Skip to content

GitLab

T
tangled
Commit 7554b55c authored by arthursonzogni's avatar arthursonzogni Committed by Commit Bot
Browse files
Options

Refactor InitializeContentSecurityPolicy(). 

(This is a pure refactor. Changes in behavior aren't expected)

- Use early returns, it avoid using too many nested if/then/else. There
  was up to 4 level of indentation in this function.

- Remove unnecessary DCHECK. Checking a pointer to be non-null before
  dereferencing it is useless, because it would have immediately crash
  anyway.

Bug: 1001982
Change-Id: Id54de8441bb0b19b91a70d22435dff5fcd6c5260
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1806674Reviewed-by: default avatarDaniel Cheng <dcheng@chromium.org>
Commit-Queue: Arthur Sonzogni <arthursonzogni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#697538}
parent 426279be
Hide whitespace changes
Inline Side-by-side
Showing with 50 additions and 52 deletions
third_party/blink/renderer/core/dom/document.cc
View file @ 7554b55c
...@@ -697,67 +697,65 @@ class Document::SecurityContextInit : public FeaturePolicyParserDelegate { ...@@ -697,67 +697,65 @@ class Document::SecurityContextInit : public FeaturePolicyParserDelegate {
frame ? frame->Loader().GetLastOriginDocumentCSP() : nullptr; frame ? frame->Loader().GetLastOriginDocumentCSP() : nullptr;
KURL url; KURL url;
if (initializer.ShouldSetURL()) { if (initializer.ShouldSetURL())
url = initializer.Url(); url = initializer.Url().IsEmpty() ? BlankURL() : initializer.Url();
if (url.IsEmpty())
url = BlankURL();
}
if (initializer.HasSecurityContext() && !initializer.OriginToCommit() && // Alias certain security properties from |owner_document|. Used for the
initializer.OwnerDocument()) { // case of about:blank pages inheriting the security properties of their
// Alias certain security properties from |owner_document|. Used for // requestor context.
// the case of about:blank pages inheriting the security properties of //
// their requestor context. // Note that this is currently somewhat broken; Blink always inherits from
// Note that this is currently somewhat broken; Blink always inherits // the parent or opener, even though it should actually be inherited from
// from the parent or opener, even though it should actually be // the request initiator.
// inherited from the request initiator. if (url.IsEmpty() && initializer.HasSecurityContext() &&
if (url.IsEmpty()) { !initializer.OriginToCommit() && initializer.OwnerDocument()) {
last_origin_document_csp = last_origin_document_csp =
initializer.OwnerDocument()->GetContentSecurityPolicy(); initializer.OwnerDocument()->GetContentSecurityPolicy();
}
} }
csp_ = initializer.GetContentSecurityPolicy(); csp_ = initializer.GetContentSecurityPolicy();
if (!csp_ && initializer.ImportsController()) { if (!csp_) {
// If this document is an HTML import, grab a reference to its master if (initializer.ImportsController()) {
// document's Content Security Policy. We don't bind the CSP's delegate // If this document is an HTML import, grab a reference to its master
// in 'InitSecurityPolicy' in this case, as we can't rebind the // document's Content Security Policy. We don't bind the CSP's delegate
// master document's policy object: The Content Security Policy's delegate // in 'InitSecurityPolicy' in this case, as we can't rebind the master
// needs to remain set to the master document. // document's policy object: The Content Security Policy's delegate
csp_ = // needs to remain set to the master document.
initializer.ImportsController()->Master()->GetContentSecurityPolicy(); csp_ = initializer.ImportsController()
} else { ->Master()
if (!csp_) { ->GetContentSecurityPolicy();
csp_ = MakeGarbageCollected<ContentSecurityPolicy>(); return;
bind_csp_immediately_ = true;
} }
// We should inherit the navigation initiator CSP if the document is csp_ = MakeGarbageCollected<ContentSecurityPolicy>();
// loaded using a local-scheme url. bind_csp_immediately_ = true;
if (last_origin_document_csp && }
(url.IsEmpty() || url.ProtocolIsAbout() || url.ProtocolIsData() ||
url.ProtocolIs("blob") || url.ProtocolIs("filesystem"))) { // We should inherit the navigation initiator CSP if the document is loaded
csp_->CopyStateFrom(last_origin_document_csp); // using a local-scheme url.
if (last_origin_document_csp &&
(url.IsEmpty() || url.ProtocolIsAbout() || url.ProtocolIsData() ||
url.ProtocolIs("blob") || url.ProtocolIs("filesystem"))) {
csp_->CopyStateFrom(last_origin_document_csp);
}
if (document_classes & kPluginDocumentClass) {
if (last_origin_document_csp) {
csp_->CopyPluginTypesFrom(last_origin_document_csp);
return;
} }
if (document_classes & kPluginDocumentClass) { // TODO(andypaicu): This should inherit the origin document's plugin types
// TODO(andypaicu): This should inherit the origin document's plugin // but because this could be a OOPIF document it might not have access. In
// types but because this could be a OOPIF document it might not have // this situation we fallback on using the parent/opener:
// access. In this situation we fallback on using the parent/opener. if (frame) {
if (last_origin_document_csp) { Frame* inherit_from = frame->Tree().Parent()
csp_->CopyPluginTypesFrom(last_origin_document_csp); ? frame->Tree().Parent()
} else if (frame) { : frame->Client()->Opener();
Frame* inherit_from = frame->Tree().Parent() if (inherit_from && frame != inherit_from) {
? frame->Tree().Parent() csp_->CopyPluginTypesFrom(
: frame->Client()->Opener(); inherit_from->GetSecurityContext()->GetContentSecurityPolicy());
if (inherit_from && frame != inherit_from) {
DCHECK(
inherit_from->GetSecurityContext() &&
inherit_from->GetSecurityContext()->GetContentSecurityPolicy());
csp_->CopyPluginTypesFrom(
inherit_from->GetSecurityContext()->GetContentSecurityPolicy());
}
} }
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment