github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-01-09 23:48:01 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
20414f66cad2d64f395435c4c52007b6f534c228
electron/patches/chromium/fix_crash_loading_non-standard_schemes_in_iframes.patch
electron-roller[bot] 20414f66ca chore!: bump chromium to 136.0.7054.0 (main) (#45923) 
* chore: bump chromium in DEPS to 136.0.7054.0

* chore: update allow_in-process_windows_to_have_different_web_prefs.patch

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/5906158

patch applied manually due to context shear

* chore: e patches all

* refactor!: Session.clearStorageData(syncable)

Xref: https://chromium-review.googlesource.com/c/chromium/src/+/6309405

Remove syncable type from opts.quota in Session.clearStorageData(opts)
because it that category has been removed upstream.

BREAKING CHANGE: Removed ses.clearDataStorage({ quota: 'syncable' })

* docs: deprecate Session.clearDataStorage({ quota })

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Charles Kerr <charles@charleskerr.com>
2025-03-07 17:49:21 -06:00

73 lines
3.9 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Mon, 29 Aug 2022 11:44:57 +0200
Subject: fix: crash loading non-standard schemes in iframes
This fixes a crash that occurs when loading non-standard schemes from
iframes or webviews. This was happening because
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin contains explicit
exceptions to allow built-in non-standard schemes, but does not check
for non-standard schemes registered by the embedder.
This patch adjusts the origin calculation for subframe non-standard schemes in
- browser process at `NavigationRequest::GetOriginForURLLoaderFactoryUncheckedWithDebugInfo`
- render process at `DocumentLoader::CalculateOrigin`
When top level frame navigates to non-standard scheme url, the origin is calculated
as `null` without any derivation. It is only in cases where there is a `initiator_origin`
then the origin is derived from it, which is usually the case for renderer initiated
navigations and iframes are no exceptions from this rule.
The patch should be removed in favor of either:
- Remove support for non-standard custom schemes
- Register non-standard custom schemes as websafe schemes and update
CPSPI::CanAccessDataForOrigin to allow them for any navigation.
- Update the callsite to use RFHI::CanCommitOriginAndUrl in upstream, previous
effort to do this can be found at https://chromium-review.googlesource.com/c/chromium/src/+/3856266.
Upstream bug https://bugs.chromium.org/p/chromium/issues/detail?id=1081397.
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
index ecba4ccb033c706658718dbbced19c6e60c53d97..5f4b860a9666e3ba3c557663e05b86ed952fc51f 100644
--- a/content/browser/renderer_host/navigation_request.cc
+++ b/content/browser/renderer_host/navigation_request.cc
@@ -11040,6 +11040,12 @@ NavigationRequest::GetOriginForURLLoaderFactoryUncheckedWithDebugInfo() {
"blob");
}
+ if (!common_params().url.IsStandard() && !common_params().url.IsAboutBlank()) {
+ return std::make_pair(url::Origin::Resolve(common_params().url,
+ url::Origin()),
+ "url_non_standard");
+ }
+
// In cases not covered above, URLLoaderFactory should be associated with the
// origin of |common_params.url| and/or |common_params.initiator_origin|.
url::Origin resolved_origin = url::Origin::Resolve(
diff --git a/third_party/blink/renderer/core/loader/document_loader.cc b/third_party/blink/renderer/core/loader/document_loader.cc
index ab265777ded9c875ccafd83b44853d92e35c60fb..074fa3544afd423555578cf0df835171ab559201 100644
--- a/third_party/blink/renderer/core/loader/document_loader.cc
+++ b/third_party/blink/renderer/core/loader/document_loader.cc
@@ -2334,6 +2334,10 @@ Frame* DocumentLoader::CalculateOwnerFrame() {
scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
Document* owner_document) {
scoped_refptr<SecurityOrigin> origin;
+ bool is_standard = false;
+ std::string protocol = url_.Protocol().Ascii();
+ is_standard = url::IsStandard(
+ protocol.data(), url::Component(0, static_cast<int>(protocol.size())));
StringBuilder debug_info_builder;
// Whether the origin is newly created within this call, instead of copied
// from an existing document's origin or from `origin_to_commit_`. If this is
@@ -2387,6 +2391,10 @@ scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
// the end of this function.
origin = origin_to_commit_;
debug_info_builder.Append("use_origin_to_commit");
+ } else if (!SecurityOrigin::ShouldUseInnerURL(url_) &&
+ !is_standard) {
+ debug_info_builder.Append("use_url_with_non_standard_scheme");
+ origin = SecurityOrigin::Create(url_);
} else {
debug_info_builder.Append("use_url_with_precursor");
// Otherwise, create an origin that propagates precursor information
Reference in New Issue View Git Blame Copy Permalink