content/browser/service_worker/service_worker_dispatcher_host.cc - Issue 452013002: Kill renderers that register Service Workers from non-secure origins

Side by Side Diff: content/browser/service_worker/service_worker_dispatcher_host.cc

Issue 452013002: Kill renderers that register Service Workers from non-secure origins (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/service_worker/service_worker_dispatcher_host.h"	5 #include "content/browser/service_worker/service_worker_dispatcher_host.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "base/strings/utf_string_conversions.h"	8 #include "base/strings/utf_string_conversions.h"

9 #include "content/browser/message_port_message_filter.h"	9 #include "content/browser/message_port_message_filter.h"

10 #include "content/browser/message_port_service.h"	10 #include "content/browser/message_port_service.h"

11 #include "content/browser/service_worker/embedded_worker_registry.h"	11 #include "content/browser/service_worker/embedded_worker_registry.h"

12 #include "content/browser/service_worker/service_worker_context_core.h"	12 #include "content/browser/service_worker/service_worker_context_core.h"

13 #include "content/browser/service_worker/service_worker_context_wrapper.h"	13 #include "content/browser/service_worker/service_worker_context_wrapper.h"

14 #include "content/browser/service_worker/service_worker_handle.h"	14 #include "content/browser/service_worker/service_worker_handle.h"

15 #include "content/browser/service_worker/service_worker_registration.h"	15 #include "content/browser/service_worker/service_worker_registration.h"

16 #include "content/browser/service_worker/service_worker_utils.h"	16 #include "content/browser/service_worker/service_worker_utils.h"

17 #include "content/common/service_worker/embedded_worker_messages.h"	17 #include "content/common/service_worker/embedded_worker_messages.h"

18 #include "content/common/service_worker/service_worker_messages.h"	18 #include "content/common/service_worker/service_worker_messages.h"

19 #include "ipc/ipc_message_macros.h"	19 #include "ipc/ipc_message_macros.h"

20 #include "third_party/WebKit/public/platform/WebServiceWorkerError.h"	20 #include "third_party/WebKit/public/platform/WebServiceWorkerError.h"

	21 #include "third_party/WebKit/public/platform/WebString.h"

	22 #include "third_party/WebKit/public/platform/WebURL.h"

	23 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"

21 #include "url/gurl.h"	24 #include "url/gurl.h"

22	25

23 using blink::WebServiceWorkerError;	26 using blink::WebServiceWorkerError;

24	27

25 namespace content {	28 namespace content {

26	29

27 namespace {	30 namespace {

28	31

29 const char kShutdownErrorMessage[] =	32 const char kShutdownErrorMessage[] =

30 "The Service Worker system has shutdown.";	33 "The Service Worker system has shutdown.";

31	34

32 const uint32 kFilteredMessageClasses[] = {	35 const uint32 kFilteredMessageClasses[] = {

33 ServiceWorkerMsgStart,	36 ServiceWorkerMsgStart,

34 EmbeddedWorkerMsgStart,	37 EmbeddedWorkerMsgStart,

35 };	38 };

36	39

37 // TODO(dominicc): When crbug.com/362214 is fixed, make	40 bool CanAccessFeatureRequiringSecureOrigin(const GURL& url) {

38 // Can(R\|Unr)egisterServiceWorker also check that these are secure	41 blink::WebURL webUrl(url);
	falken 2014/08/08 09:06:14 We're in chromium, so use snake_case We're in chromium, so use snake_case
39 // origins to defend against compromised renderers.	42 blink::WebSecurityOrigin origin = blink::WebSecurityOrigin::create(webUrl);
	michaeln 2014/08/08 20:15:33 chromium /browser libs can't depend on blink like chromium /browser libs can't depend on blink like this if theres to be common code for this funcion, mayber blink should use a function provided by chromium thru blink::Platform?
	43 blink::WebString unusedErrorMessage;
	falken 2014/08/08 09:06:14 ditto ditto
	44 return origin.canAccessFeatureRequiringSecureOrigin(unusedErrorMessage);

	45 }

	46

40 bool CanRegisterServiceWorker(const GURL& document_url,	47 bool CanRegisterServiceWorker(const GURL& document_url,

41 const GURL& pattern,	48 const GURL& pattern,

42 const GURL& script_url) {	49 const GURL& script_url) {

43 // TODO: Respect Chrome's content settings, if we add a setting for	50 // TODO: Respect Chrome's content settings, if we add a setting for

44 // controlling whether Service Worker is allowed.	51 // controlling whether Service Worker is allowed.

45 return document_url.GetOrigin() == pattern.GetOrigin() &&	52 return document_url.GetOrigin() == pattern.GetOrigin() &&

46 document_url.GetOrigin() == script_url.GetOrigin();	53 document_url.GetOrigin() == script_url.GetOrigin() &&

	54 CanAccessFeatureRequiringSecureOrigin(document_url);

47 }	55 }

48	56

49 bool CanUnregisterServiceWorker(const GURL& document_url,	57 bool CanUnregisterServiceWorker(const GURL& document_url,

50 const GURL& pattern) {	58 const GURL& pattern) {

51 // TODO: Respect Chrome's content settings, if we add a setting for	59 // TODO: Respect Chrome's content settings, if we add a setting for

52 // controlling whether Service Worker is allowed.	60 // controlling whether Service Worker is allowed.

53 return document_url.GetOrigin() == pattern.GetOrigin();	61 return document_url.GetOrigin() == pattern.GetOrigin() &&

	62 CanAccessFeatureRequiringSecureOrigin(document_url);

54 }	63 }

55	64

56 } // namespace	65 } // namespace

57	66

58 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost(	67 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost(

59 int render_process_id,	68 int render_process_id,

60 MessagePortMessageFilter* message_port_message_filter)	69 MessagePortMessageFilter* message_port_message_filter)

61 : BrowserMessageFilter(kFilteredMessageClasses,	70 : BrowserMessageFilter(kFilteredMessageClasses,

62 arraysize(kFilteredMessageClasses)),	71 arraysize(kFilteredMessageClasses)),

63 render_process_id_(render_process_id),	72 render_process_id_(render_process_id),

(...skipping 425 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
489 status, &error_type, &error_message);	498 status, &error_type, &error_message);

490 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(	499 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError(

491 thread_id, request_id, error_type, error_message));	500 thread_id, request_id, error_type, error_message));

492 }	501 }

493	502

494 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() {	503 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() {

495 return context_wrapper_->context();	504 return context_wrapper_->context();

496 }	505 }

497	506

498 } // namespace content	507 } // namespace content

OLD	NEW

« content/browser/DEPS ('K') | « content/browser/DEPS ('k') | content/browser/service_worker/service_worker_dispatcher_host_unittest.cc » ('j') | no next file with comments »