From 4c724c022664286191558803632d45cd28749ae4 Mon Sep 17 00:00:00 2001 From: Allan Sandfeld Jensen Date: Thu, 22 Jan 2015 11:30:24 +0100 Subject: Improve geolocation permission security Ensure we only grant permission to the origin the user replied to, otherwise we might get a race exploit. Change-Id: I4f737148f4e41432c160b81c324531e9cde0edc6 Reviewed-by: Jocelyn Turcotte --- src/core/web_contents_adapter.cpp | 2 +- src/core/web_contents_delegate_qt.cpp | 11 +++++++++-- src/core/web_contents_delegate_qt.h | 7 ++++++- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/src/core/web_contents_adapter.cpp b/src/core/web_contents_adapter.cpp index 3f6d7060c..d7dfcb97c 100644 --- a/src/core/web_contents_adapter.cpp +++ b/src/core/web_contents_adapter.cpp @@ -773,7 +773,7 @@ void WebContentsAdapter::grantMediaAccessPermission(const QUrl &securityOrigin, void WebContentsAdapter::runGeolocationRequestCallback(const QUrl &securityOrigin, bool allowed) { Q_D(WebContentsAdapter); - d->webContentsDelegate->m_lastGeolocationRequestCallback.Run(allowed); + d->webContentsDelegate->geolocationPermissionReply(securityOrigin, allowed); } void WebContentsAdapter::grantMouseLockPermission(bool granted) diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp index 92b61dcdd..18b61cd2d 100644 --- a/src/core/web_contents_delegate_qt.cpp +++ b/src/core/web_contents_delegate_qt.cpp @@ -314,6 +314,13 @@ void WebContentsDelegateQt::allowCertificateError(const QExplicitlySharedDataPoi void WebContentsDelegateQt::requestGeolocationPermission(const GURL &requestingFrameOrigin, base::Callback resultCallback) { - m_lastGeolocationRequestCallback = resultCallback; - m_viewClient->runGeolocationPermissionRequest(toQt(requestingFrameOrigin)); + m_lastGeolocationPermissionRequest.url = toQt(requestingFrameOrigin); + m_lastGeolocationPermissionRequest.callback = resultCallback; + m_viewClient->runGeolocationPermissionRequest(m_lastGeolocationPermissionRequest.url); +} + +void WebContentsDelegateQt::geolocationPermissionReply(const QUrl &origin, bool permission) +{ + if (m_lastGeolocationPermissionRequest.url == origin) + m_lastGeolocationPermissionRequest.callback.Run(permission); } diff --git a/src/core/web_contents_delegate_qt.h b/src/core/web_contents_delegate_qt.h index 2a541a768..c57a2fc67 100644 --- a/src/core/web_contents_delegate_qt.h +++ b/src/core/web_contents_delegate_qt.h @@ -92,11 +92,16 @@ public: void overrideWebPreferences(content::WebContents *, content::WebPreferences*); void allowCertificateError(const QExplicitlySharedDataPointer &) ; void requestGeolocationPermission(const GURL &requestingFrameOrigin, base::Callback resultCallback); + void geolocationPermissionReply(const QUrl&, bool permission); - base::Callback m_lastGeolocationRequestCallback; private: WebContentsAdapter *createWindow(content::WebContents *new_contents, WindowOpenDisposition disposition, const gfx::Rect& initial_pos, bool user_gesture); + struct { + QUrl url; + base::Callback callback; + } m_lastGeolocationPermissionRequest; + WebContentsAdapterClient *m_viewClient; QString m_lastSearchedString; int m_lastReceivedFindReply; -- cgit v1.2.3