File: render_frame_host_csp_context.cc

package info (click to toggle)
chromium 138.0.7204.183-1~deb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm-proposed-updates
  • size: 6,080,960 kB
  • sloc: cpp: 34,937,079; ansic: 7,176,967; javascript: 4,110,704; python: 1,419,954; asm: 946,768; xml: 739,971; pascal: 187,324; sh: 89,623; perl: 88,663; objc: 79,944; sql: 50,304; cs: 41,786; fortran: 24,137; makefile: 21,811; php: 13,980; tcl: 13,166; yacc: 8,925; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (68 lines) | stat: -rw-r--r-- 2,525 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
 
// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "content/browser/renderer_host/render_frame_host_csp_context.h"

#include "content/browser/renderer_host/render_frame_host_impl.h"
#include "services/network/public/mojom/content_security_policy.mojom.h"

namespace content {

RenderFrameHostCSPContext::RenderFrameHostCSPContext(
    RenderFrameHostImpl* render_frame_host)
    : render_frame_host_(render_frame_host) {}

void RenderFrameHostCSPContext::ReportContentSecurityPolicyViolation(
    network::mojom::CSPViolationPtr violation_params) {
  if (!render_frame_host_)
    return;
  render_frame_host_->GetAssociatedLocalFrame()
      ->ReportContentSecurityPolicyViolation(std::move(violation_params));
}

void RenderFrameHostCSPContext::SanitizeDataForUseInCspViolation(
    network::mojom::CSPDirectiveName directive,
    GURL* blocked_url,
    network::mojom::SourceLocation* source_location) const {
  DCHECK(blocked_url);
  DCHECK(source_location);
  GURL source_location_url(source_location->url);

  // The main goal of this is to avoid leaking information between potentially
  // separate renderers, in the event of one of them being compromised.
  // See https://crbug.com/633306.
  //
  // We need to sanitize the `blocked_url` only for frame-src and
  // fenced-frame-src. All other directive checks pass as `blocked_url` the
  // initial URL (before redirects), which the renderer already knows. check in
  // the browser is reporting to the wrong frame.
  bool sanitize_blocked_url =
      directive == network::mojom::CSPDirectiveName::FrameSrc ||
      directive == network::mojom::CSPDirectiveName::FencedFrameSrc;
  bool sanitize_source_location = true;

  // There is no need to sanitize data when it is same-origin with the current
  // url of the renderer.
  if (render_frame_host_) {
    if (render_frame_host_->GetLastCommittedOrigin().IsSameOriginWith(
            *blocked_url)) {
      sanitize_blocked_url = false;
    }
    if (render_frame_host_->GetLastCommittedOrigin().IsSameOriginWith(
            source_location_url)) {
      sanitize_source_location = false;
    }
  }

  if (sanitize_blocked_url)
    *blocked_url = blocked_url->DeprecatedGetOriginAsURL();
  if (sanitize_source_location) {
    source_location->url =
        source_location_url.DeprecatedGetOriginAsURL().spec();
    source_location->line = 0u;
    source_location->column = 0u;
  }
}

}  // namespace content