| Index: content/browser/frame_host/render_frame_proxy_host.cc
|
| diff --git a/content/browser/frame_host/render_frame_proxy_host.cc b/content/browser/frame_host/render_frame_proxy_host.cc
|
| index ddc32830d23d00e3c6dc934d42698d95a77012dc..c9f8b071ded51fb575e6a76da00d4d8b322a3673 100644
|
| --- a/content/browser/frame_host/render_frame_proxy_host.cc
|
| +++ b/content/browser/frame_host/render_frame_proxy_host.cc
|
| @@ -17,6 +17,7 @@
|
| #include "content/browser/frame_host/render_widget_host_view_child_frame.h"
|
| #include "content/browser/renderer_host/render_view_host_impl.h"
|
| #include "content/browser/renderer_host/render_widget_host_view_base.h"
|
| +#include "content/browser/resource_request_body_browser_utils.h"
|
| #include "content/browser/site_instance_impl.h"
|
| #include "content/common/frame_messages.h"
|
| #include "content/common/frame_owner_properties.h"
|
| @@ -38,63 +39,6 @@ typedef base::hash_map<RenderFrameProxyHostID, RenderFrameProxyHost*>
|
| base::LazyInstance<RoutingIDFrameProxyMap>::DestructorAtExit
|
| g_routing_id_frame_proxy_map = LAZY_INSTANCE_INITIALIZER;
|
|
|
| -// TODO(lukasza): https://crbug.com/726067: Remove code duplication - the
|
| -// function below should be reused by RenderFrameHostImpl::OnBeginNavigation and
|
| -// ResourceDispatcherHostImpl::ShouldServiceRequest.
|
| -bool CanReadRequestBody(SiteInstance* site_instance,
|
| - const scoped_refptr<ResourceRequestBodyImpl>& body) {
|
| - if (!body)
|
| - return true;
|
| -
|
| - ChildProcessSecurityPolicyImpl* security_policy =
|
| - ChildProcessSecurityPolicyImpl::GetInstance();
|
| - int child_id = site_instance->GetProcess()->GetID();
|
| -
|
| - StoragePartition* storage_partition = BrowserContext::GetStoragePartition(
|
| - site_instance->GetBrowserContext(), site_instance);
|
| - const storage::FileSystemContext* file_system_context =
|
| - storage_partition->GetFileSystemContext();
|
| -
|
| - for (const ResourceRequestBodyImpl::Element& element : *body->elements()) {
|
| - switch (element.type()) {
|
| - case ResourceRequestBodyImpl::Element::TYPE_FILE:
|
| - if (!security_policy->CanReadFile(child_id, element.path()))
|
| - return false;
|
| - break;
|
| -
|
| - case ResourceRequestBodyImpl::Element::TYPE_FILE_FILESYSTEM:
|
| - if (!security_policy->CanReadFileSystemFile(
|
| - child_id,
|
| - file_system_context->CrackURL(element.filesystem_url())))
|
| - return false;
|
| - break;
|
| -
|
| - case ResourceRequestBodyImpl::Element::TYPE_DISK_CACHE_ENTRY:
|
| - // TYPE_DISK_CACHE_ENTRY can't be sent via IPC according to
|
| - // content/common/resource_messages.cc
|
| - NOTREACHED();
|
| - return false;
|
| -
|
| - case ResourceRequestBodyImpl::Element::TYPE_BYTES:
|
| - case ResourceRequestBodyImpl::Element::TYPE_BYTES_DESCRIPTION:
|
| - // Data is self-contained within |body| - no need to check access.
|
| - break;
|
| -
|
| - case ResourceRequestBodyImpl::Element::TYPE_BLOB:
|
| - // No need to validate - the unguessability of the uuid of the blob is a
|
| - // sufficient defense against access from an unrelated renderer.
|
| - break;
|
| -
|
| - case ResourceRequestBodyImpl::Element::TYPE_UNKNOWN:
|
| - default:
|
| - // Fail safe - deny access.
|
| - NOTREACHED();
|
| - return false;
|
| - }
|
| - }
|
| - return true;
|
| -}
|
| -
|
| } // namespace
|
|
|
| // static
|
|
|
Chromium Code Reviews
Issue 2905763002:
Deduplicating CanReadRequestBody code. (Closed)
