Source/core/dom/RemoteSecurityContext.cpp - Issue 520213002: Make SecurityContext available in RemoteFrames.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/core/dom/RemoteSecurityContext.cpp

Issue 520213002: Make SecurityContext available in RemoteFrames. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: More feedback from Daniel Created 6 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: Source/core/dom/RemoteSecurityContext.cpp

diff --git a/Source/core/dom/RemoteSecurityContext.cpp b/Source/core/dom/RemoteSecurityContext.cpp

new file mode 100644

index 0000000000000000000000000000000000000000..867cd5c3382beb1f8eda7e3660e30d643a68324a

--- /dev/null

+++ b/Source/core/dom/RemoteSecurityContext.cpp

@@ -0,0 +1,47 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "config.h"

+#include "core/dom/RemoteSecurityContext.h"

+#include "core/frame/csp/ContentSecurityPolicy.h"

+#include "platform/weborigin/SecurityOrigin.h"

+namespace blink {

+RemoteSecurityContext::RemoteSecurityContext()

+ : SecurityContext()

+ // RemoteSecurityContext's origin is expected to stay uninitialized until

+ // we set it using replicated origin data from the browser process.

+ ASSERT(!haveInitializedSecurityOrigin());

+ // CSP will not be replicated for RemoteSecurityContexts, as it is moving

+ // to the browser process. For now, initialize CSP to a default

+ // locked-down policy.

+ setContentSecurityPolicy(ContentSecurityPolicy::create());

+ // TODO(alexmos): Document::initSecurityContext has a few other things we

nasko 2014/11/19 01:16:09 nit: Blink uses FIXME without the username.

alexmos 2014/11/19 18:19:18 Done.

+ // may eventually want here, such as enforcing a setting to

+ // grantUniversalAccess().

+PassRefPtr<RemoteSecurityContext> RemoteSecurityContext::create()

+ return adoptRef(new RemoteSecurityContext());

+void RemoteSecurityContext::setReplicatedOrigin(PassRefPtr<SecurityOrigin> origin)

+ // FIXME(alexmos): currently, replicated security origins are passed only

nasko 2014/11/19 01:16:09 nit: No need for "(alexmos)". Also s/currently/Cur

alexmos 2014/11/19 18:19:18 Done.

+ // at RemoteFrame creation time. Eventually, this class will also need to

+ // handle origin updates to handle cases like setting document.domain, but

+ // for now, check that this is the first and only time we are setting the

+ // origin.

+ ASSERT(!haveInitializedSecurityOrigin());

+ setSecurityOrigin(origin);

+} // namespace blink

« no previous file with comments | « Source/core/dom/RemoteSecurityContext.h ('k') | Source/core/frame/Frame.h » ('j') | Source/core/frame/RemoteFrame.h » ('J')