Source/core/html/HTMLMediaElement.cpp - Issue 893123004: Check origin before providing initData in encrypted event

Side by Side Diff: Source/core/html/HTMLMediaElement.cpp

Issue 893123004: Check origin before providing initData in encrypted event (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: mediaDataIsCORSSameOrigin Created 5 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2007, 2008, 2009, 2010, 2011, 2012, 2013 Apple Inc. All rights reserved.	2 * Copyright (C) 2007, 2008, 2009, 2010, 2011, 2012, 2013 Apple Inc. All rights reserved.

3 *	3 *

4 * Redistribution and use in source and binary forms, with or without	4 * Redistribution and use in source and binary forms, with or without

5 * modification, are permitted provided that the following conditions	5 * modification, are permitted provided that the following conditions

6 * are met:	6 * are met:

7 * 1. Redistributions of source code must retain the above copyright	7 * 1. Redistributions of source code must retain the above copyright

8 * notice, this list of conditions and the following disclaimer.	8 * notice, this list of conditions and the following disclaimer.

9 * 2. Redistributions in binary form must reproduce the above copyright	9 * 2. Redistributions in binary form must reproduce the above copyright

10 * notice, this list of conditions and the following disclaimer in the	10 * notice, this list of conditions and the following disclaimer in the

(...skipping 1546 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1557 }	1557 }

1558	1558

1559 if (!document().contentSecurityPolicy()->allowMediaFromSource(url)) {	1559 if (!document().contentSecurityPolicy()->allowMediaFromSource(url)) {

1560 WTF_LOG(Media, "HTMLMediaElement::isSafeToLoadURL(%p, %s) -> rejected by Content Security Policy", this, urlForLoggingMedia(url).utf8().data());	1560 WTF_LOG(Media, "HTMLMediaElement::isSafeToLoadURL(%p, %s) -> rejected by Content Security Policy", this, urlForLoggingMedia(url).utf8().data());

1561 return false;	1561 return false;

1562 }	1562 }

1563	1563

1564 return true;	1564 return true;

1565 }	1565 }

1566	1566

	1567 bool HTMLMediaElement::mediaDataIsCORSSameOrigin(SecurityOrigin* origin) const
	ddorwin 2015/02/06 21:41:33 Does the new function really tell us that it is CO Does the new function really tell us that it is CORS-same-origin? (As discussed elsewhere) taintsCanvas() is basically canRequest(), which has more to do with access than same-origin. hasSingleSecurityOrigin() apparently tells us whether the origin in the src is the same as the actual request (i.e. after redirect). If correct, it would be nice to add a comment in WebMediaPlayer.h. I think didPassCORSAccessCheck() means it was a successful CORS-enabled fetch (vs. non-CORS-enabled or failed). Then, taintsCanvas() must check that it is not a URL that requires CORS - that is, same origin. However, it also does some other things, which I guess are valid exceptions. I suppose at a high level, it is equivalent to CORS-same-origin. jrummell 2015/02/07 00:12:26 Acknowledged. Added comments to indicate this, jus Show quoted text On 2015/02/06 21:41:33, ddorwin wrote: > Does the new function really tell us that it is CORS-same-origin? (As discussed > elsewhere) taintsCanvas() is basically canRequest(), which has more to do with > access than same-origin. > > hasSingleSecurityOrigin() apparently tells us whether the origin in the src is > the same as the actual request (i.e. after redirect). If correct, it would be > nice to add a comment in WebMediaPlayer.h. > > I think didPassCORSAccessCheck() means it was a successful CORS-enabled fetch > (vs. non-CORS-enabled or failed). > > Then, taintsCanvas() must check that it is not a URL that requires CORS - that > is, same origin. However, it also does some other things, which I guess are > valid exceptions. > > I suppose at a high level, it is equivalent to CORS-same-origin. Acknowledged. Added comments to indicate this, just so the next person looking at it has somewhere to start.
	1568 {

	1569 return hasSingleSecurityOrigin() && ((webMediaPlayer() && webMediaPlayer()-> didPassCORSAccessCheck()) \|\| !origin->taintsCanvas(currentSrc()));

	1570 }

	1571

1567 void HTMLMediaElement::startProgressEventTimer()	1572 void HTMLMediaElement::startProgressEventTimer()

1568 {	1573 {

1569 if (m_progressEventTimer.isActive())	1574 if (m_progressEventTimer.isActive())

1570 return;	1575 return;

1571	1576

1572 m_previousProgressTime = WTF::currentTime();	1577 m_previousProgressTime = WTF::currentTime();

1573 // 350ms is not magic, it is in the spec!	1578 // 350ms is not magic, it is in the spec!

1574 m_progressEventTimer.startRepeating(0.350, FROM_HERE);	1579 m_progressEventTimer.startRepeating(0.350, FROM_HERE);

1575 }	1580 }

1576	1581

(...skipping 2534 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
4111	4116

4112 #if ENABLE(WEB_AUDIO)	4117 #if ENABLE(WEB_AUDIO)

4113 void HTMLMediaElement::clearWeakMembers(Visitor* visitor)	4118 void HTMLMediaElement::clearWeakMembers(Visitor* visitor)

4114 {	4119 {

4115 if (!visitor->isAlive(m_audioSourceNode) && audioSourceProvider())	4120 if (!visitor->isAlive(m_audioSourceNode) && audioSourceProvider())

4116 audioSourceProvider()->setClient(nullptr);	4121 audioSourceProvider()->setClient(nullptr);

4117 }	4122 }

4118 #endif	4123 #endif

4119	4124

4120 }	4125 }

OLD	NEW

« Source/core/html/HTMLMediaElement.h ('K') | « Source/core/html/HTMLMediaElement.h ('k') | Source/core/html/HTMLVideoElement.cpp » ('j') | no next file with comments »