BadMessage for invalid plugin frame ID

(Follow-up work to CL:1213369).

Currently API in guest_view.mojom send two routing IDs to the browser:
the embedder frame routing ID (the frame which adds an <embed>/<object>)
and the plugin frame ID (the actual frame inside <embed>/<object>). This
is to support both a frame-based MimeHandlerView (which only needs the
plugin frame ID), and the BrowserPlugin-based version which uses the
embedder frame ID.

This CL adds a security check on the browser side to verify the reported
routing IDs make sense, i.e., when they point to actual RFH we always
observer the child and parent relationship. This of course is not the
case in BP-based case where we expect the child routing ID to be invalid
all the time.

Bug: 659750
Change-Id: I92f1643303899054cdee36897e7a973a5a3b3d85
Reviewed-by: Istiaque Ahmed <>
Reviewed-by: Ehsan Karamad <>
Reviewed-by: Alex Moshchuk <>
Commit-Queue: Ehsan Karamad <>
Cr-Commit-Position: refs/heads/master@{#590668}
3 files changed