diff options
| author | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-03-17 09:18:06 +0000 |
|---|---|---|
| committer | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-03-17 09:18:06 +0000 |
| commit | c46b0e667387bb42a18be86e8b1f85e968902953 (patch) | |
| tree | 801ddb204b400e25ecd3fe1211584e5b5519e93e /webkit/glue | |
| parent | ffc45869f044885b81265e6a67cb0220758113b5 (diff) | |
| download | chromium_src-c46b0e667387bb42a18be86e8b1f85e968902953.zip chromium_src-c46b0e667387bb42a18be86e8b1f85e968902953.tar.gz chromium_src-c46b0e667387bb42a18be86e8b1f85e968902953.tar.bz2 | |
SSLPolicy Fix: Step 3.
Plumbing the security origin of the frame making the request to SSL land.
R=wtc
BUG=8706
Review URL: http://codereview.chromium.org/48038
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@11851 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/glue')
| -rw-r--r-- | webkit/glue/resource_handle_impl.cc | 14 | ||||
| -rw-r--r-- | webkit/glue/resource_loader_bridge.h | 38 | ||||
| -rw-r--r-- | webkit/glue/unittest_test_server.h | 3 |
3 files changed, 29 insertions, 26 deletions
diff --git a/webkit/glue/resource_handle_impl.cc b/webkit/glue/resource_handle_impl.cc index be5704c..99290d3 100644 --- a/webkit/glue/resource_handle_impl.cc +++ b/webkit/glue/resource_handle_impl.cc @@ -387,10 +387,6 @@ bool ResourceHandleInternal::Start( if (requestor_pid == 0) requestor_pid = base::GetCurrentProcId(); - bool mixed_content = - webkit_glue::KURLToGURL(request_.mainDocumentURL()).SchemeIsSecure() && - !url.SchemeIsSecure(); - if (url.SchemeIs("data")) { if (sync_load_response) { // This is a sync load. Do the work now. @@ -410,6 +406,13 @@ bool ResourceHandleInternal::Start( return true; } + // TODO(abarth): These are wrong! I need to figure out how to get the right + // strings here. See: http://crbug.com/8706 + std::string frame_origin = + webkit_glue::StringToStdString(request_.mainDocumentURL().string()); + std::string main_frame_origin = + webkit_glue::StringToStdString(request_.mainDocumentURL().string()); + // TODO(darin): is latin1 really correct here? It is if the strings are // already ASCII (i.e., if they are already escaped properly). // TODO(brettw) this should take parameter encoding into account when @@ -419,11 +422,12 @@ bool ResourceHandleInternal::Start( url, webkit_glue::KURLToGURL(request_.policyURL()), referrer, + frame_origin, + main_frame_origin, webkit_glue::CStringToStdString(headerBuf.latin1()), load_flags_, requestor_pid, FromTargetType(request_.targetType()), - mixed_content, request_.requestorID())); if (!bridge_.get()) return false; diff --git a/webkit/glue/resource_loader_bridge.h b/webkit/glue/resource_loader_bridge.h index 2061a3b..161c237 100644 --- a/webkit/glue/resource_loader_bridge.h +++ b/webkit/glue/resource_loader_bridge.h @@ -17,10 +17,10 @@ #ifndef RESOURCE_LOADER_BRIDGE_H_ #define RESOURCE_LOADER_BRIDGE_H_ -#include "build/build_config.h"
-#if defined(OS_POSIX)
-#include "base/file_descriptor_posix.h"
-#endif
+#include "build/build_config.h" +#if defined(OS_POSIX) +#include "base/file_descriptor_posix.h" +#endif #include "base/platform_file.h" #include "base/ref_counted.h" #include "base/time.h" @@ -67,18 +67,18 @@ class ResourceLoaderBridge { // Content length if available. -1 if not available int64 content_length; - // A platform specific handle for a file that carries response data. This
- // entry is used if the resource request is of type ResourceType::MEDIA and
- // the underlying cache layer keeps the response data in a standalone file.
-#if defined(OS_POSIX)
- // If the response data file is available, the file handle is stored in
- // response_data_file.fd, its value is base::kInvalidPlatformFileValue
- // otherwise.
- base::FileDescriptor response_data_file;
-#elif defined(OS_WIN)
- // An asynchronous file handle to the response data file, its value is
- // base::kInvalidPlatformFileValue if the file is not available.
- base::PlatformFile response_data_file;
+ // A platform specific handle for a file that carries response data. This + // entry is used if the resource request is of type ResourceType::MEDIA and + // the underlying cache layer keeps the response data in a standalone file. +#if defined(OS_POSIX) + // If the response data file is available, the file handle is stored in + // response_data_file.fd, its value is base::kInvalidPlatformFileValue + // otherwise. + base::FileDescriptor response_data_file; +#elif defined(OS_WIN) + // An asynchronous file handle to the response data file, its value is + // base::kInvalidPlatformFileValue if the file is not available. + base::PlatformFile response_data_file; #endif }; @@ -168,9 +168,6 @@ class ResourceLoaderBridge { // // load_flags is composed of the values defined in url_request_load_flags.h // - // mixed_content when true indicates that the resource associated with this - // request is over HTTP when the main page was loaded over HTTPS. - // // request_type indicates if the current request is the main frame load, a // sub-frame load, or a sub objects load. // @@ -180,11 +177,12 @@ class ResourceLoaderBridge { const GURL& url, const GURL& policy_url, const GURL& referrer, + const std::string& frame_origin, + const std::string& main_frame_origin, const std::string& headers, int load_flags, int requestor_pid, ResourceType::Type request_type, - bool mixed_content, int routing_id); // Call this method before calling Start() to append a chunk of binary data diff --git a/webkit/glue/unittest_test_server.h b/webkit/glue/unittest_test_server.h index 9476ab5..32d9646 100644 --- a/webkit/glue/unittest_test_server.h +++ b/webkit/glue/unittest_test_server.h @@ -43,10 +43,11 @@ class UnittestTestServer : public HTTPTestServer { url, // policy_url GURL(), // no referrer std::string(), // no extra headers + "null", // frame_origin + "null", // main_frame_origin net::LOAD_NORMAL, 0, ResourceType::SUB_RESOURCE, - false, 0)); EXPECT_TRUE(loader.get()); |