Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(873)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/frame_host/render_frame_host_impl.cc

Issue 2905763002: Deduplicating CanReadRequestBody code. (Closed)
Patch Set: Tweaking content/browser/loader/DEPS Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/frame_host/render_frame_proxy_host.cc » ('j') | content/browser/loader/DEPS » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/render_frame_host_impl.cc
diff --git a/content/browser/frame_host/render_frame_host_impl.cc b/content/browser/frame_host/render_frame_host_impl.cc
index 05a6a540fa19a178d617395ea468ce36211b4910..d26adad87dfdedb5a71ab484def99267f94087a7 100644
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
@@ -57,6 +57,7 @@
#include "content/browser/renderer_host/render_widget_host_delegate.h"
#include "content/browser/renderer_host/render_widget_host_impl.h"
#include "content/browser/renderer_host/render_widget_host_view_base.h"
+#include "content/browser/resource_request_body_browser_utils.h"
#include "content/browser/shared_worker/shared_worker_service_impl.h"
#include "content/browser/websockets/websocket_manager.h"
#include "content/browser/webui/url_data_manager_backend.h"
@@ -2180,7 +2181,7 @@ void RenderFrameHostImpl::OnBeginNavigation(
BeginNavigationParams validated_begin_params = begin_params;
GetProcess()->FilterURL(true, &validated_begin_params.searchable_form_url);
- if (!ValidateUploadParams(validated_params)) {
+ if (!CanReadRequestBody(GetSiteInstance(), validated_params.post_data)) {
bad_message::ReceivedBadMessage(GetProcess(),
bad_message::RFH_ILLEGAL_UPLOAD_PARAMS);
return;
@@ -3968,36 +3969,6 @@ void RenderFrameHostImpl::SetLastCommittedSiteUrl(const GURL& url) {
}
}
-bool RenderFrameHostImpl::ValidateUploadParams(
- const CommonNavigationParams& common_params) {
- if (!common_params.post_data.get())
- return true;
-
- // Check if the renderer is permitted to upload the requested files.
- const std::vector<ResourceRequestBodyImpl::Element>* uploads =
- common_params.post_data->elements();
- std::vector<ResourceRequestBodyImpl::Element>::const_iterator iter;
- ChildProcessSecurityPolicyImpl* security_policy =
- ChildProcessSecurityPolicyImpl::GetInstance();
- for (iter = uploads->begin(); iter != uploads->end(); ++iter) {
- if (iter->type() == ResourceRequestBodyImpl::Element::TYPE_FILE &&
- !security_policy->CanReadFile(GetProcess()->GetID(), iter->path())) {
- return false;
- }
- if (iter->type() ==
- ResourceRequestBodyImpl::Element::TYPE_FILE_FILESYSTEM) {
- StoragePartition* storage_partition = BrowserContext::GetStoragePartition(
- GetSiteInstance()->GetBrowserContext(), GetSiteInstance());
- storage::FileSystemURL url =
- storage_partition->GetFileSystemContext()->CrackURL(
- iter->filesystem_url());
- if (!security_policy->CanReadFileSystemFile(GetProcess()->GetID(), url))
- return false;
- }
- }
- return true;
-}
-
#if defined(OS_ANDROID)
class RenderFrameHostImpl::JavaInterfaceProvider
« no previous file with comments | « content/browser/frame_host/render_frame_host_impl.h ('k') | content/browser/frame_host/render_frame_proxy_host.cc » ('j') | content/browser/loader/DEPS » ('J')

Powered by Google App Engine
This is Rietveld 408576698