Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(300)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/frame_host/ancestor_throttle.cc

Issue 2909513002: Move PlzNavigate frame-src CSP check to NavigationRequest (Closed)
Patch Set: rebase Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/frame_host/ancestor_throttle.h ('k') | content/browser/frame_host/navigation_request.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/frame_host/ancestor_throttle.h" 5 #include "content/browser/frame_host/ancestor_throttle.h"
6 6
7 #include "base/metrics/histogram_macros.h" 7 #include "base/metrics/histogram_macros.h"
8 #include "base/strings/string_split.h" 8 #include "base/strings/string_split.h"
9 #include "base/strings/string_util.h" 9 #include "base/strings/string_util.h"
10 #include "base/strings/stringprintf.h" 10 #include "base/strings/stringprintf.h"
(...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after
168 return NavigationThrottle::PROCEED; 168 return NavigationThrottle::PROCEED;
169 } 169 }
170 NOTREACHED(); 170 NOTREACHED();
171 return NavigationThrottle::BLOCK_RESPONSE; 171 return NavigationThrottle::BLOCK_RESPONSE;
172 } 172 }
173 173
174 const char* AncestorThrottle::GetNameForLogging() { 174 const char* AncestorThrottle::GetNameForLogging() {
175 return "AncestorThrottle"; 175 return "AncestorThrottle";
176 } 176 }
177 177
178 NavigationThrottle::ThrottleCheckResult
179 AncestorThrottle::CheckContentSecurityPolicyFrameSrc(bool is_redirect) {
180 // If PlzNavigate is enabled, "frame-src" is enforced on the browser side,
181 // else on the renderer side.
182 if (!IsBrowserSideNavigationEnabled())
183 return NavigationThrottle::PROCEED;
184
185 const GURL& url = navigation_handle()->GetURL();
186 if (url.SchemeIs(url::kAboutScheme))
187 return NavigationThrottle::PROCEED;
188
189 NavigationHandleImpl* handle =
190 static_cast<NavigationHandleImpl*>(navigation_handle());
191
192 if (handle->should_check_main_world_csp() == CSPDisposition::DO_NOT_CHECK)
193 return NavigationThrottle::PROCEED;
194
195 FrameTreeNode* parent_ftn = handle->frame_tree_node()->parent();
196 DCHECK(parent_ftn);
197 RenderFrameHostImpl* parent = parent_ftn->current_frame_host();
198 DCHECK(parent);
199
200 if (parent->IsAllowedByCsp(CSPDirective::FrameSrc, url, is_redirect,
201 handle->source_location())) {
202 return NavigationThrottle::PROCEED;
203 }
204
205 return NavigationThrottle::BLOCK_REQUEST;
206 }
207
208 NavigationThrottle::ThrottleCheckResult AncestorThrottle::WillStartRequest() {
209 return CheckContentSecurityPolicyFrameSrc(false);
210 }
211
212 NavigationThrottle::ThrottleCheckResult
213 AncestorThrottle::WillRedirectRequest() {
214 return CheckContentSecurityPolicyFrameSrc(true);
215 }
216
217 AncestorThrottle::AncestorThrottle(NavigationHandle* handle) 178 AncestorThrottle::AncestorThrottle(NavigationHandle* handle)
218 : NavigationThrottle(handle) {} 179 : NavigationThrottle(handle) {}
219 180
220 void AncestorThrottle::ParseError(const std::string& value, 181 void AncestorThrottle::ParseError(const std::string& value,
221 HeaderDisposition disposition) { 182 HeaderDisposition disposition) {
222 DCHECK(disposition == HeaderDisposition::CONFLICT || 183 DCHECK(disposition == HeaderDisposition::CONFLICT ||
223 disposition == HeaderDisposition::INVALID); 184 disposition == HeaderDisposition::INVALID);
224 if (!navigation_handle()->GetRenderFrameHost()) 185 if (!navigation_handle()->GetRenderFrameHost())
225 return; // Some responses won't have a RFH (i.e. 204/205s or downloads). 186 return; // Some responses won't have a RFH (i.e. 204/205s or downloads).
226 187
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after
309 HeadersContainFrameAncestorsCSP(headers)) { 270 HeadersContainFrameAncestorsCSP(headers)) {
310 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should 271 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should
311 // handle it here instead. Until then, don't block the request, and let 272 // handle it here instead. Until then, don't block the request, and let
312 // Blink handle it. https://crbug.com/555418 273 // Blink handle it. https://crbug.com/555418
313 return HeaderDisposition::BYPASS; 274 return HeaderDisposition::BYPASS;
314 } 275 }
315 return result; 276 return result;
316 } 277 }
317 278
318 } // namespace content 279 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/frame_host/ancestor_throttle.h ('k') | content/browser/frame_host/navigation_request.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698