OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/frame_host/ancestor_throttle.h" | 5 #include "content/browser/frame_host/ancestor_throttle.h" |
6 | 6 |
7 #include "base/metrics/histogram_macros.h" | 7 #include "base/metrics/histogram_macros.h" |
8 #include "base/strings/string_split.h" | 8 #include "base/strings/string_split.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
(...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
168 return NavigationThrottle::PROCEED; | 168 return NavigationThrottle::PROCEED; |
169 } | 169 } |
170 NOTREACHED(); | 170 NOTREACHED(); |
171 return NavigationThrottle::BLOCK_RESPONSE; | 171 return NavigationThrottle::BLOCK_RESPONSE; |
172 } | 172 } |
173 | 173 |
174 const char* AncestorThrottle::GetNameForLogging() { | 174 const char* AncestorThrottle::GetNameForLogging() { |
175 return "AncestorThrottle"; | 175 return "AncestorThrottle"; |
176 } | 176 } |
177 | 177 |
178 NavigationThrottle::ThrottleCheckResult | |
179 AncestorThrottle::CheckContentSecurityPolicyFrameSrc(bool is_redirect) { | |
180 // If PlzNavigate is enabled, "frame-src" is enforced on the browser side, | |
181 // else on the renderer side. | |
182 if (!IsBrowserSideNavigationEnabled()) | |
183 return NavigationThrottle::PROCEED; | |
184 | |
185 const GURL& url = navigation_handle()->GetURL(); | |
186 if (url.SchemeIs(url::kAboutScheme)) | |
187 return NavigationThrottle::PROCEED; | |
188 | |
189 NavigationHandleImpl* handle = | |
190 static_cast<NavigationHandleImpl*>(navigation_handle()); | |
191 | |
192 if (handle->should_check_main_world_csp() == CSPDisposition::DO_NOT_CHECK) | |
193 return NavigationThrottle::PROCEED; | |
194 | |
195 FrameTreeNode* parent_ftn = handle->frame_tree_node()->parent(); | |
196 DCHECK(parent_ftn); | |
197 RenderFrameHostImpl* parent = parent_ftn->current_frame_host(); | |
198 DCHECK(parent); | |
199 | |
200 if (parent->IsAllowedByCsp(CSPDirective::FrameSrc, url, is_redirect, | |
201 handle->source_location())) { | |
202 return NavigationThrottle::PROCEED; | |
203 } | |
204 | |
205 return NavigationThrottle::BLOCK_REQUEST; | |
206 } | |
207 | |
208 NavigationThrottle::ThrottleCheckResult AncestorThrottle::WillStartRequest() { | |
209 return CheckContentSecurityPolicyFrameSrc(false); | |
210 } | |
211 | |
212 NavigationThrottle::ThrottleCheckResult | |
213 AncestorThrottle::WillRedirectRequest() { | |
214 return CheckContentSecurityPolicyFrameSrc(true); | |
215 } | |
216 | |
217 AncestorThrottle::AncestorThrottle(NavigationHandle* handle) | 178 AncestorThrottle::AncestorThrottle(NavigationHandle* handle) |
218 : NavigationThrottle(handle) {} | 179 : NavigationThrottle(handle) {} |
219 | 180 |
220 void AncestorThrottle::ParseError(const std::string& value, | 181 void AncestorThrottle::ParseError(const std::string& value, |
221 HeaderDisposition disposition) { | 182 HeaderDisposition disposition) { |
222 DCHECK(disposition == HeaderDisposition::CONFLICT || | 183 DCHECK(disposition == HeaderDisposition::CONFLICT || |
223 disposition == HeaderDisposition::INVALID); | 184 disposition == HeaderDisposition::INVALID); |
224 if (!navigation_handle()->GetRenderFrameHost()) | 185 if (!navigation_handle()->GetRenderFrameHost()) |
225 return; // Some responses won't have a RFH (i.e. 204/205s or downloads). | 186 return; // Some responses won't have a RFH (i.e. 204/205s or downloads). |
226 | 187 |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
309 HeadersContainFrameAncestorsCSP(headers)) { | 270 HeadersContainFrameAncestorsCSP(headers)) { |
310 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should | 271 // TODO(mkwst): 'frame-ancestors' is currently handled in Blink. We should |
311 // handle it here instead. Until then, don't block the request, and let | 272 // handle it here instead. Until then, don't block the request, and let |
312 // Blink handle it. https://crbug.com/555418 | 273 // Blink handle it. https://crbug.com/555418 |
313 return HeaderDisposition::BYPASS; | 274 return HeaderDisposition::BYPASS; |
314 } | 275 } |
315 return result; | 276 return result; |
316 } | 277 } |
317 | 278 |
318 } // namespace content | 279 } // namespace content |
OLD | NEW |