Chromium Code Reviews Chromium Code Reviews
Issue 618113005:
Kill renderers that dink with Service Workers from non-secure origins. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" | 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" |
| 6 | 6 |
| 7 #include "base/debug/trace_event.h" | 7 #include "base/debug/trace_event.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "content/browser/message_port_message_filter.h" | 10 #include "content/browser/message_port_message_filter.h" |
| 11 #include "content/browser/message_port_service.h" | 11 #include "content/browser/message_port_service.h" |
| 12 #include "content/browser/service_worker/embedded_worker_registry.h" | 12 #include "content/browser/service_worker/embedded_worker_registry.h" |
| 13 #include "content/browser/service_worker/service_worker_context_core.h" | 13 #include "content/browser/service_worker/service_worker_context_core.h" |
| 14 #include "content/browser/service_worker/service_worker_context_wrapper.h" | 14 #include "content/browser/service_worker/service_worker_context_wrapper.h" |
| 15 #include "content/browser/service_worker/service_worker_handle.h" | 15 #include "content/browser/service_worker/service_worker_handle.h" |
| 16 #include "content/browser/service_worker/service_worker_registration.h" | 16 #include "content/browser/service_worker/service_worker_registration.h" |
| 17 #include "content/browser/service_worker/service_worker_registration_handle.h" | 17 #include "content/browser/service_worker/service_worker_registration_handle.h" |
| 18 #include "content/browser/service_worker/service_worker_utils.h" | 18 #include "content/browser/service_worker/service_worker_utils.h" |
| 19 #include "content/common/service_worker/embedded_worker_messages.h" | 19 #include "content/common/service_worker/embedded_worker_messages.h" |
| 20 #include "content/common/service_worker/service_worker_messages.h" | 20 #include "content/common/service_worker/service_worker_messages.h" |
| 21 #include "ipc/ipc_message_macros.h" | 21 #include "ipc/ipc_message_macros.h" |
| 22 #include "net/base/net_util.h" | |
| 22 #include "third_party/WebKit/public/platform/WebServiceWorkerError.h" | 23 #include "third_party/WebKit/public/platform/WebServiceWorkerError.h" |
| 23 #include "url/gurl.h" | 24 #include "url/gurl.h" |
| 24 | 25 |
| 25 using blink::WebServiceWorkerError; | 26 using blink::WebServiceWorkerError; |
| 26 | 27 |
| 27 namespace content { | 28 namespace content { |
| 28 | 29 |
| 29 namespace { | 30 namespace { |
| 30 | 31 |
| 31 const char kShutdownErrorMessage[] = | 32 const char kShutdownErrorMessage[] = |
| 32 "The Service Worker system has shutdown."; | 33 "The Service Worker system has shutdown."; |
| 33 | 34 |
| 34 const uint32 kFilteredMessageClasses[] = { | 35 const uint32 kFilteredMessageClasses[] = { |
| 35 ServiceWorkerMsgStart, | 36 ServiceWorkerMsgStart, |
| 36 EmbeddedWorkerMsgStart, | 37 EmbeddedWorkerMsgStart, |
| 37 }; | 38 }; |
| 38 | 39 |
| 39 // TODO(dominicc): When crbug.com/362214 is fixed, make | 40 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { |
| 40 // Can(R|Unr)egisterServiceWorker also check that these are secure | 41 return url_a.GetOrigin() == url_b.GetOrigin() && |
| 41 // origins to defend against compromised renderers. | 42 url_a.GetOrigin() == url_c.GetOrigin(); |
| 43 } | |
| 44 | |
| 45 // TODO(dominicc): When crbug.com/362214 is fixed use that to be | |
| 46 // consistent with Blink's | |
| 47 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin. | |
| 48 bool OriginCanAccessServiceWorkers(const GURL& url) { | |
| 49 return url.SchemeIsSecure() || net::IsLocalhost(url.host()); | |
|
michaeln
2014/10/02 23:00:25
This allows filesystem: urls and wss: urls. All be
| |
| 50 } | |
| 51 | |
| 42 bool CanRegisterServiceWorker(const GURL& document_url, | 52 bool CanRegisterServiceWorker(const GURL& document_url, |
| 43 const GURL& pattern, | 53 const GURL& pattern, |
| 44 const GURL& script_url) { | 54 const GURL& script_url) { |
| 45 // TODO: Respect Chrome's content settings, if we add a setting for | 55 // TODO: Respect Chrome's content settings, if we add a setting for |
| 46 // controlling whether Service Worker is allowed. | 56 // controlling whether Service Worker is allowed. |
| 47 return document_url.GetOrigin() == pattern.GetOrigin() && | 57 return AllOriginsMatch(document_url, pattern, script_url) && |
| 48 document_url.GetOrigin() == script_url.GetOrigin(); | 58 OriginCanAccessServiceWorkers(document_url); |
| 49 } | 59 } |
| 50 | 60 |
| 51 bool CanUnregisterServiceWorker(const GURL& document_url, | 61 bool CanUnregisterServiceWorker(const GURL& document_url, |
| 52 const GURL& pattern) { | 62 const GURL& pattern) { |
| 53 // TODO: Respect Chrome's content settings, if we add a setting for | 63 // TODO: Respect Chrome's content settings, if we add a setting for |
| 54 // controlling whether Service Worker is allowed. | 64 // controlling whether Service Worker is allowed. |
| 55 return document_url.GetOrigin() == pattern.GetOrigin(); | 65 return document_url.GetOrigin() == pattern.GetOrigin() && |
| 66 OriginCanAccessServiceWorkers(document_url); | |
| 56 } | 67 } |
| 57 | 68 |
| 58 bool CanGetRegistration(const GURL& document_url, | 69 bool CanGetRegistration(const GURL& document_url, |
| 59 const GURL& given_document_url) { | 70 const GURL& given_document_url) { |
| 60 // TODO: Respect Chrome's content settings, if we add a setting for | 71 // TODO: Respect Chrome's content settings, if we add a setting for |
| 61 // controlling whether Service Worker is allowed. | 72 // controlling whether Service Worker is allowed. |
| 62 return document_url.GetOrigin() == given_document_url.GetOrigin(); | 73 return document_url.GetOrigin() == given_document_url.GetOrigin() && |
| 74 OriginCanAccessServiceWorkers(document_url); | |
| 63 } | 75 } |
| 64 | 76 |
| 65 } // namespace | 77 } // namespace |
| 66 | 78 |
| 67 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( | 79 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( |
| 68 int render_process_id, | 80 int render_process_id, |
| 69 MessagePortMessageFilter* message_port_message_filter) | 81 MessagePortMessageFilter* message_port_message_filter) |
| 70 : BrowserMessageFilter(kFilteredMessageClasses, | 82 : BrowserMessageFilter(kFilteredMessageClasses, |
| 71 arraysize(kFilteredMessageClasses)), | 83 arraysize(kFilteredMessageClasses)), |
| 72 render_process_id_(render_process_id), | 84 render_process_id_(render_process_id), |
| (...skipping 677 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 750 status, &error_type, &error_message); | 762 status, &error_type, &error_message); |
| 751 Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError( | 763 Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError( |
| 752 thread_id, request_id, error_type, error_message)); | 764 thread_id, request_id, error_type, error_message)); |
| 753 } | 765 } |
| 754 | 766 |
| 755 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() { | 767 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() { |
| 756 return context_wrapper_->context(); | 768 return context_wrapper_->context(); |
| 757 } | 769 } |
| 758 | 770 |
| 759 } // namespace content | 771 } // namespace content |
| OLD | NEW |
