Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(218)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/modules/serviceworkers/ServiceWorkerContainer.cpp

Issue 835673006: Use caller's document url to resolve scriptURL/patternURL in registerServiceWorker/getRegistration (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Address comments in registration-iframe.html Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « LayoutTests/http/tests/serviceworker/registration-iframe.html ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2013 Google Inc. All rights reserved. 2 * Copyright (C) 2013 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after
112 { 112 {
113 ASSERT(RuntimeEnabledFeatures::serviceWorkerEnabled()); 113 ASSERT(RuntimeEnabledFeatures::serviceWorkerEnabled());
114 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState); 114 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState);
115 ScriptPromise promise = resolver->promise(); 115 ScriptPromise promise = resolver->promise();
116 116
117 if (!m_provider) { 117 if (!m_provider) {
118 resolver->reject(DOMException::create(InvalidStateError, "Failed to regi ster a ServiceWorker: The document is in an invalid state.")); 118 resolver->reject(DOMException::create(InvalidStateError, "Failed to regi ster a ServiceWorker: The document is in an invalid state."));
119 return promise; 119 return promise;
120 } 120 }
121 121
122 // FIXME: This should use the container's execution context, not
123 // the callers.
124 ExecutionContext* executionContext = scriptState->executionContext(); 122 ExecutionContext* executionContext = scriptState->executionContext();
125 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin(); 123 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
126 String errorMessage; 124 String errorMessage;
127 if (!documentOrigin->canAccessFeatureRequiringSecureOrigin(errorMessage)) { 125 if (!documentOrigin->canAccessFeatureRequiringSecureOrigin(errorMessage)) {
128 resolver->reject(DOMException::create(NotSupportedError, errorMessage)); 126 resolver->reject(DOMException::create(NotSupportedError, errorMessage));
129 return promise; 127 return promise;
130 } 128 }
131 129
132 KURL pageURL = KURL(KURL(), documentOrigin->toString()); 130 KURL pageURL = KURL(KURL(), documentOrigin->toString());
133 if (!pageURL.protocolIsInHTTPFamily()) { 131 if (!pageURL.protocolIsInHTTPFamily()) {
134 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the current origin ('" + documentOrigin->t oString() + "') is not supported.")); 132 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the current origin ('" + documentOrigin->t oString() + "') is not supported."));
135 return promise; 133 return promise;
136 } 134 }
137 135
138 KURL scriptURL = executionContext->completeURL(url); 136 KURL scriptURL = callingExecutionContext(scriptState->isolate())->completeUR L(url);
139 scriptURL.removeFragmentIdentifier(); 137 scriptURL.removeFragmentIdentifier();
140 if (!documentOrigin->canRequest(scriptURL)) { 138 if (!documentOrigin->canRequest(scriptURL)) {
141 RefPtr<SecurityOrigin> scriptOrigin = SecurityOrigin::create(scriptURL); 139 RefPtr<SecurityOrigin> scriptOrigin = SecurityOrigin::create(scriptURL);
142 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The origin of the provided scriptURL ('" + scriptOrigin->toStr ing() + "') does not match the current origin ('" + documentOrigin->toString() + "').")); 140 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The origin of the provided scriptURL ('" + scriptOrigin->toStr ing() + "') does not match the current origin ('" + documentOrigin->toString() + "')."));
143 return promise; 141 return promise;
144 } 142 }
145 if (!scriptURL.protocolIsInHTTPFamily()) { 143 if (!scriptURL.protocolIsInHTTPFamily()) {
146 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the script ('" + scriptURL.string() + "') is not supported.")); 144 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the script ('" + scriptURL.string() + "') is not supported."));
147 return promise; 145 return promise;
148 } 146 }
149 147
150 KURL patternURL; 148 KURL patternURL;
151 if (options.scope().isNull()) 149 if (options.scope().isNull())
152 patternURL = KURL(scriptURL, "./"); 150 patternURL = KURL(scriptURL, "./");
153 else 151 else
154 patternURL = executionContext->completeURL(options.scope()); 152 patternURL = callingExecutionContext(scriptState->isolate())->completeUR L(options.scope());
155 patternURL.removeFragmentIdentifier(); 153 patternURL.removeFragmentIdentifier();
156 154
157 if (!documentOrigin->canRequest(patternURL)) { 155 if (!documentOrigin->canRequest(patternURL)) {
158 RefPtr<SecurityOrigin> patternOrigin = SecurityOrigin::create(patternURL ); 156 RefPtr<SecurityOrigin> patternOrigin = SecurityOrigin::create(patternURL );
159 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The origin of the provided scope ('" + patternOrigin->toString () + "') does not match the current origin ('" + documentOrigin->toString() + "' ).")); 157 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The origin of the provided scope ('" + patternOrigin->toString () + "') does not match the current origin ('" + documentOrigin->toString() + "' )."));
160 return promise; 158 return promise;
161 } 159 }
162 if (!patternURL.protocolIsInHTTPFamily()) { 160 if (!patternURL.protocolIsInHTTPFamily()) {
163 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the scope ('" + patternURL.string() + "') is not supported.")); 161 resolver->reject(DOMException::create(SecurityError, "Failed to register a ServiceWorker: The URL protocol of the scope ('" + patternURL.string() + "') is not supported."));
164 return promise; 162 return promise;
(...skipping 21 matching lines...) Expand all
186 { 184 {
187 ASSERT(RuntimeEnabledFeatures::serviceWorkerEnabled()); 185 ASSERT(RuntimeEnabledFeatures::serviceWorkerEnabled());
188 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState); 186 RefPtrWillBeRawPtr<ScriptPromiseResolver> resolver = ScriptPromiseResolver:: create(scriptState);
189 ScriptPromise promise = resolver->promise(); 187 ScriptPromise promise = resolver->promise();
190 188
191 if (!m_provider) { 189 if (!m_provider) {
192 resolver->reject(DOMException::create(InvalidStateError, "Failed to get a ServiceWorkerRegistration: The document is in an invalid state.")); 190 resolver->reject(DOMException::create(InvalidStateError, "Failed to get a ServiceWorkerRegistration: The document is in an invalid state."));
193 return promise; 191 return promise;
194 } 192 }
195 193
196 // FIXME: This should use the container's execution context, not
197 // the callers.
198 ExecutionContext* executionContext = scriptState->executionContext(); 194 ExecutionContext* executionContext = scriptState->executionContext();
199 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin(); 195 RefPtr<SecurityOrigin> documentOrigin = executionContext->securityOrigin();
200 String errorMessage; 196 String errorMessage;
201 if (!documentOrigin->canAccessFeatureRequiringSecureOrigin(errorMessage)) { 197 if (!documentOrigin->canAccessFeatureRequiringSecureOrigin(errorMessage)) {
202 resolver->reject(DOMException::create(NotSupportedError, errorMessage)); 198 resolver->reject(DOMException::create(NotSupportedError, errorMessage));
203 return promise; 199 return promise;
204 } 200 }
205 201
206 KURL pageURL = KURL(KURL(), documentOrigin->toString()); 202 KURL pageURL = KURL(KURL(), documentOrigin->toString());
207 if (!pageURL.protocolIsInHTTPFamily()) { 203 if (!pageURL.protocolIsInHTTPFamily()) {
208 resolver->reject(DOMException::create(SecurityError, "Failed to get a Se rviceWorkerRegistration: The URL protocol of the current origin ('" + documentOr igin->toString() + "') is not supported.")); 204 resolver->reject(DOMException::create(SecurityError, "Failed to get a Se rviceWorkerRegistration: The URL protocol of the current origin ('" + documentOr igin->toString() + "') is not supported."));
209 return promise; 205 return promise;
210 } 206 }
211 207
212 KURL completedURL = executionContext->completeURL(documentURL); 208 KURL completedURL = callingExecutionContext(scriptState->isolate())->complet eURL(documentURL);
213 completedURL.removeFragmentIdentifier(); 209 completedURL.removeFragmentIdentifier();
214 if (!documentOrigin->canRequest(completedURL)) { 210 if (!documentOrigin->canRequest(completedURL)) {
215 RefPtr<SecurityOrigin> documentURLOrigin = SecurityOrigin::create(comple tedURL); 211 RefPtr<SecurityOrigin> documentURLOrigin = SecurityOrigin::create(comple tedURL);
216 resolver->reject(DOMException::create(SecurityError, "Failed to get a Se rviceWorkerRegistration: The origin of the provided documentURL ('" + documentUR LOrigin->toString() + "') does not match the current origin ('" + documentOrigin ->toString() + "').")); 212 resolver->reject(DOMException::create(SecurityError, "Failed to get a Se rviceWorkerRegistration: The origin of the provided documentURL ('" + documentUR LOrigin->toString() + "') does not match the current origin ('" + documentOrigin ->toString() + "')."));
217 return promise; 213 return promise;
218 } 214 }
219 m_provider->getRegistration(completedURL, new GetRegistrationCallback(resolv er)); 215 m_provider->getRegistration(completedURL, new GetRegistrationCallback(resolv er));
220 216
221 return promise; 217 return promise;
222 } 218 }
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after
325 m_ready = createReadyProperty(); 321 m_ready = createReadyProperty();
326 322
327 if (ServiceWorkerContainerClient* client = ServiceWorkerContainerClient::fro m(executionContext)) { 323 if (ServiceWorkerContainerClient* client = ServiceWorkerContainerClient::fro m(executionContext)) {
328 m_provider = client->provider(); 324 m_provider = client->provider();
329 if (m_provider) 325 if (m_provider)
330 m_provider->setClient(this); 326 m_provider->setClient(this);
331 } 327 }
332 } 328 }
333 329
334 } // namespace blink 330 } // namespace blink
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/serviceworker/registration-iframe.html ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698