mirror of
https://github.com/electron/electron.git
synced 2026-01-08 15:13:52 -05:00
2e4e6f10de
* chore: bump chromium in DEPS to 122.0.6223.0 * 5129828: Removes special cases for selenium-atoms dependencies. https://chromium-review.googlesource.com/c/chromium/src/+/5129828 * chore: fixup patch indices * 5139789: Deduplicate BrowserContext's ResourceContext https://chromium-review.googlesource.com/c/chromium/src/+/5139789 * 5148579: Simplify SelectFileDialog::Listener https://chromium-review.googlesource.com/c/chromium/src/+/5148579 * 5134038: Code Health: Use string_view in base::i18n::BreakIterator::SetText https://chromium-review.googlesource.com/c/chromium/src/+/5134038 * 5137427: Code Health: Use string_view in SpellCheck::SpellCheckWord https://chromium-review.googlesource.com/c/chromium/src/+/5137427 * [libcxx] adds ranges::fold_left_with_iter and ranges::fold_left Notable things in this commit: * refactors `__indirect_binary_left_foldable`, making it slightly different (but equivalent) to _`indirect-binary-left-foldable`_, which improves readability (a [patch to the Working Paper][patch] was made) * omits `__cpo` namespace, since it is not required for implementing niebloids (a cleanup should happen in 2024) * puts tests ensuring invocable robustness and dangling correctness inside the correctness testing to ensure that the algorithms' results are still correct [patch]: https://github.com/cplusplus/draft/pull/6734 * chore: bump chromium in DEPS to 122.0.6224.0 * 5154766: [Refresh 2023] [GTK] Fix gap above toolbar with fractional scaling https://chromium-review.googlesource.com/c/chromium/src/+/5154766 * chore: fixup patch indices * 5094458: Remove extra CGColorSpace parameters from skia and ui helpers https://chromium-review.googlesource.com/c/chromium/src/+/5094458 * chore: bump chromium in DEPS to 122.0.6226.0 * chore: update patches * chore: bump chromium in DEPS to 122.0.6227.0 * chore: update patches * chore: bump chromium in DEPS to 122.0.6228.0 * chore: update patches * chore: bump chromium in DEPS to 122.0.6230.0 * chore: bump chromium in DEPS to 122.0.6232.0 * chore: bump chromium in DEPS to 122.0.6234.0 * chore: bump chromium in DEPS to 122.0.6236.2 * chore: update patches * fix: remove --disable-color-correct-renderering Per https://electronhq.slack.com/archives/CB6CG54DB/p1698444047862459 it is not used any more and was never documented. * chore: add WEB_PRINTING to content permission converter Unused in non-cros so no need to document Ref: https://chromium-review.googlesource.com/c/chromium/src/+/5136178 * chore: Views is now vec<raw_ptr> instead of raw<T*> Ref: https://chromium-review.googlesource.com/c/chromium/src/+/5140028 * spec: add Iterator to global intrinsics --------- Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com> Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com> Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com> Co-authored-by: Samuel Attard <marshallofsound@electronjs.org>
68 lines
3.6 KiB
Diff
68 lines
3.6 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Shelley Vohr <shelley.vohr@gmail.com>
|
|
Date: Mon, 29 Aug 2022 11:44:57 +0200
|
|
Subject: fix: crash loading non-standard schemes in iframes
|
|
|
|
This fixes a crash that occurs when loading non-standard schemes from
|
|
iframes or webviews. This was happening because
|
|
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin contains explicit
|
|
exceptions to allow built-in non-standard schemes, but does not check
|
|
for non-standard schemes registered by the embedder.
|
|
|
|
This patch adjusts the origin calculation for non-standard schemes in
|
|
- browser process at `NavigationRequest::GetOriginForURLLoaderFactoryUncheckedWithDebugInfo`
|
|
- render process at `DocumentLoader::CalculateOrigin`
|
|
|
|
When top level frame navigates to non-standard scheme url, the origin is calculated
|
|
as `null` without any derivation. It is only in cases where there is a `initiator_origin`
|
|
then the origin is derived from it, which is usually the case for renderer initiated
|
|
navigations and iframes are no exceptions from this rule.
|
|
|
|
Upstream bug https://bugs.chromium.org/p/chromium/issues/detail?id=1081397.
|
|
|
|
Upstreamed at https://chromium-review.googlesource.com/c/chromium/src/+/3856266.
|
|
|
|
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
|
|
index 2e5436d271df7df7e8f5fc8efbc85cc77bff9a36..a9365d7cf288fa16651ab6a2165803ec7f1078b4 100644
|
|
--- a/content/browser/renderer_host/navigation_request.cc
|
|
+++ b/content/browser/renderer_host/navigation_request.cc
|
|
@@ -10040,6 +10040,12 @@ NavigationRequest::GetOriginForURLLoaderFactoryUncheckedWithDebugInfo() {
|
|
return std::make_pair(parent->GetLastCommittedOrigin(), "about_srcdoc");
|
|
}
|
|
|
|
+ if (!common_params().url.IsStandard()) {
|
|
+ return std::make_pair(url::Origin::Resolve(common_params().url,
|
|
+ url::Origin()),
|
|
+ "url_non_standard");
|
|
+ }
|
|
+
|
|
// In cases not covered above, URLLoaderFactory should be associated with the
|
|
// origin of |common_params.url| and/or |common_params.initiator_origin|.
|
|
url::Origin resolved_origin = url::Origin::Resolve(
|
|
diff --git a/third_party/blink/renderer/core/loader/document_loader.cc b/third_party/blink/renderer/core/loader/document_loader.cc
|
|
index 99df2c18b6b41e32e7aa25f326b826ff262fda35..7d1cc22d5aebaf259324a1076e2515b59680c064 100644
|
|
--- a/third_party/blink/renderer/core/loader/document_loader.cc
|
|
+++ b/third_party/blink/renderer/core/loader/document_loader.cc
|
|
@@ -2126,6 +2126,10 @@ Frame* DocumentLoader::CalculateOwnerFrame() {
|
|
scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
|
|
Document* owner_document) {
|
|
scoped_refptr<SecurityOrigin> origin;
|
|
+ bool is_standard = false;
|
|
+ std::string protocol = url_.Protocol().Ascii();
|
|
+ is_standard = url::IsStandard(
|
|
+ protocol.data(), url::Component(0, static_cast<int>(protocol.size())));
|
|
StringBuilder debug_info_builder;
|
|
if (origin_to_commit_) {
|
|
// Origin to commit is specified by the browser process, it must be taken
|
|
@@ -2173,6 +2177,10 @@ scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
|
|
debug_info_builder.Append(", url=");
|
|
debug_info_builder.Append(owner_document->Url().BaseAsString());
|
|
debug_info_builder.Append(")");
|
|
+ } else if (!SecurityOrigin::ShouldUseInnerURL(url_) &&
|
|
+ !is_standard) {
|
|
+ debug_info_builder.Append("use_url_with_non_standard_scheme");
|
|
+ origin = SecurityOrigin::Create(url_);
|
|
} else {
|
|
debug_info_builder.Append("use_url_with_precursor");
|
|
// Otherwise, create an origin that propagates precursor information
|