OLD | NEW |
---|---|
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/loader/SubresourceFilter.h" | 5 #include "core/loader/SubresourceFilter.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "core/dom/Document.h" | |
9 #include "core/dom/TaskRunnerHelper.h" | 10 #include "core/dom/TaskRunnerHelper.h" |
11 #include "core/frame/LocalFrame.h" | |
12 #include "core/inspector/ConsoleMessage.h" | |
10 #include "platform/WebTaskRunner.h" | 13 #include "platform/WebTaskRunner.h" |
11 #include "platform/weborigin/KURL.h" | 14 #include "platform/weborigin/KURL.h" |
15 #include "platform/wtf/text/StringBuilder.h" | |
12 #include "public/platform/WebTraceLocation.h" | 16 #include "public/platform/WebTraceLocation.h" |
13 | 17 |
14 namespace blink { | 18 namespace blink { |
15 | 19 |
20 namespace { | |
21 | |
22 void emitErrorForDisallowedLoads(const String& url, Document& document) { | |
Charlie Harrison
2017/05/22 14:35:04
Since this is semantically the URL, let's just mak
Charlie Harrison
2017/05/22 14:35:04
Oh also, I think Blink doesn't do camel case funct
shivanisha
2017/05/23 18:54:00
Done
| |
23 // TODO(shivanisha): Update the string when finalized. | |
24 String message = "Subresource filtering disallowed loading this resource, "; | |
Charlie Harrison
2017/05/22 14:35:04
Just inline this in Append so we can use the Strin
shivanisha
2017/05/23 18:54:00
Done
| |
25 StringBuilder builder; | |
26 builder.Append(message); | |
27 builder.Append(url); | |
28 builder.Append("."); | |
29 document.AddConsoleMessage(ConsoleMessage::Create( | |
30 kJSMessageSource, kErrorMessageLevel, builder.ToString())); | |
31 } | |
32 | |
33 } // namespace | |
34 | |
16 // static | 35 // static |
17 SubresourceFilter* SubresourceFilter::Create( | 36 SubresourceFilter* SubresourceFilter::Create( |
18 DocumentLoader* loader, | 37 DocumentLoader* loader, |
19 std::unique_ptr<WebDocumentSubresourceFilter> filter) { | 38 std::unique_ptr<WebDocumentSubresourceFilter> filter) { |
20 return new SubresourceFilter(loader, std::move(filter)); | 39 return new SubresourceFilter(loader, std::move(filter)); |
21 } | 40 } |
22 | 41 |
23 SubresourceFilter::SubresourceFilter( | 42 SubresourceFilter::SubresourceFilter( |
24 DocumentLoader* document_loader, | 43 DocumentLoader* document_loader, |
25 std::unique_ptr<WebDocumentSubresourceFilter> subresource_filter) | 44 std::unique_ptr<WebDocumentSubresourceFilter> subresource_filter) |
26 : document_loader_(document_loader), | 45 : document_loader_(document_loader), |
27 subresource_filter_(std::move(subresource_filter)) {} | 46 subresource_filter_(std::move(subresource_filter)) {} |
28 | 47 |
29 SubresourceFilter::~SubresourceFilter() {} | 48 SubresourceFilter::~SubresourceFilter() {} |
30 | 49 |
31 bool SubresourceFilter::AllowLoad( | 50 bool SubresourceFilter::AllowLoad( |
32 const KURL& resource_url, | 51 const KURL& resource_url, |
33 WebURLRequest::RequestContext request_context, | 52 WebURLRequest::RequestContext request_context, |
34 SecurityViolationReportingPolicy reporting_policy) { | 53 SecurityViolationReportingPolicy reporting_policy) { |
35 // TODO(csharrison): Implement a caching layer here which is a HashMap of | 54 // TODO(csharrison): Implement a caching layer here which is a HashMap of |
36 // Pair<url string, context> -> LoadPolicy. | 55 // Pair<url string, context> -> LoadPolicy. |
37 WebDocumentSubresourceFilter::LoadPolicy load_policy = | 56 WebDocumentSubresourceFilter::LoadPolicy load_policy = |
38 subresource_filter_->GetLoadPolicy(resource_url, request_context); | 57 subresource_filter_->GetLoadPolicy(resource_url, request_context); |
58 | |
39 if (reporting_policy == SecurityViolationReportingPolicy::kReport) | 59 if (reporting_policy == SecurityViolationReportingPolicy::kReport) |
40 ReportLoad(load_policy); | 60 ReportLoad(resource_url, load_policy); |
41 return load_policy != WebDocumentSubresourceFilter::kDisallow; | 61 return load_policy != WebDocumentSubresourceFilter::kDisallow; |
42 } | 62 } |
43 | 63 |
44 bool SubresourceFilter::AllowWebSocketConnection(const KURL& url) { | 64 bool SubresourceFilter::AllowWebSocketConnection(const KURL& url) { |
45 WebDocumentSubresourceFilter::LoadPolicy load_policy = | 65 WebDocumentSubresourceFilter::LoadPolicy load_policy = |
46 subresource_filter_->GetLoadPolicyForWebSocketConnect(url); | 66 subresource_filter_->GetLoadPolicyForWebSocketConnect(url); |
47 | 67 |
48 // Post a task to notify this load to avoid unduly blocking the worker | 68 // Post a task to notify this load to avoid unduly blocking the worker |
49 // thread. Note that this unconditionally calls reportLoad unlike allowLoad, | 69 // thread. Note that this unconditionally calls reportLoad unlike allowLoad, |
50 // because there aren't developer-invisible connections (like speculative | 70 // because there aren't developer-invisible connections (like speculative |
51 // preloads) happening here. | 71 // preloads) happening here. |
52 RefPtr<WebTaskRunner> task_runner = TaskRunnerHelper::Get( | 72 RefPtr<WebTaskRunner> task_runner = TaskRunnerHelper::Get( |
53 TaskType::kNetworking, document_loader_->GetFrame()); | 73 TaskType::kNetworking, document_loader_->GetFrame()); |
54 DCHECK(task_runner->RunsTasksOnCurrentThread()); | 74 DCHECK(task_runner->RunsTasksOnCurrentThread()); |
55 task_runner->PostTask(BLINK_FROM_HERE, | 75 task_runner->PostTask(BLINK_FROM_HERE, |
56 WTF::Bind(&SubresourceFilter::ReportLoad, | 76 WTF::Bind(&SubresourceFilter::ReportLoad, |
57 WrapPersistent(this), load_policy)); | 77 WrapPersistent(this), url, load_policy)); |
58 return load_policy != WebDocumentSubresourceFilter::kDisallow; | 78 return load_policy != WebDocumentSubresourceFilter::kDisallow; |
59 } | 79 } |
60 | 80 |
61 void SubresourceFilter::ReportLoad( | 81 void SubresourceFilter::ReportLoad( |
82 const KURL& resource_url, | |
62 WebDocumentSubresourceFilter::LoadPolicy load_policy) { | 83 WebDocumentSubresourceFilter::LoadPolicy load_policy) { |
84 Document* document = document_loader_->GetFrame() | |
85 ? document_loader_->GetFrame()->GetDocument() | |
86 : nullptr; | |
63 switch (load_policy) { | 87 switch (load_policy) { |
64 case WebDocumentSubresourceFilter::kAllow: | 88 case WebDocumentSubresourceFilter::kAllow: |
65 break; | 89 break; |
66 case WebDocumentSubresourceFilter::kDisallow: | 90 case WebDocumentSubresourceFilter::kDisallow: |
67 subresource_filter_->ReportDisallowedLoad(); | 91 subresource_filter_->ReportDisallowedLoad(); |
92 if (subresource_filter_->ShouldLogToConsole() && document) { | |
Charlie Harrison
2017/05/22 14:35:03
nit: check |document| first in the conditional sin
shivanisha
2017/05/23 18:54:00
done
| |
93 emitErrorForDisallowedLoads(resource_url.GetString(), *document); | |
94 } | |
68 // fall through | 95 // fall through |
69 case WebDocumentSubresourceFilter::kWouldDisallow: | 96 case WebDocumentSubresourceFilter::kWouldDisallow: |
70 // TODO(csharrison): log console errors here based on | |
71 // subresource_filter_->ShouldLogToConsole(). | |
72 document_loader_->DidObserveLoadingBehavior( | 97 document_loader_->DidObserveLoadingBehavior( |
73 kWebLoadingBehaviorSubresourceFilterMatch); | 98 kWebLoadingBehaviorSubresourceFilterMatch); |
74 break; | 99 break; |
75 } | 100 } |
76 } | 101 } |
77 | 102 |
78 } // namespace blink | 103 } // namespace blink |
OLD | NEW |