Merge CanCommitOrigin() and CanCommitURL().

This combines the origin and URL checks to remove some duplicate and unnecessary checks. This will also make it easier to update the URL checks to handle non-standard URLs in a follow-up CL. - Inlines CanCommitURL() at the beginning and end of CanCommitOrigin() and removes redundant checks. - Rename CanCommitOrigin() to CanCommitOriginAndUrl() - Move kDisableWebSecurity check to the top of the function so it skips URL checks as well. This is the only functional change. Bug: 991607 Change-Id: Id8b9f52b594994c1a4c1c38a709ba3e4c0daffc2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1742836 Commit-Queue: Aaron Colwell <acolwell@chromium.org> Reviewed-by: Nasko Oskov <nasko@chromium.org> Cr-Commit-Position: refs/heads/master@{#685408}

Merge CanCommitOrigin() and CanCommitURL().
This combines the origin and URL checks to remove some duplicate and unnecessary checks. This will also make it easier to update the URL checks to handle non-standard URLs in a follow-up CL. - Inlines CanCommitURL() at the beginning and end of CanCommitOrigin() and removes redundant checks. - Rename CanCommitOrigin() to CanCommitOriginAndUrl() - Move kDisableWebSecurity check to the top of the function so it skips URL checks as well. This is the only functional change. Bug: 991607 Change-Id: Id8b9f52b594994c1a4c1c38a709ba3e4c0daffc2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1742836 Commit-Queue: Aaron Colwell <acolwell@chromium.org> Reviewed-by: Nasko Oskov <nasko@chromium.org> Cr-Commit-Position: refs/heads/master@{#685408}
81caf619 · Aaron Colwell · Commit Bot · fcf30419 · 81caf619 · 81caf619
Commit 81caf619 authored Aug 09, 2019 by Aaron Colwell Committed by Commit Bot Aug 09, 2019
2 changed files
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
--- a/content/browser/frame_host/render_frame_host_impl.h
+++ b/content/browser/frame_host/render_frame_host_impl.h
@@ -769,11 +769,6 @@ class CONTENT_EXPORT RenderFrameHostImpl

  void ClearFocusedElement();

-  // Returns whether the given URL is allowed to commit in the current process.
-  // This is a more conservative check than RenderProcessHost::FilterURL, since
-  // it will be used to kill processes that commit unauthorized URLs.
-  bool CanCommitURL(const GURL& url);
-
  // Returns the PreviewsState of the last successful navigation
  // that made a network request. The PreviewsState is a bitmask of potentially
  // several Previews optimizations.
@@ -1339,12 +1334,18 @@ class CONTENT_EXPORT RenderFrameHostImpl
  // relevant.
  void ResetWaitingState();

-  // Returns whether the given origin is allowed to commit in the current
-  // RenderFrameHost. The |url| is used to ensure it matches the origin in cases
-  // where it is applicable. This is a more conservative check than
+  // Returns whether the given origin and URL is allowed to commit in the
+  // current RenderFrameHost. The |url| is used to ensure it matches the origin
+  // in cases where it is applicable. This is a more conservative check than
  // RenderProcessHost::FilterURL, since it will be used to kill processes that
  // commit unauthorized origins.
-  bool CanCommitOrigin(const url::Origin& origin, const GURL& url);
+  enum class CanCommitStatus {
+    CAN_COMMIT_ORIGIN_AND_URL,
+    CANNOT_COMMIT_ORIGIN,
+    CANNOT_COMMIT_URL
+  };
+  CanCommitStatus CanCommitOriginAndUrl(const url::Origin& origin,
+                                        const GURL& url);

  // Asserts that the given RenderFrameHostImpl is part of the same browser
  // context (and crashes if not), then returns whether the given frame is