PlzNavigate: properly set file access permissions on the RFH

This CL gives appropriate permissions to the RenderFrameHost on NavigationCommit. This allows to run browser tests backed by javascript files on disk with PlzNavigate enabled. BUG=475027 Review URL: https://codereview.chromium.org/1103253003 Cr-Commit-Position: refs/heads/master@{#327328}

PlzNavigate: properly set file access permissions on the RFH
This CL gives appropriate permissions to the RenderFrameHost on NavigationCommit. This allows to run browser tests backed by javascript files on disk with PlzNavigate enabled. BUG=475027 Review URL: https://codereview.chromium.org/1103253003 Cr-Commit-Position: refs/heads/master@{#327328}
3d638b14 · clamy · Commit bot · 2cc92c9d · 3d638b14 · 3d638b14
Commit 3d638b14 authored Apr 28, 2015 by clamy Committed by Commit bot Apr 28, 2015
2 changed files
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
@@ -1601,27 +1601,8 @@ void RenderFrameHostImpl::Navigate(
    const StartNavigationParams& start_params,
    const RequestNavigationParams& request_params) {
  TRACE_EVENT0("navigation", "RenderFrameHostImpl::Navigate");
-  // Browser plugin guests are not allowed to navigate outside web-safe schemes,
-  // so do not grant them the ability to request additional URLs.
-  if (!GetProcess()->IsIsolatedGuest()) {
-    ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
-        GetProcess()->GetID(), common_params.url);
-    if (common_params.url.SchemeIs(url::kDataScheme) &&
-        common_params.base_url_for_data_url.SchemeIs(url::kFileScheme)) {
-      // If 'data:' is used, and we have a 'file:' base url, grant access to
-      // local files.
-      ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
-          GetProcess()->GetID(), common_params.base_url_for_data_url);
-    }
-  }

-  // We may be returning to an existing NavigationEntry that had been granted
-  // file access.  If this is a different process, we will need to grant the
-  // access again.  The files listed in the page state are validated when they
-  // are received from the renderer to prevent abuse.
-  if (request_params.page_state.IsValid()) {
-    render_view_host_->GrantFileAccessFromPageState(request_params.page_state);
-  }
+  UpdatePermissionsForNavigation(common_params, request_params);

  // Only send the message if we aren't suspended at the start of a cross-site
  // request.
@@ -1777,8 +1758,7 @@ void RenderFrameHostImpl::CommitNavigation(
    const RequestNavigationParams& request_params) {
  DCHECK((response && body.get()) ||
          !NavigationRequest::ShouldMakeNetworkRequest(common_params.url));
-  // TODO(clamy): Check if we have to add security checks for the browser plugin
-  // guests.
+  UpdatePermissionsForNavigation(common_params, request_params);

  // Get back to a clean state, in case we start a new navigation without
  // completing a RFH swap or unload handler.
@@ -2066,4 +2046,30 @@ void RenderFrameHostImpl::DidUseGeolocationPermission() {
          ->GetLastCommittedURL().GetOrigin());
 }

+void RenderFrameHostImpl::UpdatePermissionsForNavigation(
+    const CommonNavigationParams& common_params,
+    const RequestNavigationParams& request_params) {
+  // Browser plugin guests are not allowed to navigate outside web-safe schemes,
+  // so do not grant them the ability to request additional URLs.
+  if (!GetProcess()->IsIsolatedGuest()) {
+    ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
+        GetProcess()->GetID(), common_params.url);
+    if (common_params.url.SchemeIs(url::kDataScheme) &&
+        common_params.base_url_for_data_url.SchemeIs(url::kFileScheme)) {
+      // If 'data:' is used, and we have a 'file:' base url, grant access to
+      // local files.
+      ChildProcessSecurityPolicyImpl::GetInstance()->GrantRequestURL(
+          GetProcess()->GetID(), common_params.base_url_for_data_url);
+    }
+  }
+
+  // We may be returning to an existing NavigationEntry that had been granted
+  // file access.  If this is a different process, we will need to grant the
+  // access again.  The files listed in the page state are validated when they
+  // are received from the renderer to prevent abuse.
+  if (request_params.page_state.IsValid()) {
+    render_view_host_->GrantFileAccessFromPageState(request_params.page_state);
+  }
+}
+
 }  // namespace content
--- a/content/browser/frame_host/render_frame_host_impl.h
+++ b/content/browser/frame_host/render_frame_host_impl.h
@@ -565,6 +565,10 @@ class CONTENT_EXPORT RenderFrameHostImpl
  // Informs the content client that geolocation permissions were used.
  void DidUseGeolocationPermission();

+  void UpdatePermissionsForNavigation(
+      const CommonNavigationParams& common_params,
+      const RequestNavigationParams& request_params);
+
  // For now, RenderFrameHosts indirectly keep RenderViewHosts alive via a
  // refcount that calls Shutdown when it reaches zero.  This allows each
  // RenderFrameHostManager to just care about RenderFrameHosts, while ensuring