OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" | 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/strings/utf_string_conversions.h" | 8 #include "base/strings/utf_string_conversions.h" |
9 #include "base/trace_event/trace_event.h" | 9 #include "base/trace_event/trace_event.h" |
10 #include "content/browser/message_port_message_filter.h" | 10 #include "content/browser/message_port_message_filter.h" |
(...skipping 16 matching lines...) Expand all Loading... |
27 #include "url/gurl.h" | 27 #include "url/gurl.h" |
28 | 28 |
29 using blink::WebServiceWorkerError; | 29 using blink::WebServiceWorkerError; |
30 | 30 |
31 namespace content { | 31 namespace content { |
32 | 32 |
33 namespace { | 33 namespace { |
34 | 34 |
35 const char kNoDocumentURLErrorMessage[] = | 35 const char kNoDocumentURLErrorMessage[] = |
36 "No URL is associated with the caller's document."; | 36 "No URL is associated with the caller's document."; |
| 37 const char kDisallowedURLErrorMessage[] = |
| 38 "The URL is not supported."; |
37 const char kShutdownErrorMessage[] = | 39 const char kShutdownErrorMessage[] = |
38 "The Service Worker system has shutdown."; | 40 "The Service Worker system has shutdown."; |
39 const char kUserDeniedPermissionMessage[] = | 41 const char kUserDeniedPermissionMessage[] = |
40 "The user denied permission to use Service Worker."; | 42 "The user denied permission to use Service Worker."; |
41 | 43 |
42 const uint32 kFilteredMessageClasses[] = { | 44 const uint32 kFilteredMessageClasses[] = { |
43 ServiceWorkerMsgStart, | 45 ServiceWorkerMsgStart, |
44 EmbeddedWorkerMsgStart, | 46 EmbeddedWorkerMsgStart, |
45 }; | 47 }; |
46 | 48 |
47 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { | 49 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { |
48 return url_a.GetOrigin() == url_b.GetOrigin() && | 50 return url_a.GetOrigin() == url_b.GetOrigin() && |
49 url_a.GetOrigin() == url_c.GetOrigin(); | 51 url_a.GetOrigin() == url_c.GetOrigin(); |
50 } | 52 } |
51 | 53 |
52 // TODO(dominicc): When crbug.com/362214 is fixed use that to be | 54 // TODO(dominicc): When crbug.com/362214 is fixed use that to be |
53 // consistent with Blink's | 55 // consistent with Blink's |
54 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin. | 56 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin. |
55 bool OriginCanAccessServiceWorkers(const GURL& url) { | 57 bool OriginCanAccessServiceWorkers(const GURL& url) { |
56 return url.SchemeIsSecure() || net::IsLocalhost(url.host()); | 58 return url.SchemeIsHTTPOrHTTPS() && |
| 59 (url.SchemeIsSecure() || net::IsLocalhost(url.host())); |
57 } | 60 } |
58 | 61 |
59 bool CanRegisterServiceWorker(const GURL& document_url, | 62 bool CanRegisterServiceWorker(const GURL& document_url, |
60 const GURL& pattern, | 63 const GURL& pattern, |
61 const GURL& script_url) { | 64 const GURL& script_url) { |
62 DCHECK(document_url.is_valid()); | 65 DCHECK(document_url.is_valid()); |
63 DCHECK(pattern.is_valid()); | 66 DCHECK(pattern.is_valid()); |
64 DCHECK(script_url.is_valid()); | 67 DCHECK(script_url.is_valid()); |
65 return AllOriginsMatch(document_url, pattern, script_url) && | 68 return AllOriginsMatch(document_url, pattern, script_url) && |
66 OriginCanAccessServiceWorkers(document_url); | 69 OriginCanAccessServiceWorkers(document_url) && |
| 70 OriginCanAccessServiceWorkers(pattern) && |
| 71 OriginCanAccessServiceWorkers(script_url); |
67 } | 72 } |
68 | 73 |
69 bool CanUnregisterServiceWorker(const GURL& document_url, | 74 bool CanUnregisterServiceWorker(const GURL& document_url, |
70 const GURL& pattern) { | 75 const GURL& pattern) { |
71 DCHECK(document_url.is_valid()); | 76 DCHECK(document_url.is_valid()); |
72 DCHECK(pattern.is_valid()); | 77 DCHECK(pattern.is_valid()); |
73 return document_url.GetOrigin() == pattern.GetOrigin() && | 78 return document_url.GetOrigin() == pattern.GetOrigin() && |
74 OriginCanAccessServiceWorkers(document_url); | 79 OriginCanAccessServiceWorkers(document_url) && |
| 80 OriginCanAccessServiceWorkers(pattern); |
75 } | 81 } |
76 | 82 |
77 bool CanGetRegistration(const GURL& document_url, | 83 bool CanGetRegistration(const GURL& document_url, |
78 const GURL& given_document_url) { | 84 const GURL& given_document_url) { |
79 DCHECK(document_url.is_valid()); | 85 DCHECK(document_url.is_valid()); |
80 DCHECK(given_document_url.is_valid()); | 86 DCHECK(given_document_url.is_valid()); |
81 return document_url.GetOrigin() == given_document_url.GetOrigin() && | 87 return document_url.GetOrigin() == given_document_url.GetOrigin() && |
82 OriginCanAccessServiceWorkers(document_url); | 88 OriginCanAccessServiceWorkers(document_url) && |
| 89 OriginCanAccessServiceWorkers(given_document_url); |
83 } | 90 } |
84 | 91 |
85 } // namespace | 92 } // namespace |
86 | 93 |
87 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( | 94 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( |
88 int render_process_id, | 95 int render_process_id, |
89 MessagePortMessageFilter* message_port_message_filter, | 96 MessagePortMessageFilter* message_port_message_filter, |
90 ResourceContext* resource_context) | 97 ResourceContext* resource_context) |
91 : BrowserMessageFilter(kFilteredMessageClasses, | 98 : BrowserMessageFilter(kFilteredMessageClasses, |
92 arraysize(kFilteredMessageClasses)), | 99 arraysize(kFilteredMessageClasses)), |
(...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
287 if (provider_host->document_url().is_empty()) { | 294 if (provider_host->document_url().is_empty()) { |
288 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( | 295 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( |
289 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, | 296 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
290 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + | 297 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + |
291 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); | 298 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); |
292 return; | 299 return; |
293 } | 300 } |
294 | 301 |
295 if (!CanRegisterServiceWorker( | 302 if (!CanRegisterServiceWorker( |
296 provider_host->document_url(), pattern, script_url)) { | 303 provider_host->document_url(), pattern, script_url)) { |
297 BadMessageReceived(); | 304 // TODO(kinuko): Change this back to BadMessageReceived() once we start |
| 305 // to check these in the renderer too. (http://crbug.com/453982) |
| 306 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( |
| 307 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
| 308 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + |
| 309 base::ASCIIToUTF16(kDisallowedURLErrorMessage))); |
298 return; | 310 return; |
299 } | 311 } |
300 | 312 |
301 std::string error_message; | 313 std::string error_message; |
302 if (ServiceWorkerUtils::ContainsDisallowedCharacter(pattern, script_url, | 314 if (ServiceWorkerUtils::ContainsDisallowedCharacter(pattern, script_url, |
303 &error_message)) { | 315 &error_message)) { |
304 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( | 316 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( |
305 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, | 317 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
306 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + | 318 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + |
307 base::UTF8ToUTF16(error_message))); | 319 base::UTF8ToUTF16(error_message))); |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
372 if (provider_host->document_url().is_empty()) { | 384 if (provider_host->document_url().is_empty()) { |
373 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( | 385 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( |
374 thread_id, | 386 thread_id, |
375 request_id, | 387 request_id, |
376 WebServiceWorkerError::ErrorTypeSecurity, | 388 WebServiceWorkerError::ErrorTypeSecurity, |
377 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); | 389 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); |
378 return; | 390 return; |
379 } | 391 } |
380 | 392 |
381 if (!CanUnregisterServiceWorker(provider_host->document_url(), pattern)) { | 393 if (!CanUnregisterServiceWorker(provider_host->document_url(), pattern)) { |
382 BadMessageReceived(); | 394 // TODO(kinuko): Change this back to BadMessageReceived() once we start |
| 395 // to check these in the renderer too. (http://crbug.com/453982) |
| 396 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( |
| 397 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
| 398 base::ASCIIToUTF16(kServiceWorkerUnregisterErrorPrefix) + |
| 399 base::ASCIIToUTF16(kDisallowedURLErrorMessage))); |
383 return; | 400 return; |
384 } | 401 } |
385 | 402 |
386 if (!GetContentClient()->browser()->AllowServiceWorker( | 403 if (!GetContentClient()->browser()->AllowServiceWorker( |
387 pattern, provider_host->topmost_frame_url(), resource_context_)) { | 404 pattern, provider_host->topmost_frame_url(), resource_context_)) { |
388 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( | 405 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( |
389 thread_id, | 406 thread_id, |
390 request_id, | 407 request_id, |
391 WebServiceWorkerError::ErrorTypeUnknown, | 408 WebServiceWorkerError::ErrorTypeUnknown, |
392 base::ASCIIToUTF16(kUserDeniedPermissionMessage))); | 409 base::ASCIIToUTF16(kUserDeniedPermissionMessage))); |
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
442 // TODO(ksakamoto): This check can be removed once crbug.com/439697 is fixed. | 459 // TODO(ksakamoto): This check can be removed once crbug.com/439697 is fixed. |
443 if (provider_host->document_url().is_empty()) { | 460 if (provider_host->document_url().is_empty()) { |
444 Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError( | 461 Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError( |
445 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, | 462 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
446 base::ASCIIToUTF16(kServiceWorkerGetRegistrationErrorPrefix) + | 463 base::ASCIIToUTF16(kServiceWorkerGetRegistrationErrorPrefix) + |
447 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); | 464 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); |
448 return; | 465 return; |
449 } | 466 } |
450 | 467 |
451 if (!CanGetRegistration(provider_host->document_url(), document_url)) { | 468 if (!CanGetRegistration(provider_host->document_url(), document_url)) { |
452 BadMessageReceived(); | 469 // TODO(kinuko): Change this back to BadMessageReceived() once we start |
| 470 // to check these in the renderer too. (http://crbug.com/453982) |
| 471 Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError( |
| 472 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
| 473 base::ASCIIToUTF16(kServiceWorkerGetRegistrationErrorPrefix) + |
| 474 base::ASCIIToUTF16(kDisallowedURLErrorMessage))); |
453 return; | 475 return; |
454 } | 476 } |
455 | 477 |
456 if (!GetContentClient()->browser()->AllowServiceWorker( | 478 if (!GetContentClient()->browser()->AllowServiceWorker( |
457 provider_host->document_url(), | 479 provider_host->document_url(), |
458 provider_host->topmost_frame_url(), | 480 provider_host->topmost_frame_url(), |
459 resource_context_)) { | 481 resource_context_)) { |
460 Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError( | 482 Send(new ServiceWorkerMsg_ServiceWorkerGetRegistrationError( |
461 thread_id, request_id, WebServiceWorkerError::ErrorTypeUnknown, | 483 thread_id, request_id, WebServiceWorkerError::ErrorTypeUnknown, |
462 base::ASCIIToUTF16(kServiceWorkerGetRegistrationErrorPrefix) + | 484 base::ASCIIToUTF16(kServiceWorkerGetRegistrationErrorPrefix) + |
(...skipping 475 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
938 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); | 960 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); |
939 if (!handle) { | 961 if (!handle) { |
940 BadMessageReceived(); | 962 BadMessageReceived(); |
941 return; | 963 return; |
942 } | 964 } |
943 handle->version()->StopWorker( | 965 handle->version()->StopWorker( |
944 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); | 966 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); |
945 } | 967 } |
946 | 968 |
947 } // namespace content | 969 } // namespace content |
OLD | NEW |