diff options
| author | jrummell@chromium.org <jrummell@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-04-17 06:42:04 +0000 |
|---|---|---|
| committer | jrummell@chromium.org <jrummell@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-04-17 06:42:04 +0000 |
| commit | 35580b667c5a6c5a69e35ff1a816b4e7e582f660 (patch) | |
| tree | cf1332f15acb65dde93a5273be6de6453783917c /media/cdm | |
| parent | f9caff4a25483d61fbf362ef47c0799fa7c1f722 (diff) | |
| download | chromium_src-35580b667c5a6c5a69e35ff1a816b4e7e582f660.zip chromium_src-35580b667c5a6c5a69e35ff1a816b4e7e582f660.tar.gz chromium_src-35580b667c5a6c5a69e35ff1a816b4e7e582f660.tar.bz2 | |
Ensure Pepper plugin origin matches security origin
Verify the Pepper instance's origin matches the security
origin. Also move the optional document URL checking to
CdmAdapter::Initialize() and fix it to not check for a
host if using file://.
BUG=353324
TEST=encrypted media layout and browser tests pass
Review URL: https://codereview.chromium.org/236313007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@264450 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'media/cdm')
| -rw-r--r-- | media/cdm/ppapi/cdm_adapter.cc | 34 |
1 files changed, 19 insertions, 15 deletions
diff --git a/media/cdm/ppapi/cdm_adapter.cc b/media/cdm/ppapi/cdm_adapter.cc index 7e58176..4d8f038 100644 --- a/media/cdm/ppapi/cdm_adapter.cc +++ b/media/cdm/ppapi/cdm_adapter.cc @@ -261,6 +261,25 @@ void CdmAdapter::Initialize(const std::string& key_system) { PP_DCHECK(!key_system.empty()); PP_DCHECK(key_system_.empty() || (key_system_ == key_system && cdm_)); +#if defined(CHECK_DOCUMENT_URL) + PP_URLComponents_Dev url_components = {}; + const pp::URLUtil_Dev* url_util = pp::URLUtil_Dev::Get(); + if (!url_util) + return; + pp::Var href = url_util->GetDocumentURL(pp::InstanceHandle(pp_instance()), + &url_components); + PP_DCHECK(href.is_string()); + std::string url = href.AsString(); + PP_DCHECK(!url.empty()); + std::string url_scheme = + url.substr(url_components.scheme.begin, url_components.scheme.len); + if (url_scheme != "file") { + // Skip this check for file:// URLs as they don't have a host component. + PP_DCHECK(url_components.host.begin); + PP_DCHECK(0 < url_components.host.len); + } +#endif // defined(CHECK_DOCUMENT_URL) + if (!cdm_ && !CreateCdmInstance(key_system)) return; @@ -278,21 +297,6 @@ void CdmAdapter::CreateSession(uint32_t session_id, return; } -#if defined(CHECK_DOCUMENT_URL) - PP_URLComponents_Dev url_components = {}; - const pp::URLUtil_Dev* url_util = pp::URLUtil_Dev::Get(); - if (!url_util) { - OnSessionError(session_id, cdm::kUnknownError, 0); - return; - } - pp::Var href = url_util->GetDocumentURL( - pp::InstanceHandle(pp_instance()), &url_components); - PP_DCHECK(href.is_string()); - PP_DCHECK(!href.AsString().empty()); - PP_DCHECK(url_components.host.begin); - PP_DCHECK(0 < url_components.host.len); -#endif // defined(CHECK_DOCUMENT_URL) - cdm_->CreateSession(session_id, content_type.data(), content_type.size(), |