diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-09-06 13:07:46 +0200 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2018-09-12 07:43:51 +0000 |
commit | cfc13dfc783fa21d5ed67f568e27a897be2812e7 (patch) | |
tree | 07cb076c3b4ce3bba0eeb5e3e13563c8b3805c6f | |
parent | 021e3ee70e85ff2efc30a6c46d8b1ec7e42696ca (diff) |
[Backport] Correctly handle blob:file:///... URIs in SiteInstance::GetSiteForURL.
file URIs should map to "file:///" site. The same site needs to also
be used for blob:file:///... URIs - this is what is fixed by this CL.
Bug: 697111
Change-Id: I03627c134d58a47e824eac593939385790aae5f2
Reviewed-on: https://chromium-review.googlesource.com/953129
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
-rw-r--r-- | chromium/content/browser/site_instance_impl.cc | 13 | ||||
-rw-r--r-- | chromium/content/browser/site_instance_impl_unittest.cc | 7 |
2 files changed, 15 insertions, 5 deletions
diff --git a/chromium/content/browser/site_instance_impl.cc b/chromium/content/browser/site_instance_impl.cc index d961143bbf8..357894a1d48 100644 --- a/chromium/content/browser/site_instance_impl.cc +++ b/chromium/content/browser/site_instance_impl.cc @@ -406,10 +406,8 @@ GURL SiteInstance::GetSiteForURL(BrowserContext* browser_context, // origin lookup. auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); url::Origin isolated_origin; - if (policy->GetMatchingIsolatedOrigin(url::Origin::Create(url), - &isolated_origin)) { + if (policy->GetMatchingIsolatedOrigin(origin, &isolated_origin)) return isolated_origin.GetURL(); - } // If the url has a host, then determine the site. Skip file URLs to avoid a // situation where site URL of file://localhost/ would mismatch Blink's origin @@ -427,11 +425,16 @@ GURL SiteInstance::GetSiteForURL(BrowserContext* browser_context, // If there is no host but there is a scheme, return the scheme. // This is useful for cases like file URLs. - if (url.has_scheme()) + if (!origin.unique()) { + // Prefer to use the scheme of |origin| rather than |url|, to correctly + // cover blob: and filesystem: URIs (see also https://crbug.com/697111). + DCHECK(origin.GetURL().has_scheme()) << origin; + return GURL(origin.GetURL().scheme() + ":"); + } else if (url.has_scheme()) return GURL(url.scheme() + ":"); // Otherwise the URL should be invalid; return an empty site. - DCHECK(!url.is_valid()); + DCHECK(!url.is_valid()) << url; return GURL(); } diff --git a/chromium/content/browser/site_instance_impl_unittest.cc b/chromium/content/browser/site_instance_impl_unittest.cc index 774bf722f81..4297915e09f 100644 --- a/chromium/content/browser/site_instance_impl_unittest.cc +++ b/chromium/content/browser/site_instance_impl_unittest.cc @@ -361,6 +361,13 @@ TEST_F(SiteInstanceTest, GetSiteForURL) { site_url = SiteInstanceImpl::GetSiteForURL(nullptr, test_url); EXPECT_EQ(GURL("gopher://chromium.org"), site_url); + // Blob URLs with file origin also extract the site from the origin. + test_url = GURL("blob:file:///1029e5a4-2983-4b90-a585-ed217563acfeb"); + site_url = SiteInstanceImpl::GetSiteForURL(nullptr, test_url); + EXPECT_EQ(GURL("file:"), site_url); + EXPECT_EQ("file", site_url.scheme()); + EXPECT_FALSE(site_url.has_host()); + // Private domains are preserved, appspot being such a site. test_url = GURL( "blob:http://www.example.appspot.com:44/" |