Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(288)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/service_worker/service_worker_dispatcher_host.cc

Issue 397913003: Kill renderers which try to register Service Workers across domains. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rename tests. Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | content/browser/service_worker/service_worker_dispatcher_host_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/strings/utf_string_conversions.h" 8 #include "base/strings/utf_string_conversions.h"
9 #include "content/browser/message_port_message_filter.h" 9 #include "content/browser/message_port_message_filter.h"
10 #include "content/browser/message_port_service.h" 10 #include "content/browser/message_port_service.h"
(...skipping 10 matching lines...) Expand all
21 #include "url/gurl.h" 21 #include "url/gurl.h"
22 22
23 using blink::WebServiceWorkerError; 23 using blink::WebServiceWorkerError;
24 24
25 namespace content { 25 namespace content {
26 26
27 namespace { 27 namespace {
28 28
29 const char kShutdownErrorMessage[] = 29 const char kShutdownErrorMessage[] =
30 "The Service Worker system has shutdown."; 30 "The Service Worker system has shutdown.";
31 const char kDomainMismatchErrorMessage[] =
32 "Scope and scripts do not have the same origin";
33 31
34 const uint32 kFilteredMessageClasses[] = { 32 const uint32 kFilteredMessageClasses[] = {
35 ServiceWorkerMsgStart, 33 ServiceWorkerMsgStart,
36 EmbeddedWorkerMsgStart, 34 EmbeddedWorkerMsgStart,
37 }; 35 };
38 36
37 // TODO(dominicc): When crbug.com/362214 is fixed, make
38 // Can(R|Unr)egisterServiceWorker also check that these are secure
39 // origins to defend against compromised renderers.
39 bool CanRegisterServiceWorker(const GURL& document_url, 40 bool CanRegisterServiceWorker(const GURL& document_url,
40 const GURL& pattern, 41 const GURL& pattern,
41 const GURL& script_url) { 42 const GURL& script_url) {
42 // TODO: Respect Chrome's content settings, if we add a setting for 43 // TODO: Respect Chrome's content settings, if we add a setting for
43 // controlling whether Service Worker is allowed. 44 // controlling whether Service Worker is allowed.
44 return document_url.GetOrigin() == pattern.GetOrigin() && 45 return document_url.GetOrigin() == pattern.GetOrigin() &&
45 document_url.GetOrigin() == script_url.GetOrigin(); 46 document_url.GetOrigin() == script_url.GetOrigin();
46 } 47 }
47 48
48 bool CanUnregisterServiceWorker(const GURL& document_url, 49 bool CanUnregisterServiceWorker(const GURL& document_url,
(...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after
189 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( 190 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(
190 thread_id, 191 thread_id,
191 request_id, 192 request_id,
192 WebServiceWorkerError::ErrorTypeAbort, 193 WebServiceWorkerError::ErrorTypeAbort,
193 base::ASCIIToUTF16(kShutdownErrorMessage))); 194 base::ASCIIToUTF16(kShutdownErrorMessage)));
194 return; 195 return;
195 } 196 }
196 197
197 if (!CanRegisterServiceWorker( 198 if (!CanRegisterServiceWorker(
198 provider_host->document_url(), pattern, script_url)) { 199 provider_host->document_url(), pattern, script_url)) {
199 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( 200 BadMessageReceived();
200 thread_id,
201 request_id,
202 WebServiceWorkerError::ErrorTypeSecurity,
203 base::ASCIIToUTF16(kDomainMismatchErrorMessage)));
204 return; 201 return;
205 } 202 }
206 GetContext()->RegisterServiceWorker( 203 GetContext()->RegisterServiceWorker(
207 pattern, 204 pattern,
208 script_url, 205 script_url,
209 render_process_id_, 206 render_process_id_,
210 provider_host, 207 provider_host,
211 base::Bind(&ServiceWorkerDispatcherHost::RegistrationComplete, 208 base::Bind(&ServiceWorkerDispatcherHost::RegistrationComplete,
212 this, 209 this,
213 thread_id, 210 thread_id,
(...skipping 23 matching lines...) Expand all
237 if (!provider_host->IsContextAlive()) { 234 if (!provider_host->IsContextAlive()) {
238 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( 235 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(
239 thread_id, 236 thread_id,
240 request_id, 237 request_id,
241 blink::WebServiceWorkerError::ErrorTypeAbort, 238 blink::WebServiceWorkerError::ErrorTypeAbort,
242 base::ASCIIToUTF16(kShutdownErrorMessage))); 239 base::ASCIIToUTF16(kShutdownErrorMessage)));
243 return; 240 return;
244 } 241 }
245 242
246 if (!CanUnregisterServiceWorker(provider_host->document_url(), pattern)) { 243 if (!CanUnregisterServiceWorker(provider_host->document_url(), pattern)) {
247 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( 244 BadMessageReceived();
248 thread_id,
249 request_id,
250 WebServiceWorkerError::ErrorTypeSecurity,
251 base::ASCIIToUTF16(kDomainMismatchErrorMessage)));
252 return; 245 return;
253 } 246 }
254 247
255 GetContext()->UnregisterServiceWorker( 248 GetContext()->UnregisterServiceWorker(
256 pattern, 249 pattern,
257 base::Bind(&ServiceWorkerDispatcherHost::UnregistrationComplete, 250 base::Bind(&ServiceWorkerDispatcherHost::UnregistrationComplete,
258 this, 251 this,
259 thread_id, 252 thread_id,
260 request_id)); 253 request_id));
261 } 254 }
(...skipping 209 matching lines...) Expand 10 before | Expand all | Expand 10 after
471 status, &error_type, &error_message); 464 status, &error_type, &error_message);
472 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( 465 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(
473 thread_id, request_id, error_type, error_message)); 466 thread_id, request_id, error_type, error_message));
474 } 467 }
475 468
476 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() { 469 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() {
477 return context_wrapper_->context(); 470 return context_wrapper_->context();
478 } 471 }
479 472
480 } // namespace content 473 } // namespace content
OLDNEW
« no previous file with comments | « no previous file | content/browser/service_worker/service_worker_dispatcher_host_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698