github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-01-08 15:13:52 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
53fd879043c576fb68f6905678d3984246e8ea41
electron/patches/chromium/fix_crash_loading_non-standard_schemes_in_iframes.patch
electron-roller[bot] 53fd879043 chore: bump chromium to 138.0.7190.0 (main) (#47107) 
* chore: bump chromium in DEPS to 138.0.7180.0

* 6546797: Add a metric for the overall success of the "safe storage" item retrieval.

Refs https://chromium-review.googlesource.com/c/chromium/src/+/6546797

* 6548078: extensions: Fix TODO in ScriptInjectionTracker for desktop Android

Refs https://chromium-review.googlesource.com/c/chromium/src/+/6548078

* 6544950: Revert "FSA: Only normalize the hardcoded rules once during initialization"

Refs https://chromium-review.googlesource.com/c/chromium/src/+/6544950

* chore: bump chromium in DEPS to 138.0.7181.0

* chore: update patches

* fix: correctly clamp HSL shift values between 0 and 1

* chore: bump DEPS to 138.0.7183.0

* 6553142: Remove SelectFileDialogLinuxKde | https://chromium-review.googlesource.com/c/chromium/src/+/6553142

* chore: update patches

* chore: bump chromium in DEPS to 138.0.7184.0

* chore: bump chromium in DEPS to 138.0.7186.0

* chore: bump chromium in DEPS to 138.0.7190.0

* chore: update patches

* 6547778: Remove some superfluous //ui/gfx includes from //chrome headers | https://chromium-review.googlesource.com/c/chromium/src/+/6547778

* 6556022: Reland FSA: Only normalize the hardcoded rules once during initialization | https://chromium-review.googlesource.com/c/chromium/src/+/6556022

* fix: remove pdf_extension_util::AddAdditionalData
https://chromium-review.googlesource.com/c/chromium/src/+/4099130

This was removed 2 years ago in Chrome.

* fix: provide BrowserContext to pdf_extension_util::AddAdditionalData
https://chromium-review.googlesource.com/c/chromium/src/+/6558173

* fixup! 6556022: Reland FSA: Only normalize the hardcoded rules once during initialization | https://chromium-review.googlesource.com/c/chromium/src/+/6556022

* fix: pass in navigation throttle registry
https://chromium-review.googlesource.com/c/chromium/src/+/6536175

* fixup! 6556022: Reland "FSA: Only normalize the hardcoded rules once during initialization" | https://chromium-review.googlesource.com/c/chromium/src/+/6556022

This partially reverts commit 20d709dd15ba0ff332e24ee314149d642dc5d47c.

* 6545984: corner-shape: render dashed & dotted borders
Refs https://chromium-review.googlesource.com/c/chromium/src/+/6545984

* Update corner smoothing expected images

* Apply "future" revert commit to fix windows build

> Reason for revert: Multiple eng reporting that this is causing build failures due to too-long pathnames, with no immediate feasible workaround

This issue also affects our CI builds.

Problematic CL in current roll: 6494836: [webgl] Add stub WebGL[2]RenderingContextWebGPU | https://chromium-review.googlesource.com/c/chromium/src/+/6494836
"Future" revert CL: 6565622: Revert "[webgl] Add stub WebGL[2]RenderingContextWebGPU" | https://chromium-review.googlesource.com/c/chromium/src/+/6565622

This patch should automatically disappear when we roll the revert.

* 6533919: win: don't add WS_CAPTION style to popup windows
https://chromium-review.googlesource.com/c/chromium/src/+/6533919

This mirrors the change made earlier to the code ours is based on: 6374074: [headless] Provide headless aware window metrics on Windows | https://chromium-review.googlesource.com/c/chromium/src/+/6374074

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: David Sanders <dsanders11@ucsbalum.com>
Co-authored-by: Keeley Hammond <khammond@slack-corp.com>
Co-authored-by: Samuel Maddock <smaddock@slack-corp.com>
Co-authored-by: clavin <clavin@electronjs.org>
2025-06-03 11:19:20 -04:00

71 lines
3.9 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Mon, 29 Aug 2022 11:44:57 +0200
Subject: fix: crash loading non-standard schemes in iframes
This fixes a crash that occurs when loading non-standard schemes from
iframes or webviews. This was happening because
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin contains explicit
exceptions to allow built-in non-standard schemes, but does not check
for non-standard schemes registered by the embedder.
This patch adjusts the origin calculation for subframe non-standard schemes in
- browser process at `NavigationRequest::GetOriginForURLLoaderFactoryUncheckedWithDebugInfo`
- render process at `DocumentLoader::CalculateOrigin`
When top level frame navigates to non-standard scheme url, the origin is calculated
as `null` without any derivation. It is only in cases where there is a `initiator_origin`
then the origin is derived from it, which is usually the case for renderer initiated
navigations and iframes are no exceptions from this rule.
The patch should be removed in favor of either:
- Remove support for non-standard custom schemes
- Register non-standard custom schemes as websafe schemes and update
CPSPI::CanAccessDataForOrigin to allow them for any navigation.
- Update the callsite to use RFHI::CanCommitOriginAndUrl in upstream, previous
effort to do this can be found at https://chromium-review.googlesource.com/c/chromium/src/+/3856266.
Upstream bug https://bugs.chromium.org/p/chromium/issues/detail?id=1081397.
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
index deb3de267fb5e6a326985fa7943e5a66217888f8..ad53374b86efe1db1e2c2e06056cd3b50696ad9b 100644
--- a/content/browser/renderer_host/navigation_request.cc
+++ b/content/browser/renderer_host/navigation_request.cc
@@ -11158,6 +11158,11 @@ url::Origin NavigationRequest::GetOriginForURLLoaderFactoryUnchecked() {
target_rph_id);
}
+ if (!common_params().url.IsStandard() && !common_params().url.IsAboutBlank()) {
+ return url::Origin::Resolve(common_params().url,
+ url::Origin());
+ }
+
// In cases not covered above, URLLoaderFactory should be associated with the
// origin of |common_params.url| and/or |common_params.initiator_origin|.
url::Origin resolved_origin = url::Origin::Resolve(
diff --git a/third_party/blink/renderer/core/loader/document_loader.cc b/third_party/blink/renderer/core/loader/document_loader.cc
index 094f7359e5d3b701676daa6c26fa6f8dee9d4a29..ac23e8b6e5b16670e942bf4801d97296176e2a00 100644
--- a/third_party/blink/renderer/core/loader/document_loader.cc
+++ b/third_party/blink/renderer/core/loader/document_loader.cc
@@ -2332,6 +2332,10 @@ Frame* DocumentLoader::CalculateOwnerFrame() {
scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
Document* owner_document) {
scoped_refptr<SecurityOrigin> origin;
+ bool is_standard = false;
+ std::string protocol = url_.Protocol().Ascii();
+ is_standard = url::IsStandard(
+ protocol.data(), url::Component(0, static_cast<int>(protocol.size())));
// Whether the origin is newly created within this call, instead of copied
// from an existing document's origin or from `origin_to_commit_`. If this is
// true, we won't try to compare the nonce of this origin (if it's opaque) to
@@ -2368,6 +2372,9 @@ scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
// non-renderer only origin bits will be the same, which will be asserted at
// the end of this function.
origin = origin_to_commit_;
+ } else if (!SecurityOrigin::ShouldUseInnerURL(url_) &&
+ !is_standard) {
+ origin = SecurityOrigin::Create(url_);
} else {
// Otherwise, create an origin that propagates precursor information
// as needed. For non-opaque origins, this creates a standard tuple
Reference in New Issue View Git Blame Copy Permalink