Source/core/dom/RemoteSecurityContext.cpp - Issue 520213002: Make SecurityContext available in RemoteFrames.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/core/dom/RemoteSecurityContext.cpp

Issue 520213002: Make SecurityContext available in RemoteFrames. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Created 6 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: Source/core/dom/RemoteSecurityContext.cpp

diff --git a/Source/core/dom/RemoteSecurityContext.cpp b/Source/core/dom/RemoteSecurityContext.cpp

new file mode 100644

index 0000000000000000000000000000000000000000..49eb50b0c1a7bf797cecdbe69d211a643175bee4

--- /dev/null

+++ b/Source/core/dom/RemoteSecurityContext.cpp

@@ -0,0 +1,52 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "config.h"

+#include "core/dom/RemoteSecurityContext.h"

+#include "core/frame/csp/ContentSecurityPolicy.h"

+#include "platform/weborigin/SecurityOrigin.h"

+namespace blink {

+RemoteSecurityContext::RemoteSecurityContext()

+ : SecurityContext()

+PassRefPtr<RemoteSecurityContext> RemoteSecurityContext::create()

+ RefPtr<RemoteSecurityContext> securityContext =

+ adoptRef(new RemoteSecurityContext());

+ // RemoteSecurityContext's origin is expected to stay uninitialized until

+ // we set it using replicated origin data from the browser process.

+ ASSERT(!securityContext->haveInitializedSecurityOrigin());

+ // CSP will not be replicated for RemoteSecurityContexts, as it is moving

+ // to the browser process. For now, initialize CSP to a default

+ // locked-down policy.

+ RefPtr<ContentSecurityPolicy> csp = ContentSecurityPolicy::create();

+ securityContext->setContentSecurityPolicy(csp);

dcheng 2014/11/12 21:57:40 Nit: I would just combine these two lines, since y

alexmos 2014/11/18 18:35:17 Done.

+ // TODO(alexmos): Document::initSecurityContext has a few other things we

+ // may eventually want here, such as enforcing a setting to

+ // grantUniversalAccess().

+ return securityContext.release();

+void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origin)

+ // FIXME(alexmos): currently, replicated security origins are passed only

+ // at RemoteFrame creation time. Eventually, this class will also need to

+ // handle origin updates to handle cases like setting document.domain, but

+ // for now, check that this is the first and only time we are setting the

+ // origin.

+ ASSERT(!haveInitializedSecurityOrigin());

+ setSecurityOrigin(origin);

+} // namespace blink

« Source/core/dom/RemoteSecurityContext.h ('K') | « Source/core/dom/RemoteSecurityContext.h ('k') | Source/core/frame/Frame.h » ('j') | Source/core/frame/LocalFrame.h » ('J')