| Index: content/browser/service_worker/service_worker_dispatcher_host.cc
|
| diff --git a/content/browser/service_worker/service_worker_dispatcher_host.cc b/content/browser/service_worker/service_worker_dispatcher_host.cc
|
| index 7e216d29a262433f0deb874c29dcca0b50e95b3f..964a393f8ebbaaa389338e8348ddd76d2ecd309b 100644
|
| --- a/content/browser/service_worker/service_worker_dispatcher_host.cc
|
| +++ b/content/browser/service_worker/service_worker_dispatcher_host.cc
|
| @@ -36,6 +36,22 @@ const uint32 kFilteredMessageClasses[] = {
|
| EmbeddedWorkerMsgStart,
|
| };
|
|
|
| +bool CanRegisterServiceWorker(const GURL& document_url,
|
| + const GURL& pattern,
|
| + const GURL& script_url) {
|
| + // TODO: Respect Chrome's content settings, if we add a setting for
|
| + // controlling whether Service Worker is allowed.
|
| + return document_url.GetOrigin() == pattern.GetOrigin() &&
|
| + document_url.GetOrigin() == script_url.GetOrigin();
|
| +}
|
| +
|
| +bool CanUnregisterServiceWorker(const GURL& document_url,
|
| + const GURL& pattern) {
|
| + // TODO: Respect Chrome's content settings, if we add a setting for
|
| + // controlling whether Service Worker is allowed.
|
| + return document_url.GetOrigin() == pattern.GetOrigin();
|
| +}
|
| +
|
| } // namespace
|
|
|
| ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost(
|
| @@ -161,18 +177,6 @@ void ServiceWorkerDispatcherHost::OnRegisterServiceWorker(
|
| return;
|
| }
|
|
|
| - // TODO(alecflett): This check is insufficient for release. Add a
|
| - // ServiceWorker-specific policy query in
|
| - // ChildProcessSecurityImpl. See http://crbug.com/311631.
|
| - if (pattern.GetOrigin() != script_url.GetOrigin()) {
|
| - Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(
|
| - thread_id,
|
| - request_id,
|
| - WebServiceWorkerError::ErrorTypeSecurity,
|
| - base::ASCIIToUTF16(kDomainMismatchErrorMessage)));
|
| - return;
|
| - }
|
| -
|
| ServiceWorkerProviderHost* provider_host = GetContext()->GetProviderHost(
|
| render_process_id_, provider_id);
|
| if (!provider_host) {
|
| @@ -188,6 +192,15 @@ void ServiceWorkerDispatcherHost::OnRegisterServiceWorker(
|
| return;
|
| }
|
|
|
| + if (!CanRegisterServiceWorker(
|
| + provider_host->document_url(), pattern, script_url)) {
|
| + Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(
|
| + thread_id,
|
| + request_id,
|
| + WebServiceWorkerError::ErrorTypeSecurity,
|
| + base::ASCIIToUTF16(kDomainMismatchErrorMessage)));
|
| + return;
|
| + }
|
| GetContext()->RegisterServiceWorker(
|
| pattern,
|
| script_url,
|
| @@ -204,9 +217,6 @@ void ServiceWorkerDispatcherHost::OnUnregisterServiceWorker(
|
| int request_id,
|
| int provider_id,
|
| const GURL& pattern) {
|
| - // TODO(alecflett): This check is insufficient for release. Add a
|
| - // ServiceWorker-specific policy query in
|
| - // ChildProcessSecurityImpl. See http://crbug.com/311631.
|
| if (!GetContext() || !ServiceWorkerUtils::IsFeatureEnabled()) {
|
| Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(
|
| thread_id,
|
| @@ -231,6 +241,15 @@ void ServiceWorkerDispatcherHost::OnUnregisterServiceWorker(
|
| return;
|
| }
|
|
|
| + if (!CanUnregisterServiceWorker(provider_host->document_url(), pattern)) {
|
| + Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(
|
| + thread_id,
|
| + request_id,
|
| + WebServiceWorkerError::ErrorTypeSecurity,
|
| + base::ASCIIToUTF16(kDomainMismatchErrorMessage)));
|
| + return;
|
| + }
|
| +
|
| GetContext()->UnregisterServiceWorker(
|
| pattern,
|
| base::Bind(&ServiceWorkerDispatcherHost::UnregistrationComplete,
|
|
|
Chromium Code Reviews
Issue 334413004:
Add URL origin checks for Service Worker (un)registration (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src