Make ContentSettingsObserver security checks work with OOPIF.

chrome/renderer/content_settings_observer.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/content_settings_observer.h"
 
 #include "base/command_line.h"
 #include "base/metrics/histogram.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/render_messages.h"
@@ skipping 97 matching lines @@
 static const char kGoogleDotCom[] = "google.com";
 
 static bool IsHostInDomain(const std::string& host, const std::string& domain) {
   return (EndsWith(host, domain, false) &&
           (host.length() == domain.length() ||
            (host.length() > domain.length() &&
             host[host.length() - domain.length() - 1] == '.')));
 }
 
 GURL GetOriginOrURL(const WebFrame* frame) {
-  WebString top_origin = frame->top()->document().securityOrigin().toString();
-  // The the |top_origin| is unique ("null") e.g., for file:// URLs. Use the
+  WebString top_origin = frame->top()->securityOrigin().toString();

[markusheintz_, 2014/12/16 13:04:43]

What security origin are you using for file URLs?

GURL returns null as origin for file URL (unless this was changed).

[alexmos, 2014/12/16 20:13:26]

Correct, file URLs will result in a "null" origin returned from
WebSecurityOrigin::toString().  We haven't changed that behavior for local or
remote frames; both will still return "null" in this case, and hence the need
for the TODO below.  

Based on your comments in the other thread, we will want to replace
frame->top()->document().url() with something that works in --site-per-process. 
If there's no other way, we can replicate the top frame's file path when the top
frame is at a file URL and use it here.  I'd like to leave this for another CL
though, and keep this one for fixing all uses of frame origins.

+  // The |top_origin| is unique ("null") e.g., for file:// URLs. Use the
   // document URL as the primary URL in those cases.
+  // TODO(alexmos): This is broken for --site-per-process, since top() can be a
+  // WebRemoteFrame which does not have a document(), and the WebRemoteFrame's
+  // URL is not replicated.
   if (top_origin == "null")
     return frame->top()->document().url();
   return GURL(top_origin);
 }
 
 ContentSetting GetContentSettingFromRules(
     const ContentSettingsForOneType& rules,
     const WebFrame* frame,
     const GURL& secondary_url) {
   ContentSettingsForOneType::const_iterator it;
@@ skipping 131 matching lines @@
   // If we start failing this DCHECK, please makes sure we don't regress
   // this bug: http://code.google.com/p/chromium/issues/detail?id=79304
   DCHECK(frame->document().securityOrigin().toString() == "null" ||
          !url.SchemeIs(url::kDataScheme));
 }
 
 bool ContentSettingsObserver::allowDatabase(const WebString& name,
                                             const WebString& display_name,
                                             unsigned long estimated_size) {
   WebFrame* frame = render_frame()->GetWebFrame();
-  if (frame->document().securityOrigin().isUnique() ||
-      frame->top()->document().securityOrigin().isUnique())
+  if (frame->securityOrigin().isUnique() ||
+      frame->top()->securityOrigin().isUnique())
     return false;
 
   bool result = false;
   Send(new ChromeViewHostMsg_AllowDatabase(
-      routing_id(), GURL(frame->document().securityOrigin().toString()),
-      GURL(frame->top()->document().securityOrigin().toString()),
-      name, display_name, &result));
+      routing_id(), GURL(frame->securityOrigin().toString()),
+      GURL(frame->top()->securityOrigin().toString()), name, display_name,
+      &result));
   return result;
 }
 
 void ContentSettingsObserver::requestFileSystemAccessAsync(
     const WebPermissionCallbacks& callbacks) {
   WebFrame* frame = render_frame()->GetWebFrame();
-  if (frame->document().securityOrigin().isUnique() ||
-      frame->top()->document().securityOrigin().isUnique()) {
+  if (frame->securityOrigin().isUnique() ||
+      frame->top()->securityOrigin().isUnique()) {
     WebPermissionCallbacks permissionCallbacks(callbacks);
     permissionCallbacks.doDeny();
     return;
   }
   ++current_request_id_;
   std::pair<PermissionRequestMap::iterator, bool> insert_result =
       permission_requests_.insert(
           std::make_pair(current_request_id_, callbacks));
 
   // Verify there are no duplicate insertions.
   DCHECK(insert_result.second);
 
   Send(new ChromeViewHostMsg_RequestFileSystemAccessAsync(
-      routing_id(),
-      current_request_id_,
-      GURL(frame->document().securityOrigin().toString()),
-      GURL(frame->top()->document().securityOrigin().toString())));
+      routing_id(), current_request_id_,
+      GURL(frame->securityOrigin().toString()),
+      GURL(frame->top()->securityOrigin().toString())));
 }
 
 bool ContentSettingsObserver::allowImage(bool enabled_per_settings,
                                          const WebURL& image_url) {
   bool allow = enabled_per_settings;
   if (enabled_per_settings) {
     if (is_interstitial_page_)
       return true;
 
     if (IsWhitelistedForContentSettings(render_frame()))
       return true;
 
     if (content_setting_rules_) {
       GURL secondary_url(image_url);
       allow =
           GetContentSettingFromRules(content_setting_rules_->image_rules,
                                      render_frame()->GetWebFrame(),
                                      secondary_url) != CONTENT_SETTING_BLOCK;
     }
   }
   if (!allow)
     DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES);
   return allow;
 }
 
 bool ContentSettingsObserver::allowIndexedDB(const WebString& name,
                                              const WebSecurityOrigin& origin) {
   WebFrame* frame = render_frame()->GetWebFrame();
-  if (frame->document().securityOrigin().isUnique() ||
-      frame->top()->document().securityOrigin().isUnique())
+  if (frame->securityOrigin().isUnique() ||
+      frame->top()->securityOrigin().isUnique())
     return false;
 
   bool result = false;
   Send(new ChromeViewHostMsg_AllowIndexedDB(
-      routing_id(), GURL(frame->document().securityOrigin().toString()),
-      GURL(frame->top()->document().securityOrigin().toString()),
-      name, &result));
+      routing_id(), GURL(frame->securityOrigin().toString()),
+      GURL(frame->top()->securityOrigin().toString()), name, &result));
   return result;
 }
 
 bool ContentSettingsObserver::allowPlugins(bool enabled_per_settings) {
   return enabled_per_settings;
 }
 
 bool ContentSettingsObserver::allowScript(bool enabled_per_settings) {
   if (!enabled_per_settings)
     return false;
@@ skipping 37 matching lines @@
         GetContentSettingFromRules(content_setting_rules_->script_rules,
                                    render_frame()->GetWebFrame(),
                                    GURL(script_url));
     allow = setting != CONTENT_SETTING_BLOCK;
   }
   return allow || IsWhitelistedForContentSettings(render_frame());
 }
 
 bool ContentSettingsObserver::allowStorage(bool local) {
   WebFrame* frame = render_frame()->GetWebFrame();
-  if (frame->document().securityOrigin().isUnique() ||
-      frame->top()->document().securityOrigin().isUnique())
+  if (frame->securityOrigin().isUnique() ||
+      frame->top()->securityOrigin().isUnique())
     return false;
   bool result = false;
 
   StoragePermissionsKey key(
       GURL(frame->document().securityOrigin().toString()), local);
   std::map<StoragePermissionsKey, bool>::const_iterator permissions =
       cached_storage_permissions_.find(key);
   if (permissions != cached_storage_permissions_.end())
     return permissions->second;
 
   Send(new ChromeViewHostMsg_AllowDOMStorage(
-      routing_id(), GURL(frame->document().securityOrigin().toString()),
-      GURL(frame->top()->document().securityOrigin().toString()),
-      local, &result));
+      routing_id(), GURL(frame->securityOrigin().toString()),
+      GURL(frame->top()->securityOrigin().toString()), local, &result));
   cached_storage_permissions_[key] = result;
   return result;
 }
 
 bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) {
   bool allowed = false;
 #if defined(ENABLE_EXTENSIONS)
   extensions::ScriptContext* calling_context =
       extension_dispatcher_->script_context_set().GetCalling();
   if (calling_context) {
@@ skipping 297 matching lines @@
 
   // If the scheme is file:, an empty file name indicates a directory listing,
   // which requires JavaScript to function properly.
   if (EqualsASCII(origin.protocol(), url::kFileScheme)) {
     return document_url.SchemeIs(url::kFileScheme) &&
            document_url.ExtractFileName().empty();
   }
 
   return false;
 }