File: render_frame_host_csp_context.cc

package info (click to toggle)
chromium 120.0.6099.224-1~deb11u1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 6,112,112 kB
  • sloc: cpp: 32,907,025; ansic: 8,148,123; javascript: 3,679,536; python: 2,031,248; asm: 959,718; java: 804,675; xml: 617,256; sh: 111,417; objc: 100,835; perl: 88,443; cs: 53,032; makefile: 29,579; fortran: 24,137; php: 21,162; tcl: 21,147; sql: 20,809; ruby: 17,735; pascal: 12,864; yacc: 8,045; lisp: 3,388; lex: 1,323; ada: 727; awk: 329; jsp: 267; csh: 117; exp: 43; sed: 37
file content (68 lines) | stat: -rw-r--r-- 2,525 bytes parent folder | download | duplicates (10) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "content/browser/renderer_host/render_frame_host_csp_context.h"

#include "content/browser/renderer_host/render_frame_host_impl.h"
#include "services/network/public/mojom/content_security_policy.mojom.h"

namespace content {

RenderFrameHostCSPContext::RenderFrameHostCSPContext(
    RenderFrameHostImpl* render_frame_host)
    : render_frame_host_(render_frame_host) {}

void RenderFrameHostCSPContext::ReportContentSecurityPolicyViolation(
    network::mojom::CSPViolationPtr violation_params) {
  if (!render_frame_host_)
    return;
  render_frame_host_->GetAssociatedLocalFrame()
      ->ReportContentSecurityPolicyViolation(std::move(violation_params));
}

void RenderFrameHostCSPContext::SanitizeDataForUseInCspViolation(
    network::mojom::CSPDirectiveName directive,
    GURL* blocked_url,
    network::mojom::SourceLocation* source_location) const {
  DCHECK(blocked_url);
  DCHECK(source_location);
  GURL source_location_url(source_location->url);

  // The main goal of this is to avoid leaking information between potentially
  // separate renderers, in the event of one of them being compromised.
  // See https://crbug.com/633306.
  //
  // We need to sanitize the `blocked_url` only for frame-src and
  // fenced-frame-src. All other directive checks pass as `blocked_url` the
  // initial URL (before redirects), which the renderer already knows. check in
  // the browser is reporting to the wrong frame.
  bool sanitize_blocked_url =
      directive == network::mojom::CSPDirectiveName::FrameSrc ||
      directive == network::mojom::CSPDirectiveName::FencedFrameSrc;
  bool sanitize_source_location = true;

  // There is no need to sanitize data when it is same-origin with the current
  // url of the renderer.
  if (render_frame_host_) {
    if (render_frame_host_->GetLastCommittedOrigin().IsSameOriginWith(
            *blocked_url)) {
      sanitize_blocked_url = false;
    }
    if (render_frame_host_->GetLastCommittedOrigin().IsSameOriginWith(
            source_location_url)) {
      sanitize_source_location = false;
    }
  }

  if (sanitize_blocked_url)
    *blocked_url = blocked_url->DeprecatedGetOriginAsURL();
  if (sanitize_source_location) {
    source_location->url =
        source_location_url.DeprecatedGetOriginAsURL().spec();
    source_location->line = 0u;
    source_location->column = 0u;
  }
}

}  // namespace content