diff options
Diffstat (limited to 'chromium/content/browser/renderer_host/code_cache_host_impl.cc')
-rw-r--r-- | chromium/content/browser/renderer_host/code_cache_host_impl.cc | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/chromium/content/browser/renderer_host/code_cache_host_impl.cc b/chromium/content/browser/renderer_host/code_cache_host_impl.cc index 22d4b361eef..17ce0990234 100644 --- a/chromium/content/browser/renderer_host/code_cache_host_impl.cc +++ b/chromium/content/browser/renderer_host/code_cache_host_impl.cc @@ -6,6 +6,7 @@ #include "base/bind.h" #include "base/bind_helpers.h" +#include "base/metrics/histogram_functions.h" #include "base/task/post_task.h" #include "base/threading/thread.h" #include "build/build_config.h" @@ -98,27 +99,20 @@ base::Optional<GURL> GetSecondaryKeyForCodeCache(const GURL& resource_url, CodeCacheHostImpl::CodeCacheHostImpl( int render_process_id, scoped_refptr<CacheStorageContextImpl> cache_storage_context, - scoped_refptr<GeneratedCodeCacheContext> generated_code_cache_context) + scoped_refptr<GeneratedCodeCacheContext> generated_code_cache_context, + blink::mojom::CodeCacheHostRequest request) : render_process_id_(render_process_id), cache_storage_context_(std::move(cache_storage_context)), - generated_code_cache_context_(std::move(generated_code_cache_context)) {} + generated_code_cache_context_(std::move(generated_code_cache_context)), + binding_(this, std::move(request)) {} CodeCacheHostImpl::~CodeCacheHostImpl() { DCHECK_CURRENTLY_ON(BrowserThread::UI); } -// static -void CodeCacheHostImpl::Create( - int render_process_id, - scoped_refptr<CacheStorageContextImpl> cache_storage_context, - scoped_refptr<GeneratedCodeCacheContext> generated_code_cache_context, - blink::mojom::CodeCacheHostRequest request) { - DCHECK_CURRENTLY_ON(BrowserThread::IO); - mojo::MakeStrongBinding( - std::make_unique<CodeCacheHostImpl>( - render_process_id, std::move(cache_storage_context), - std::move(generated_code_cache_context)), - std::move(request)); +void CodeCacheHostImpl::SetCacheStorageContextForTesting( + scoped_refptr<CacheStorageContextImpl> context) { + cache_storage_context_ = std::move(context); } void CodeCacheHostImpl::DidGenerateCacheableMetadata( @@ -188,6 +182,24 @@ void CodeCacheHostImpl::DidGenerateCacheableMetadataInCacheStorage( mojo_base::BigBuffer data, const url::Origin& cache_storage_origin, const std::string& cache_storage_cache_name) { + DCHECK_CURRENTLY_ON(BrowserThread::UI); + + // We cannot trust the renderer to give us the correct origin here. Validate + // it against the ChildProcessSecurityPolicy. + bool origin_allowed = + ChildProcessSecurityPolicyImpl::GetInstance()->CanAccessDataForOrigin( + render_process_id_, cache_storage_origin); + base::UmaHistogramBoolean( + "ServiceWorkerCache.DidGenerateCacheableMetadataMessageInCacheStorage." + "OriginAllowed", + origin_allowed); + if (!origin_allowed) { + // TODO(crbug/925035): Report a bad mojo message here. Currently we just + // null-route the request since this condition triggers more frequently + // than we expect. + return; + } + int64_t trace_id = blink::cache_storage::CreateTraceId(); TRACE_EVENT_WITH_FLOW1( "CacheStorage", |