[ServiceWorker] Introduce the directory restriction of ServiceWorker scope in chromium side.

content/browser/service_worker/service_worker_dispatcher_host.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/service_worker/service_worker_dispatcher_host.h"
 
 #include "base/debug/trace_event.h"
 #include "base/logging.h"
 #include "base/strings/utf_string_conversions.h"
 #include "content/browser/message_port_message_filter.h"
@@ skipping 34 matching lines @@
          url_a.GetOrigin() == url_c.GetOrigin();
 }
 
 // TODO(dominicc): When crbug.com/362214 is fixed use that to be
 // consistent with Blink's
 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin.
 bool OriginCanAccessServiceWorkers(const GURL& url) {
   return url.SchemeIsSecure() || net::IsLocalhost(url.host());
 }
 
+bool CheckPatternIsUnderTheScriptDirectory(const GURL& pattern,
+                                           const GURL& script_url) {
+  size_t slash_pos = script_url.spec().rfind('/');
+  if (slash_pos == std::string::npos)
+    return false;
+  return pattern.spec().compare(
+             0, slash_pos + 1, script_url.spec(), 0, slash_pos + 1) == 0;

[falken, 2014/10/27 03:54:17]

i think this can just be: pattern.spec().compare(0, slash_pos + 1,
script_url.spec())

[horo, 2014/10/27 09:14:12]

No. We need subpos and sublen.
http://www.cplusplus.com/reference/string/string/compare/

[falken, 2014/10/28 00:55:45]

Ah, my mistake. I thought if they were the same as pos and len they'd have no
effect.

+}
+
 bool CanRegisterServiceWorker(const GURL& document_url,
                               const GURL& pattern,
                               const GURL& script_url) {

[falken, 2014/10/27 03:54:17]

Using spec() in this CL reminds me that we should be checking the URLs for
validity. We can't trust the renderer to send valid URLs.

I think we need to add checking here for all the URLs being is_valid(). We could
then also add DCHECKs in the helper functions for is_valid.

Or should that be a separate CL? WDYT?

[horo, 2014/10/27 09:14:12]

Done.

   return AllOriginsMatch(document_url, pattern, script_url) &&
-         OriginCanAccessServiceWorkers(document_url);
+         OriginCanAccessServiceWorkers(document_url) &&
+         CheckPatternIsUnderTheScriptDirectory(pattern, script_url);
 }
 
 bool CanUnregisterServiceWorker(const GURL& document_url,
                                 const GURL& pattern) {

[falken, 2014/10/27 03:54:17]

Check for validity here too.

[horo, 2014/10/27 09:14:12]

Done.

   return document_url.GetOrigin() == pattern.GetOrigin() &&
          OriginCanAccessServiceWorkers(document_url);
 }
 
 bool CanGetRegistration(const GURL& document_url,
                         const GURL& given_document_url) {

[falken, 2014/10/27 03:54:17]

And here

[horo, 2014/10/27 09:14:12]

Done.

   return document_url.GetOrigin() == given_document_url.GetOrigin() &&
          OriginCanAccessServiceWorkers(document_url);
 }
 
 }  // namespace
 
 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost(
     int render_process_id,
     MessagePortMessageFilter* message_port_message_filter,
     ResourceContext* resource_context)
@@ skipping 203 matching lines @@
                  provider_id,
                  request_id));
 }
 
 void ServiceWorkerDispatcherHost::OnUnregisterServiceWorker(
     int thread_id,
     int request_id,
     int provider_id,
     const GURL& pattern) {
   TRACE_EVENT0("ServiceWorker",
                "ServiceWorkerDispatcherHost::OnUnregisterServiceWorker");

[falken, 2014/10/27 03:54:17]

Here too, let's check for validity.

[horo, 2014/10/27 09:14:11]

Done.

   if (!GetContext()) {
     Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError(
         thread_id,
         request_id,
         blink::WebServiceWorkerError::ErrorTypeAbort,
         base::ASCIIToUTF16(kShutdownErrorMessage)));
     return;
   }
 
   ServiceWorkerProviderHost* provider_host = GetContext()->GetProviderHost(
@@ skipping 38 matching lines @@
                  thread_id,
                  request_id));
 }
 
 void ServiceWorkerDispatcherHost::OnGetRegistration(
     int thread_id,
     int request_id,
     int provider_id,
     const GURL& document_url) {
   TRACE_EVENT0("ServiceWorker",
                "ServiceWorkerDispatcherHost::OnGetRegistration");

[falken, 2014/10/27 03:54:17]

And here.

[horo, 2014/10/27 09:14:12]

Done.

   if (!GetContext()) {
     Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError(
         thread_id,
         request_id,
         blink::WebServiceWorkerError::ErrorTypeAbort,
         base::ASCIIToUTF16(kShutdownErrorMessage)));
     return;
   }
 
   ServiceWorkerProviderHost* provider_host = GetContext()->GetProviderHost(
@@ skipping 431 matching lines @@
       status, &error_type, &error_message);
   Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError(
       thread_id, request_id, error_type, error_message));
 }
 
 ServiceWorkerContextCore* ServiceWorkerDispatcherHost::GetContext() {
   return context_wrapper_->context();
 }
 
 }  // namespace content