OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright (C) 2012 Google Inc. All rights reserved. | 2 * Copyright (C) 2012 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
55 // static | 55 // static |
56 bool MixedContentChecker::isMixedContent(SecurityOrigin* securityOrigin, const K URL& url) | 56 bool MixedContentChecker::isMixedContent(SecurityOrigin* securityOrigin, const K URL& url) |
57 { | 57 { |
58 if (securityOrigin->protocol() != "https") | 58 if (securityOrigin->protocol() != "https") |
59 return false; // We only care about HTTPS security origins. | 59 return false; // We only care about HTTPS security origins. |
60 | 60 |
61 // We're in a secure context, so |url| is mixed content if it's insecure. | 61 // We're in a secure context, so |url| is mixed content if it's insecure. |
62 return !SecurityOrigin::isSecure(url); | 62 return !SecurityOrigin::isSecure(url); |
63 } | 63 } |
64 | 64 |
65 MixedContentChecker::ContextType contextTypeFromContext(WebURLRequest::RequestCo ntext context) | |
jochen (gone - plz use gerrit)
2014/09/05 08:26:14
static?
| |
66 { | |
67 switch (context) { | |
68 // "Optionally-blockable" mixed content | |
69 case WebURLRequest::RequestContextAudio: | |
70 case WebURLRequest::RequestContextFavicon: | |
71 case WebURLRequest::RequestContextImage: | |
72 case WebURLRequest::RequestContextVideo: | |
73 return MixedContentChecker::OptionallyBlockable; | |
74 | |
75 // "Blockable" mixed content | |
76 case WebURLRequest::RequestContextBeacon: | |
77 case WebURLRequest::RequestContextCSPReport: | |
78 case WebURLRequest::RequestContextEmbed: | |
79 case WebURLRequest::RequestContextFetch: | |
80 case WebURLRequest::RequestContextFont: | |
81 case WebURLRequest::RequestContextForm: | |
82 case WebURLRequest::RequestContextFrame: | |
83 case WebURLRequest::RequestContextHyperlink: | |
84 case WebURLRequest::RequestContextIframe: | |
85 case WebURLRequest::RequestContextImageSet: | |
86 case WebURLRequest::RequestContextImport: | |
87 case WebURLRequest::RequestContextLocation: | |
88 case WebURLRequest::RequestContextManifest: | |
89 case WebURLRequest::RequestContextObject: | |
90 case WebURLRequest::RequestContextPing: | |
91 case WebURLRequest::RequestContextScript: | |
92 case WebURLRequest::RequestContextServiceWorker: | |
93 case WebURLRequest::RequestContextSharedWorker: | |
94 case WebURLRequest::RequestContextStyle: | |
95 case WebURLRequest::RequestContextSubresource: | |
96 case WebURLRequest::RequestContextTrack: | |
97 case WebURLRequest::RequestContextWorker: | |
98 case WebURLRequest::RequestContextXSLT: | |
99 return MixedContentChecker::Blockable; | |
100 | |
101 // "Blockable" mixed content whose behavior changed recently, and which is t hus guarded behind the "lax" flag | |
102 case WebURLRequest::RequestContextEventSource: | |
103 case WebURLRequest::RequestContextXMLHttpRequest: | |
104 return MixedContentChecker::BlockableUnlessLax; | |
105 | |
106 // Contexts that we should block, but don't currently. | |
107 case WebURLRequest::RequestContextDownload: | |
108 case WebURLRequest::RequestContextInternal: | |
109 case WebURLRequest::RequestContextPlugin: | |
110 case WebURLRequest::RequestContextPrefetch: | |
111 return MixedContentChecker::ShouldBeBlockable; | |
112 | |
113 case WebURLRequest::RequestContextUnspecified: | |
114 ASSERT_NOT_REACHED(); | |
115 } | |
116 ASSERT_NOT_REACHED(); | |
117 return MixedContentChecker::Blockable; | |
118 } | |
119 | |
120 // static | |
121 bool MixedContentChecker::shouldBlockSubresourceFetch(LocalFrame* frame, const R esourceRequest& resourceRequest, const KURL& url) | |
122 { | |
123 return false; | |
124 } | |
125 | |
126 // static | |
127 bool MixedContentChecker::shouldBlockFetch(LocalFrame* frame, const ResourceRequ est& resourceRequest, const KURL& url) | |
128 { | |
129 // No frame, no mixed content: | |
130 if (!frame) | |
131 return false; | |
132 | |
133 // Check the top frame first. | |
134 if (Frame* top = frame->tree().top()) { | |
135 // FIXME: We need a way to access the top-level frame's SecurityOrigin w hen that frame | |
136 // is in a different process from the current frame. Until that is done, we bail out | |
137 // early and allow the load. | |
138 if (!top->isLocalFrame()) | |
139 return true; | |
140 | |
141 LocalFrame* localTop = toLocalFrame(top); | |
142 if (frame != localTop && shouldBlockFetch(localTop, resourceRequest, url )) | |
143 return true; | |
144 } | |
145 | |
146 // We only need to examine insecure URLs in secure contexts; return early ot herwise. | |
147 if (SecurityOrigin::isSecure(url) || frame->document()->securityOrigin()->pr otocol() != "https") | |
148 return false; | |
149 | |
150 // Likewise, we only care about subresource loads: | |
151 if (resourceRequest.frameType() == WebURLRequest::FrameTypeTopLevel) | |
152 return false; | |
153 | |
154 Settings* settings = frame->settings(); | |
155 FrameLoaderClient* client = frame->loader().client(); | |
156 SecurityOrigin* securityOrigin = frame->document()->securityOrigin(); | |
157 bool allowed = false; | |
158 | |
159 switch (contextTypeFromContext(resourceRequest.requestContext())) { | |
160 case OptionallyBlockable: | |
161 allowed = client->allowDisplayingInsecureContent(settings && settings->a llowDisplayOfInsecureContent(), securityOrigin, url); | |
162 if (allowed) | |
163 client->didDisplayInsecureContent(); | |
164 return !allowed; | |
165 | |
166 case Blockable: | |
167 allowed = client->allowRunningInsecureContent(settings && settings->allo wRunningOfInsecureContent(), securityOrigin, url); | |
168 if (allowed) | |
169 client->didRunInsecureContent(securityOrigin, url); | |
170 return !allowed; | |
171 | |
172 case BlockableUnlessLax: | |
173 if (RuntimeEnabledFeatures::laxMixedContentCheckingEnabled()) { | |
174 allowed = client->allowDisplayingInsecureContent(settings && setting s->allowDisplayOfInsecureContent(), securityOrigin, url); | |
175 if (allowed) | |
176 client->didDisplayInsecureContent(); | |
177 } else { | |
178 allowed = client->allowRunningInsecureContent(settings && settings-> allowRunningOfInsecureContent(), securityOrigin, url); | |
179 if (allowed) | |
180 client->didRunInsecureContent(securityOrigin, url); | |
181 } | |
182 return !allowed; | |
183 | |
184 case ShouldBeBlockable: | |
185 return false; | |
186 }; | |
187 ASSERT_NOT_REACHED(); | |
188 return true; | |
189 } | |
190 | |
65 bool MixedContentChecker::canDisplayInsecureContentInternal(SecurityOrigin* secu rityOrigin, const KURL& url, const MixedContentType type) const | 191 bool MixedContentChecker::canDisplayInsecureContentInternal(SecurityOrigin* secu rityOrigin, const KURL& url, const MixedContentType type) const |
66 { | 192 { |
67 // Check the top frame if it differs from MixedContentChecker's m_frame. | 193 // Check the top frame if it differs from MixedContentChecker's m_frame. |
68 if (!m_frame->tree().top()->isLocalFrame()) { | 194 if (!m_frame->tree().top()->isLocalFrame()) { |
69 // FIXME: We need a way to access the top-level frame's MixedContentChec ker when that frame | 195 // FIXME: We need a way to access the top-level frame's MixedContentChec ker when that frame |
70 // is in a different process from the current frame. Until that is done, we always allow | 196 // is in a different process from the current frame. Until that is done, we always allow |
71 // loads in remote frames. | 197 // loads in remote frames. |
72 return false; | 198 return false; |
73 } | 199 } |
74 Frame* top = m_frame->tree().top(); | 200 Frame* top = m_frame->tree().top(); |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
165 break; | 291 break; |
166 case Submission: | 292 case Submission: |
167 message.append("is submitting data to an insecure location at '" + targe t.elidedString() + "': this content should also be submitted over HTTPS.\n"); | 293 message.append("is submitting data to an insecure location at '" + targe t.elidedString() + "': this content should also be submitted over HTTPS.\n"); |
168 break; | 294 break; |
169 } | 295 } |
170 MessageLevel messageLevel = allowed ? WarningMessageLevel : ErrorMessageLeve l; | 296 MessageLevel messageLevel = allowed ? WarningMessageLevel : ErrorMessageLeve l; |
171 m_frame->document()->addConsoleMessage(ConsoleMessage::create(SecurityMessag eSource, messageLevel, message.toString())); | 297 m_frame->document()->addConsoleMessage(ConsoleMessage::create(SecurityMessag eSource, messageLevel, message.toString())); |
172 } | 298 } |
173 | 299 |
174 } // namespace blink | 300 } // namespace blink |
OLD | NEW |