content/browser/service_worker/service_worker_dispatcher_host.cc - Issue 618113005: Kill renderers that dink with Service Workers from non-secure origins.

Unified Diff: content/browser/service_worker/service_worker_dispatcher_host.cc

Issue 618113005: Kill renderers that dink with Service Workers from non-secure origins. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « no previous file | content/browser/service_worker/service_worker_dispatcher_host_unittest.cc » ('j') | content/browser/service_worker/service_worker_dispatcher_host_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/service_worker/service_worker_dispatcher_host.cc

diff --git a/content/browser/service_worker/service_worker_dispatcher_host.cc b/content/browser/service_worker/service_worker_dispatcher_host.cc

index 29017a4ce4dbb58774f2be5bab84ea6c74389ae9..49f3c8394f89c08886e254295bc6107e8080c92c 100644

--- a/content/browser/service_worker/service_worker_dispatcher_host.cc

+++ b/content/browser/service_worker/service_worker_dispatcher_host.cc

@@ -19,6 +19,7 @@

#include "content/common/service_worker/embedded_worker_messages.h"

#include "content/common/service_worker/service_worker_messages.h"

#include "ipc/ipc_message_macros.h"

+#include "net/base/net_util.h"

#include "third_party/WebKit/public/platform/WebServiceWorkerError.h"

#include "url/gurl.h"

@@ -36,30 +37,41 @@ const uint32 kFilteredMessageClasses[] = {

EmbeddedWorkerMsgStart,

};

-// TODO(dominicc): When crbug.com/362214 is fixed, make

-// Can(R|Unr)egisterServiceWorker also check that these are secure

-// origins to defend against compromised renderers.

+bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) {

+ return url_a.GetOrigin() == url_b.GetOrigin() &&

+ url_a.GetOrigin() == url_c.GetOrigin();

+// TODO(dominicc): When crbug.com/362214 is fixed use that to be

+// consistent with Blink's

+// SecurityOrigin::canAccessFeatureRequiringSecureOrigin.

+bool OriginCanAccessServiceWorkers(const GURL& url) {

+ return url.SchemeIsSecure() || net::IsLocalhost(url.host());

bool CanRegisterServiceWorker(const GURL& document_url,

const GURL& pattern,

const GURL& script_url) {

// TODO: Respect Chrome's content settings, if we add a setting for

// controlling whether Service Worker is allowed.

- return document_url.GetOrigin() == pattern.GetOrigin() &&

- document_url.GetOrigin() == script_url.GetOrigin();

+ return AllOriginsMatch(document_url, pattern, script_url) &&

+ OriginCanAccessServiceWorkers(document_url);

}

bool CanUnregisterServiceWorker(const GURL& document_url,

const GURL& pattern) {

// TODO: Respect Chrome's content settings, if we add a setting for

// controlling whether Service Worker is allowed.

- return document_url.GetOrigin() == pattern.GetOrigin();

+ return document_url.GetOrigin() == pattern.GetOrigin() &&

+ OriginCanAccessServiceWorkers(document_url);

}

bool CanGetRegistration(const GURL& document_url,

const GURL& given_document_url) {

// TODO: Respect Chrome's content settings, if we add a setting for

// controlling whether Service Worker is allowed.

- return document_url.GetOrigin() == given_document_url.GetOrigin();

+ return document_url.GetOrigin() == given_document_url.GetOrigin() &&

+ OriginCanAccessServiceWorkers(document_url);

}

} // namespace