Index: content/browser/service_worker/service_worker_version.cc |
diff --git a/content/browser/service_worker/service_worker_version.cc b/content/browser/service_worker/service_worker_version.cc |
index 22c6c8ec10ae7bd8bd53116edc04885d2dd463d8..e139c19f5ba47461bbd205f99ddae5647db64b1a 100644 |
--- a/content/browser/service_worker/service_worker_version.cc |
+++ b/content/browser/service_worker/service_worker_version.cc |
@@ -11,6 +11,7 @@ |
#include "base/strings/string16.h" |
#include "base/strings/utf_string_conversions.h" |
#include "base/time/time.h" |
+#include "content/browser/child_process_security_policy_impl.h" |
#include "content/browser/message_port_message_filter.h" |
#include "content/browser/message_port_service.h" |
#include "content/browser/service_worker/embedded_worker_instance.h" |
@@ -271,15 +272,6 @@ void OpenWindowOnUI( |
base::Bind(&DidOpenURL, callback)); |
} |
-void KillEmbeddedWorkerProcess(int process_id, ResultCode code) { |
- DCHECK_CURRENTLY_ON(BrowserThread::UI); |
- |
- RenderProcessHost* render_process_host = |
- RenderProcessHost::FromID(process_id); |
- if (render_process_host->GetHandle() != base::kNullProcessHandle) |
- render_process_host->ReceivedBadMessage(); |
-} |
- |
void ClearTick(base::TimeTicks* time) { |
*time = base::TimeTicks(); |
} |
@@ -1166,20 +1158,25 @@ void ServiceWorkerVersion::OnCrossOriginConnectEventFinished( |
RemoveCallbackAndStopIfDoomed(&cross_origin_connect_callbacks_, request_id); |
} |
-void ServiceWorkerVersion::OnOpenWindow(int request_id, const GURL& url) { |
+void ServiceWorkerVersion::OnOpenWindow(int request_id, GURL url) { |
// Just abort if we are shutting down. |
if (!context_) |
return; |
- if (url.GetOrigin() != script_url_.GetOrigin()) { |
- // There should be a same origin check by Blink, if the request is still not |
- // same origin, the process might be compromised and should be eliminated. |
- DVLOG(1) << "Received a cross origin openWindow() request from a service " |
- "worker. Killing associated process."; |
- BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, |
- base::Bind(&KillEmbeddedWorkerProcess, |
- embedded_worker_->process_id(), |
- RESULT_CODE_KILLED_BAD_MESSAGE)); |
+ // Blink consider all about: scheme URLs as about:blank. We need to sanitize |
+ // them accordingly to prevent CanRequestURL() call below to fail on them. |
falken
2015/03/08 12:23:49
This is kinda inconsistent now... why not just let
mlamouri (slow - plz ping)
2015/03/08 14:34:12
I've updated the comment to have it match RPHImpl:
mlamouri (slow - plz ping)
2015/03/08 14:34:12
I've updated the comment to have it match RPHImpl:
falken
2015/03/08 15:01:50
Ah I see, makes sense.
|
+ if (url.SchemeIs(url::kAboutScheme)) |
+ url = GURL(url::kAboutBlankURL); |
+ |
+ // This call will check whether the process should be able to access the given |
+ // URL. It is possible to receive requests to open such URLs because the |
+ // renderer side checks are slightly different. For example, view-source |
+ // scheme will not be filtered out by Blink. This is the reason why failing |
+ // that call will reject the promise instead of killing the renderer. |
falken
2015/03/08 12:23:49
nits: "such URLs" reads like "URLs that the proces
mlamouri (slow - plz ping)
2015/03/08 14:34:12
Done.
|
+ if (!ChildProcessSecurityPolicyImpl::GetInstance()->CanRequestURL( |
+ embedded_worker_->process_id(), url)) { |
+ embedded_worker_->SendMessage(ServiceWorkerMsg_OpenWindowError( |
+ request_id, url.spec() + " cannot be opened.")); |
return; |
} |
@@ -1205,7 +1202,8 @@ void ServiceWorkerVersion::DidOpenWindow(int request_id, |
if (render_process_id == ChildProcessHost::kInvalidUniqueID && |
render_frame_id == MSG_ROUTING_NONE) { |
- embedded_worker_->SendMessage(ServiceWorkerMsg_OpenWindowError(request_id)); |
+ embedded_worker_->SendMessage(ServiceWorkerMsg_OpenWindowError( |
+ request_id, "Something went wrong while trying to open the window")); |
falken
2015/03/08 12:23:49
nit: Add a period to be consistent with the error
mlamouri (slow - plz ping)
2015/03/08 14:34:12
Done.
|
return; |
} |