OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" | 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/strings/utf_string_conversions.h" | 8 #include "base/strings/utf_string_conversions.h" |
9 #include "content/browser/message_port_message_filter.h" | 9 #include "content/browser/message_port_message_filter.h" |
10 #include "content/browser/message_port_service.h" | 10 #include "content/browser/message_port_service.h" |
11 #include "content/browser/service_worker/embedded_worker_registry.h" | 11 #include "content/browser/service_worker/embedded_worker_registry.h" |
12 #include "content/browser/service_worker/service_worker_context_core.h" | 12 #include "content/browser/service_worker/service_worker_context_core.h" |
13 #include "content/browser/service_worker/service_worker_context_wrapper.h" | 13 #include "content/browser/service_worker/service_worker_context_wrapper.h" |
14 #include "content/browser/service_worker/service_worker_handle.h" | 14 #include "content/browser/service_worker/service_worker_handle.h" |
15 #include "content/browser/service_worker/service_worker_registration.h" | 15 #include "content/browser/service_worker/service_worker_registration.h" |
16 #include "content/browser/service_worker/service_worker_utils.h" | 16 #include "content/browser/service_worker/service_worker_utils.h" |
17 #include "content/common/service_worker/embedded_worker_messages.h" | 17 #include "content/common/service_worker/embedded_worker_messages.h" |
18 #include "content/common/service_worker/service_worker_messages.h" | 18 #include "content/common/service_worker/service_worker_messages.h" |
19 #include "ipc/ipc_message_macros.h" | 19 #include "ipc/ipc_message_macros.h" |
20 #include "third_party/WebKit/public/platform/WebServiceWorkerError.h" | 20 #include "third_party/WebKit/public/platform/WebServiceWorkerError.h" |
21 #include "third_party/WebKit/public/platform/WebString.h" | |
22 #include "third_party/WebKit/public/platform/WebURL.h" | |
23 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" | |
21 #include "url/gurl.h" | 24 #include "url/gurl.h" |
22 | 25 |
23 using blink::WebServiceWorkerError; | 26 using blink::WebServiceWorkerError; |
24 | 27 |
25 namespace content { | 28 namespace content { |
26 | 29 |
27 namespace { | 30 namespace { |
28 | 31 |
29 const char kShutdownErrorMessage[] = | 32 const char kShutdownErrorMessage[] = |
30 "The Service Worker system has shutdown."; | 33 "The Service Worker system has shutdown."; |
31 | 34 |
32 const uint32 kFilteredMessageClasses[] = { | 35 const uint32 kFilteredMessageClasses[] = { |
33 ServiceWorkerMsgStart, | 36 ServiceWorkerMsgStart, |
34 EmbeddedWorkerMsgStart, | 37 EmbeddedWorkerMsgStart, |
35 }; | 38 }; |
36 | 39 |
37 // TODO(dominicc): When crbug.com/362214 is fixed, make | 40 bool CanAccessFeatureRequiringSecureOrigin(const GURL& url) { |
38 // Can(R|Unr)egisterServiceWorker also check that these are secure | 41 blink::WebURL webUrl(url); |
falken
2014/08/08 09:06:14
We're in chromium, so use snake_case
| |
39 // origins to defend against compromised renderers. | 42 blink::WebSecurityOrigin origin = blink::WebSecurityOrigin::create(webUrl); |
michaeln
2014/08/08 20:15:33
chromium /browser libs can't depend on blink like
| |
43 blink::WebString unusedErrorMessage; | |
falken
2014/08/08 09:06:14
ditto
| |
44 return origin.canAccessFeatureRequiringSecureOrigin(unusedErrorMessage); | |
45 } | |
46 | |
40 bool CanRegisterServiceWorker(const GURL& document_url, | 47 bool CanRegisterServiceWorker(const GURL& document_url, |
41 const GURL& pattern, | 48 const GURL& pattern, |
42 const GURL& script_url) { | 49 const GURL& script_url) { |
43 // TODO: Respect Chrome's content settings, if we add a setting for | 50 // TODO: Respect Chrome's content settings, if we add a setting for |
44 // controlling whether Service Worker is allowed. | 51 // controlling whether Service Worker is allowed. |
45 return document_url.GetOrigin() == pattern.GetOrigin() && | 52 return document_url.GetOrigin() == pattern.GetOrigin() && |
46 document_url.GetOrigin() == script_url.GetOrigin(); | 53 document_url.GetOrigin() == script_url.GetOrigin() && |
54 CanAccessFeatureRequiringSecureOrigin(document_url); | |
47 } | 55 } |
48 | 56 |
49 bool CanUnregisterServiceWorker(const GURL& document_url, | 57 bool CanUnregisterServiceWorker(const GURL& document_url, |
50 const GURL& pattern) { | 58 const GURL& pattern) { |
51 // TODO: Respect Chrome's content settings, if we add a setting for | 59 // TODO: Respect Chrome's content settings, if we add a setting for |
52 // controlling whether Service Worker is allowed. | 60 // controlling whether Service Worker is allowed. |
53 return document_url.GetOrigin() == pattern.GetOrigin(); | 61 return document_url.GetOrigin() == pattern.GetOrigin() && |
62 CanAccessFeatureRequiringSecureOrigin(document_url); | |
54 } | 63 } |
55 | 64 |
56 } // namespace | 65 } // namespace |
57 | 66 |
58 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( | 67 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( |
59 int render_process_id, | 68 int render_process_id, |
60 MessagePortMessageFilter* message_port_message_filter) | 69 MessagePortMessageFilter* message_port_message_filter) |
61 : BrowserMessageFilter(kFilteredMessageClasses, | 70 : BrowserMessageFilter(kFilteredMessageClasses, |
62 arraysize(kFilteredMessageClasses)), | 71 arraysize(kFilteredMessageClasses)), |
63 render_process_id_(render_process_id), | 72 render_process_id_(render_process_id), |
(...skipping 425 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
489 status, &error_type, &error_message); | 498 status, &error_type, &error_message); |
490 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( | 499 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( |
491 thread_id, request_id, error_type, error_message)); | 500 thread_id, request_id, error_type, error_message)); |
492 } | 501 } |
493 | 502 |
494 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() { | 503 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() { |
495 return context_wrapper_->context(); | 504 return context_wrapper_->context(); |
496 } | 505 } |
497 | 506 |
498 } // namespace content | 507 } // namespace content |
OLD | NEW |