Skip to content

GitLab

T
tangled
Commit e24f2701 authored by Mikel Astiz's avatar Mikel Astiz Committed by Commit Bot
Browse files
Options

Allowlist Gaia origin for privileged chrome Javascript API 

The code is still behind a feature toggle and not fully implemented.
Follow-up patches will introduce interactions with the browser process
via Mojo.

Independently of the browser process enforcing security origin checks,
the Javascript API itself should also be exposed only to the Gaia
origin.

Bug: 1000146
Change-Id: Ib95bf8e66db6643352c92939d7c3444fe0231247
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1813304Reviewed-by: default avatarDavid Roger <droger@chromium.org>
Commit-Queue: Mikel Astiz <mastiz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#698423}
parent ec9c3ae7
Hide whitespace changes
Inline Side-by-side
Showing with 23 additions and 2 deletions
chrome/renderer/DEPS
View file @ e24f2701
...@@ -57,6 +57,7 @@ include_rules = [ ...@@ -57,6 +57,7 @@ include_rules = [
"+extensions/buildflags", "+extensions/buildflags",
"+extensions/renderer", "+extensions/renderer",
"+gin", "+gin",
"+google_apis",
"+media/base", "+media/base",
"+ppapi/shared_impl", "+ppapi/shared_impl",
"+services/network/public/cpp", "+services/network/public/cpp",
......
chrome/renderer/sync_encryption_keys_extension.cc
View file @ e24f2701
...@@ -9,12 +9,26 @@ ...@@ -9,12 +9,26 @@
#include "base/bind.h" #include "base/bind.h"
#include "base/logging.h" #include "base/logging.h"
#include "base/no_destructor.h"
#include "content/public/renderer/chrome_object_extensions_utils.h" #include "content/public/renderer/chrome_object_extensions_utils.h"
#include "content/public/renderer/render_frame.h" #include "content/public/renderer/render_frame.h"
#include "gin/arguments.h" #include "gin/arguments.h"
#include "gin/function_template.h" #include "gin/function_template.h"
#include "google_apis/gaia/gaia_urls.h"
#include "third_party/blink/public/web/blink.h" #include "third_party/blink/public/web/blink.h"
#include "third_party/blink/public/web/web_local_frame.h" #include "third_party/blink/public/web/web_local_frame.h"
#include "url/origin.h"
namespace {
const url::Origin& GetAllowedOrigin() {
static const base::NoDestructor<url::Origin> origin(
url::Origin::Create(GaiaUrls::GetInstance()->gaia_url()));
CHECK(!origin->opaque());
return *origin;
}
} // namespace
// static // static
void SyncEncryptionKeysExtension::Create(content::RenderFrame* frame) { void SyncEncryptionKeysExtension::Create(content::RenderFrame* frame) {
...@@ -32,8 +46,14 @@ void SyncEncryptionKeysExtension::OnDestruct() { ...@@ -32,8 +46,14 @@ void SyncEncryptionKeysExtension::OnDestruct() {
} }
void SyncEncryptionKeysExtension::DidClearWindowObject() { void SyncEncryptionKeysExtension::DidClearWindowObject() {
// TODO(crbug.com/1000146): This API should be restricted to allowed origins. if (!render_frame()) {
Install(); return;
}
url::Origin origin = render_frame()->GetWebFrame()->GetSecurityOrigin();
if (origin == GetAllowedOrigin()) {
Install();
}
} }
void SyncEncryptionKeysExtension::Install() { void SyncEncryptionKeysExtension::Install() {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment