 209 ExceptionState& exception_state) { |
| 185 if (!target) | 210 if (!target) |
| 186 return false; | 211 return false; |
| 187 return CanAccessFrame(accessing_window, | 212 return CanAccessFrame(accessing_window, |
| 188 target->GetDocument().GetSecurityOrigin(), | 213 target->GetDocument().GetSecurityOrigin(), |
| (...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 338 // arguments, so the generated exception can be more descriptive. | 363 // arguments, so the generated exception can be more descriptive. |
| 339 ExceptionState exception_state(isolate, ExceptionState::kUnknownContext, | 364 ExceptionState exception_state(isolate, ExceptionState::kUnknownContext, |
| 340 nullptr, nullptr); | 365 nullptr, nullptr); |
| 341 exception_state.ThrowSecurityError( | 366 exception_state.ThrowSecurityError( |
| 342 target_window->SanitizedCrossDomainAccessErrorMessage( | 367 target_window->SanitizedCrossDomainAccessErrorMessage( |
| 343 CurrentDOMWindow(isolate)), | 368 CurrentDOMWindow(isolate)), |
| 344 target_window->CrossDomainAccessErrorMessage(CurrentDOMWindow(isolate))); | 369 target_window->CrossDomainAccessErrorMessage(CurrentDOMWindow(isolate))); |
| 345 } | 370 } |
| 346 | 371 |
| 347 } // namespace blink | 372 } // namespace blink |
| OLD | NEW |
