Explicitly reject storage access if requesting security origin is unique

This is a follow-up fix for https://codereview.chromium.org/46583005/ (Send Allow{Database,FileSystem,IndexedDB} sync IPCs directly from worker threads) I needed to default behavior to allow storage access when NULL proxy is returned to make content_shell work, and therefore needed not to return NULL when origin.isUnique()==true case. BUG=none R=jam,michaeln TBR=jam Review URL: https://codereview.chromium.org/55433006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@232922 0039d316-1c4b-4281-b951-d872f2087c98

Explicitly reject storage access if requesting security origin is unique
This is a follow-up fix for https://codereview.chromium.org/46583005/ (Send Allow{Database,FileSystem,IndexedDB} sync IPCs directly from worker threads) I needed to default behavior to allow storage access when NULL proxy is returned to make content_shell work, and therefore needed not to return NULL when origin.isUnique()==true case. BUG=none R=jam,michaeln TBR=jam Review URL: https://codereview.chromium.org/55433006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@232922 0039d316-1c4b-4281-b951-d872f2087c98
c95721fd · kinuko@chromium.org · d756944e · c95721fd · c95721fd · c95721fd
Commit c95721fd authored Nov 05, 2013 by kinuko@chromium.org
3 changed files
--- a/content/worker/shared_worker_permission_client_proxy.cc
+++ b/content/worker/shared_worker_permission_client_proxy.cc
@@ -13,9 +13,11 @@ namespace content {
 SharedWorkerPermissionClientProxy::SharedWorkerPermissionClientProxy(
    const GURL& origin_url,
+    bool is_unique_origin,
    int routing_id,
    ThreadSafeSender* thread_safe_sender)
    : origin_url_(origin_url),
+      is_unique_origin_(is_unique_origin),
      routing_id_(routing_id),
      thread_safe_sender_(thread_safe_sender) {
 }
@@ -27,6 +29,8 @@ bool SharedWorkerPermissionClientProxy::allowDatabase(
    const WebKit::WebString& name,
    const WebKit::WebString& display_name,
    unsigned long estimated_size) {
+  if (is_unique_origin_)
+    return false;
  bool result = false;
  thread_safe_sender_->Send(new WorkerProcessHostMsg_AllowDatabase(
      routing_id_, origin_url_, name, display_name,
@@ -35,6 +39,8 @@ bool SharedWorkerPermissionClientProxy::allowDatabase(
 }
 bool SharedWorkerPermissionClientProxy::allowFileSystem() {
+  if (is_unique_origin_)
+    return false;
  bool result = false;
  thread_safe_sender_->Send(new WorkerProcessHostMsg_AllowFileSystem(
      routing_id_, origin_url_, &result));
@@ -43,6 +49,8 @@ bool SharedWorkerPermissionClientProxy::allowFileSystem() {
 bool SharedWorkerPermissionClientProxy::allowIndexedDB(
    const WebKit::WebString& name) {
+  if (is_unique_origin_)
+    return false;
  bool result = false;
  thread_safe_sender_->Send(new WorkerProcessHostMsg_AllowIndexedDB(
      routing_id_, origin_url_, name, &result));

--- a/content/worker/shared_worker_permission_client_proxy.h
+++ b/content/worker/shared_worker_permission_client_proxy.h
@@ -21,6 +21,7 @@ class SharedWorkerPermissionClientProxy
 public:
  SharedWorkerPermissionClientProxy(
      const GURL& origin_url,
+      bool is_unique_origin,
      int routing_id,
      ThreadSafeSender* thread_safe_sender);
  virtual ~SharedWorkerPermissionClientProxy();
@@ -34,6 +35,7 @@ class SharedWorkerPermissionClientProxy
 private:
  const GURL origin_url_;
+  const bool is_unique_origin_;
  const int routing_id_;
  scoped_refptr<ThreadSafeSender> thread_safe_sender_;

--- a/content/worker/websharedworkerclient_proxy.cc
+++ b/content/worker/websharedworkerclient_proxy.cc
@@ -81,10 +81,8 @@ WebApplicationCacheHost* WebSharedWorkerClientProxy::createApplicationCacheHost(
 WebKit::WebWorkerPermissionClientProxy*
 WebSharedWorkerClientProxy::createWorkerPermissionClientProxy(
    const WebKit::WebSecurityOrigin& origin) {
-  if (origin.isUnique())
-    return NULL;
  return new SharedWorkerPermissionClientProxy(
-      GURL(origin.toString()), route_id_,
+      GURL(origin.toString()), origin.isUnique(), route_id_,
      ChildThread::current()->thread_safe_sender());
 }