OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" | 5 #include "content/browser/service_worker/service_worker_dispatcher_host.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/strings/utf_string_conversions.h" | 8 #include "base/strings/utf_string_conversions.h" |
9 #include "base/trace_event/trace_event.h" | 9 #include "base/trace_event/trace_event.h" |
10 #include "content/browser/message_port_message_filter.h" | 10 #include "content/browser/message_port_message_filter.h" |
(...skipping 16 matching lines...) Expand all Loading... | |
27 #include "url/gurl.h" | 27 #include "url/gurl.h" |
28 | 28 |
29 using blink::WebServiceWorkerError; | 29 using blink::WebServiceWorkerError; |
30 | 30 |
31 namespace content { | 31 namespace content { |
32 | 32 |
33 namespace { | 33 namespace { |
34 | 34 |
35 const char kNoDocumentURLErrorMessage[] = | 35 const char kNoDocumentURLErrorMessage[] = |
36 "No URL is associated with the caller's document."; | 36 "No URL is associated with the caller's document."; |
37 const char kDisallowedURLErrorMessage[] = | |
38 "The URL is not supported."; | |
nhiroki
2015/02/02 08:37:43
Ideally we should show more descriptive message sp
| |
37 const char kShutdownErrorMessage[] = | 39 const char kShutdownErrorMessage[] = |
38 "The Service Worker system has shutdown."; | 40 "The Service Worker system has shutdown."; |
39 const char kUserDeniedPermissionMessage[] = | 41 const char kUserDeniedPermissionMessage[] = |
40 "The user denied permission to use Service Worker."; | 42 "The user denied permission to use Service Worker."; |
41 | 43 |
42 const uint32 kFilteredMessageClasses[] = { | 44 const uint32 kFilteredMessageClasses[] = { |
43 ServiceWorkerMsgStart, | 45 ServiceWorkerMsgStart, |
44 EmbeddedWorkerMsgStart, | 46 EmbeddedWorkerMsgStart, |
45 }; | 47 }; |
46 | 48 |
47 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { | 49 bool AllOriginsMatch(const GURL& url_a, const GURL& url_b, const GURL& url_c) { |
48 return url_a.GetOrigin() == url_b.GetOrigin() && | 50 return url_a.GetOrigin() == url_b.GetOrigin() && |
49 url_a.GetOrigin() == url_c.GetOrigin(); | 51 url_a.GetOrigin() == url_c.GetOrigin(); |
50 } | 52 } |
51 | 53 |
52 // TODO(dominicc): When crbug.com/362214 is fixed use that to be | 54 // TODO(dominicc): When crbug.com/362214 is fixed use that to be |
53 // consistent with Blink's | 55 // consistent with Blink's |
54 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin. | 56 // SecurityOrigin::canAccessFeatureRequiringSecureOrigin. |
55 bool OriginCanAccessServiceWorkers(const GURL& url) { | 57 bool OriginCanAccessServiceWorkers(const GURL& url) { |
56 return url.SchemeIsSecure() || net::IsLocalhost(url.host()); | 58 return url.SchemeIsHTTPOrHTTPS() && |
59 (url.SchemeIsSecure() || net::IsLocalhost(url.host())); | |
57 } | 60 } |
58 | 61 |
59 bool CanRegisterServiceWorker(const GURL& document_url, | 62 bool CanRegisterServiceWorker(const GURL& document_url, |
60 const GURL& pattern, | 63 const GURL& pattern, |
61 const GURL& script_url) { | 64 const GURL& script_url) { |
62 DCHECK(document_url.is_valid()); | 65 DCHECK(document_url.is_valid()); |
63 DCHECK(pattern.is_valid()); | 66 DCHECK(pattern.is_valid()); |
64 DCHECK(script_url.is_valid()); | 67 DCHECK(script_url.is_valid()); |
65 return AllOriginsMatch(document_url, pattern, script_url) && | 68 return AllOriginsMatch(document_url, pattern, script_url) && |
66 OriginCanAccessServiceWorkers(document_url); | 69 OriginCanAccessServiceWorkers(document_url) && |
70 OriginCanAccessServiceWorkers(pattern) && | |
falken
2015/02/02 08:44:04
Actually, doesn't AllOriginsMatch mean you only ne
| |
71 OriginCanAccessServiceWorkers(script_url); | |
67 } | 72 } |
68 | 73 |
69 bool CanUnregisterServiceWorker(const GURL& document_url, | 74 bool CanUnregisterServiceWorker(const GURL& document_url, |
70 const GURL& pattern) { | 75 const GURL& pattern) { |
71 DCHECK(document_url.is_valid()); | 76 DCHECK(document_url.is_valid()); |
72 DCHECK(pattern.is_valid()); | 77 DCHECK(pattern.is_valid()); |
73 return document_url.GetOrigin() == pattern.GetOrigin() && | 78 return document_url.GetOrigin() == pattern.GetOrigin() && |
74 OriginCanAccessServiceWorkers(document_url); | 79 OriginCanAccessServiceWorkers(document_url) && |
80 OriginCanAccessServiceWorkers(pattern); | |
75 } | 81 } |
76 | 82 |
77 bool CanGetRegistration(const GURL& document_url, | 83 bool CanGetRegistration(const GURL& document_url, |
78 const GURL& given_document_url) { | 84 const GURL& given_document_url) { |
79 DCHECK(document_url.is_valid()); | 85 DCHECK(document_url.is_valid()); |
80 DCHECK(given_document_url.is_valid()); | 86 DCHECK(given_document_url.is_valid()); |
81 return document_url.GetOrigin() == given_document_url.GetOrigin() && | 87 return document_url.GetOrigin() == given_document_url.GetOrigin() && |
82 OriginCanAccessServiceWorkers(document_url); | 88 OriginCanAccessServiceWorkers(document_url); |
nhiroki
2015/02/02 08:37:43
Can we also check |given_document_url| so that we
kinuko
2015/02/02 09:43:24
Done.
| |
83 } | 89 } |
84 | 90 |
85 } // namespace | 91 } // namespace |
86 | 92 |
87 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( | 93 ServiceWorkerDispatcherHost::ServiceWorkerDispatcherHost( |
88 int render_process_id, | 94 int render_process_id, |
89 MessagePortMessageFilter* message_port_message_filter, | 95 MessagePortMessageFilter* message_port_message_filter, |
90 ResourceContext* resource_context) | 96 ResourceContext* resource_context) |
91 : BrowserMessageFilter(kFilteredMessageClasses, | 97 : BrowserMessageFilter(kFilteredMessageClasses, |
92 arraysize(kFilteredMessageClasses)), | 98 arraysize(kFilteredMessageClasses)), |
(...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
287 if (provider_host->document_url().is_empty()) { | 293 if (provider_host->document_url().is_empty()) { |
288 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( | 294 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( |
289 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, | 295 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
290 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + | 296 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + |
291 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); | 297 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); |
292 return; | 298 return; |
293 } | 299 } |
294 | 300 |
295 if (!CanRegisterServiceWorker( | 301 if (!CanRegisterServiceWorker( |
296 provider_host->document_url(), pattern, script_url)) { | 302 provider_host->document_url(), pattern, script_url)) { |
297 BadMessageReceived(); | 303 // TODO(kinuko): Change this back to BadMessageReceived() once we start |
304 // to check these in the renderer too. (http://crbug.com/453982) | |
305 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( | |
306 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, | |
307 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + | |
308 base::ASCIIToUTF16(kDisallowedURLErrorMessage))); | |
298 return; | 309 return; |
299 } | 310 } |
300 | 311 |
301 std::string error_message; | 312 std::string error_message; |
302 if (ServiceWorkerUtils::ContainsDisallowedCharacter(pattern, script_url, | 313 if (ServiceWorkerUtils::ContainsDisallowedCharacter(pattern, script_url, |
303 &error_message)) { | 314 &error_message)) { |
304 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( | 315 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( |
305 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, | 316 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, |
306 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + | 317 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + |
307 base::UTF8ToUTF16(error_message))); | 318 base::UTF8ToUTF16(error_message))); |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
372 if (provider_host->document_url().is_empty()) { | 383 if (provider_host->document_url().is_empty()) { |
373 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( | 384 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( |
374 thread_id, | 385 thread_id, |
375 request_id, | 386 request_id, |
376 WebServiceWorkerError::ErrorTypeSecurity, | 387 WebServiceWorkerError::ErrorTypeSecurity, |
377 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); | 388 base::ASCIIToUTF16(kNoDocumentURLErrorMessage))); |
378 return; | 389 return; |
379 } | 390 } |
380 | 391 |
381 if (!CanUnregisterServiceWorker(provider_host->document_url(), pattern)) { | 392 if (!CanUnregisterServiceWorker(provider_host->document_url(), pattern)) { |
382 BadMessageReceived(); | 393 // TODO(kinuko): Change this back to BadMessageReceived() once we start |
394 // to check these in the renderer too. (http://crbug.com/453982) | |
395 Send(new ServiceWorkerMsg_ServiceWorkerRegistrationError( | |
396 thread_id, request_id, WebServiceWorkerError::ErrorTypeSecurity, | |
397 base::ASCIIToUTF16(kServiceWorkerRegisterErrorPrefix) + | |
falken
2015/02/02 08:44:04
kServiceWorkerUnregisterErrorPrefix
kinuko
2015/02/02 09:43:24
Done.
Also fixed the error msg type (Registration
| |
398 base::ASCIIToUTF16(kDisallowedURLErrorMessage))); | |
383 return; | 399 return; |
384 } | 400 } |
385 | 401 |
386 if (!GetContentClient()->browser()->AllowServiceWorker( | 402 if (!GetContentClient()->browser()->AllowServiceWorker( |
387 pattern, provider_host->topmost_frame_url(), resource_context_)) { | 403 pattern, provider_host->topmost_frame_url(), resource_context_)) { |
388 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( | 404 Send(new ServiceWorkerMsg_ServiceWorkerUnregistrationError( |
389 thread_id, | 405 thread_id, |
390 request_id, | 406 request_id, |
391 WebServiceWorkerError::ErrorTypeUnknown, | 407 WebServiceWorkerError::ErrorTypeUnknown, |
392 base::ASCIIToUTF16(kUserDeniedPermissionMessage))); | 408 base::ASCIIToUTF16(kUserDeniedPermissionMessage))); |
(...skipping 545 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
938 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); | 954 ServiceWorkerHandle* handle = handles_.Lookup(handle_id); |
939 if (!handle) { | 955 if (!handle) { |
940 BadMessageReceived(); | 956 BadMessageReceived(); |
941 return; | 957 return; |
942 } | 958 } |
943 handle->version()->StopWorker( | 959 handle->version()->StopWorker( |
944 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); | 960 base::Bind(&ServiceWorkerUtils::NoOpStatusCallback)); |
945 } | 961 } |
946 | 962 |
947 } // namespace content | 963 } // namespace content |
OLD | NEW |