| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading | 5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc
e-loading |
| 6 | 6 |
| 7 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 7 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
| 8 | 8 |
| 9 #include <stddef.h> | 9 #include <stddef.h> |
| 10 | 10 |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 57 #include "content/browser/loader/resource_message_filter.h" | 57 #include "content/browser/loader/resource_message_filter.h" |
| 58 #include "content/browser/loader/resource_request_info_impl.h" | 58 #include "content/browser/loader/resource_request_info_impl.h" |
| 59 #include "content/browser/loader/resource_requester_info.h" | 59 #include "content/browser/loader/resource_requester_info.h" |
| 60 #include "content/browser/loader/resource_scheduler.h" | 60 #include "content/browser/loader/resource_scheduler.h" |
| 61 #include "content/browser/loader/stream_resource_handler.h" | 61 #include "content/browser/loader/stream_resource_handler.h" |
| 62 #include "content/browser/loader/sync_resource_handler.h" | 62 #include "content/browser/loader/sync_resource_handler.h" |
| 63 #include "content/browser/loader/throttling_resource_handler.h" | 63 #include "content/browser/loader/throttling_resource_handler.h" |
| 64 #include "content/browser/loader/upload_data_stream_builder.h" | 64 #include "content/browser/loader/upload_data_stream_builder.h" |
| 65 #include "content/browser/loader/wake_lock_resource_throttle.h" | 65 #include "content/browser/loader/wake_lock_resource_throttle.h" |
| 66 #include "content/browser/resource_context_impl.h" | 66 #include "content/browser/resource_context_impl.h" |
| 67 #include "content/browser/resource_request_body_browser_utils.h" |
| 67 #include "content/browser/service_worker/foreign_fetch_request_handler.h" | 68 #include "content/browser/service_worker/foreign_fetch_request_handler.h" |
| 68 #include "content/browser/service_worker/link_header_support.h" | 69 #include "content/browser/service_worker/link_header_support.h" |
| 69 #include "content/browser/service_worker/service_worker_context_wrapper.h" | 70 #include "content/browser/service_worker/service_worker_context_wrapper.h" |
| 70 #include "content/browser/service_worker/service_worker_navigation_handle_core.h
" | 71 #include "content/browser/service_worker/service_worker_navigation_handle_core.h
" |
| 71 #include "content/browser/service_worker/service_worker_request_handler.h" | 72 #include "content/browser/service_worker/service_worker_request_handler.h" |
| 72 #include "content/browser/streams/stream.h" | 73 #include "content/browser/streams/stream.h" |
| 73 #include "content/browser/streams/stream_context.h" | 74 #include "content/browser/streams/stream_context.h" |
| 74 #include "content/browser/streams/stream_registry.h" | 75 #include "content/browser/streams/stream_registry.h" |
| 75 #include "content/common/net/url_request_service_worker_data.h" | 76 #include "content/common/net/url_request_service_worker_data.h" |
| 76 #include "content/common/resource_messages.h" | 77 #include "content/common/resource_messages.h" |
| (...skipping 2549 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2626 GURL origin(origin_string); | 2627 GURL origin(origin_string); |
| 2627 if (!policy->CanSetAsOriginHeader(child_id, origin)) { | 2628 if (!policy->CanSetAsOriginHeader(child_id, origin)) { |
| 2628 VLOG(1) << "Killed renderer for illegal origin: " << origin_string; | 2629 VLOG(1) << "Killed renderer for illegal origin: " << origin_string; |
| 2629 bad_message::ReceivedBadMessage(requester_info->filter(), | 2630 bad_message::ReceivedBadMessage(requester_info->filter(), |
| 2630 bad_message::RDH_ILLEGAL_ORIGIN); | 2631 bad_message::RDH_ILLEGAL_ORIGIN); |
| 2631 return false; | 2632 return false; |
| 2632 } | 2633 } |
| 2633 } | 2634 } |
| 2634 | 2635 |
| 2635 // Check if the renderer is permitted to upload the requested files. | 2636 // Check if the renderer is permitted to upload the requested files. |
| 2636 if (request_data.request_body.get()) { | 2637 if (!CanReadRequestBody(child_id, requester_info->file_system_context(), |
| 2637 const std::vector<ResourceRequestBodyImpl::Element>* uploads = | 2638 request_data.request_body)) { |
| 2638 request_data.request_body->elements(); | 2639 NOTREACHED() << "Denied unauthorized upload"; |
| 2639 std::vector<ResourceRequestBodyImpl::Element>::const_iterator iter; | 2640 return false; |
| 2640 for (iter = uploads->begin(); iter != uploads->end(); ++iter) { | |
| 2641 if (iter->type() == ResourceRequestBodyImpl::Element::TYPE_FILE && | |
| 2642 !policy->CanReadFile(child_id, iter->path())) { | |
| 2643 NOTREACHED() << "Denied unauthorized upload of " | |
| 2644 << iter->path().value(); | |
| 2645 return false; | |
| 2646 } | |
| 2647 if (iter->type() == | |
| 2648 ResourceRequestBodyImpl::Element::TYPE_FILE_FILESYSTEM) { | |
| 2649 storage::FileSystemURL url = | |
| 2650 requester_info->file_system_context()->CrackURL( | |
| 2651 iter->filesystem_url()); | |
| 2652 if (!policy->CanReadFileSystemFile(child_id, url)) { | |
| 2653 NOTREACHED() << "Denied unauthorized upload of " | |
| 2654 << iter->filesystem_url().spec(); | |
| 2655 return false; | |
| 2656 } | |
| 2657 } | |
| 2658 } | |
| 2659 } | 2641 } |
| 2642 |
| 2660 return true; | 2643 return true; |
| 2661 } | 2644 } |
| 2662 | 2645 |
| 2663 std::unique_ptr<ResourceHandler> | 2646 std::unique_ptr<ResourceHandler> |
| 2664 ResourceDispatcherHostImpl::HandleDownloadStarted( | 2647 ResourceDispatcherHostImpl::HandleDownloadStarted( |
| 2665 net::URLRequest* request, | 2648 net::URLRequest* request, |
| 2666 std::unique_ptr<ResourceHandler> handler, | 2649 std::unique_ptr<ResourceHandler> handler, |
| 2667 bool is_content_initiated, | 2650 bool is_content_initiated, |
| 2668 bool must_download, | 2651 bool must_download, |
| 2669 bool is_new_request) { | 2652 bool is_new_request) { |
| 2670 if (delegate()) { | 2653 if (delegate()) { |
| 2671 const ResourceRequestInfoImpl* request_info( | 2654 const ResourceRequestInfoImpl* request_info( |
| 2672 ResourceRequestInfoImpl::ForRequest(request)); | 2655 ResourceRequestInfoImpl::ForRequest(request)); |
| 2673 std::vector<std::unique_ptr<ResourceThrottle>> throttles; | 2656 std::vector<std::unique_ptr<ResourceThrottle>> throttles; |
| 2674 delegate()->DownloadStarting(request, request_info->GetContext(), | 2657 delegate()->DownloadStarting(request, request_info->GetContext(), |
| 2675 is_content_initiated, true, is_new_request, | 2658 is_content_initiated, true, is_new_request, |
| 2676 &throttles); | 2659 &throttles); |
| 2677 if (!throttles.empty()) { | 2660 if (!throttles.empty()) { |
| 2678 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, | 2661 handler.reset(new ThrottlingResourceHandler(std::move(handler), request, |
| 2679 std::move(throttles))); | 2662 std::move(throttles))); |
| 2680 } | 2663 } |
| 2681 } | 2664 } |
| 2682 return handler; | 2665 return handler; |
| 2683 } | 2666 } |
| 2684 | 2667 |
| 2685 } // namespace content | 2668 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2905763002:
Deduplicating CanReadRequestBody code. (Closed)
