Deduplicating CanReadRequestBody code.

content/browser/frame_host/render_frame_host_impl.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/frame_host/render_frame_host_impl.h"
 
 #include <algorithm>
 #include <utility>
 
 #include "base/bind.h"
@@ skipping 2190 matching lines @@
   GetProcess()->FilterURL(false, &validated_params.url);
   if (!validated_params.base_url_for_data_url.is_empty()) {
     // Kills the process. http://crbug.com/726142
     bad_message::ReceivedBadMessage(
         GetProcess(), bad_message::RFH_BASE_URL_FOR_DATA_URL_SPECIFIED);
   }
 
   BeginNavigationParams validated_begin_params = begin_params;
   GetProcess()->FilterURL(true, &validated_begin_params.searchable_form_url);
 
-  if (!ValidateUploadParams(validated_params)) {
+  if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanReadRequestBody(
+          GetSiteInstance(), validated_params.post_data)) {
     bad_message::ReceivedBadMessage(GetProcess(),
                                     bad_message::RFH_ILLEGAL_UPLOAD_PARAMS);
     return;
   }
 
   if (waiting_for_init_) {
     pendinging_navigate_ = base::MakeUnique<PendingNavigation>(
         validated_params, validated_begin_params);
     return;
   }
@@ skipping 1778 matching lines @@
 
   last_committed_site_url_ = site_url;
 
   if (!last_committed_site_url_.is_empty()) {
     RenderProcessHostImpl::AddFrameWithSite(
         frame_tree_node_->navigator()->GetController()->GetBrowserContext(),
         GetProcess(), last_committed_site_url_);
   }
 }
 
-bool RenderFrameHostImpl::ValidateUploadParams(
-    const CommonNavigationParams& common_params) {
-  if (!common_params.post_data.get())
-    return true;
-
-  // Check if the renderer is permitted to upload the requested files.
-  const std::vector<ResourceRequestBodyImpl::Element>* uploads =
-      common_params.post_data->elements();
-  std::vector<ResourceRequestBodyImpl::Element>::const_iterator iter;
-  ChildProcessSecurityPolicyImpl* security_policy =
-      ChildProcessSecurityPolicyImpl::GetInstance();
-  for (iter = uploads->begin(); iter != uploads->end(); ++iter) {
-    if (iter->type() == ResourceRequestBodyImpl::Element::TYPE_FILE &&
-        !security_policy->CanReadFile(GetProcess()->GetID(), iter->path())) {
-      return false;
-    }
-    if (iter->type() ==
-        ResourceRequestBodyImpl::Element::TYPE_FILE_FILESYSTEM) {
-      StoragePartition* storage_partition = BrowserContext::GetStoragePartition(
-          GetSiteInstance()->GetBrowserContext(), GetSiteInstance());
-      storage::FileSystemURL url =
-          storage_partition->GetFileSystemContext()->CrackURL(
-              iter->filesystem_url());
-      if (!security_policy->CanReadFileSystemFile(GetProcess()->GetID(), url))
-        return false;
-    }
-  }
-  return true;
-}
-
 #if defined(OS_ANDROID)
 
 class RenderFrameHostImpl::JavaInterfaceProvider
     : public service_manager::mojom::InterfaceProvider {
  public:
   using BindCallback =
       base::Callback<void(const std::string&, mojo::ScopedMessagePipeHandle)>;
 
   JavaInterfaceProvider(
       const BindCallback& bind_callback,
@@ skipping 44 matching lines @@
 }
 
 void RenderFrameHostImpl::ForwardGetInterfaceToRenderFrame(
     const std::string& interface_name,
     mojo::ScopedMessagePipeHandle pipe) {
   GetRemoteInterfaces()->GetInterface(interface_name, std::move(pipe));
 }
 #endif
 
 }  // namespace content