mirror of
https://github.com/electron/electron.git
synced 2026-01-07 22:54:25 -05:00
793565e4be
* chore: bump chromium in DEPS to 141.0.7381.3 * chore: update patches * chore: bump chromium in DEPS to 141.0.7382.0 * chore: update patches * chore: bump chromium in DEPS to 141.0.7384.0 * chore: bump chromium in DEPS to 141.0.7386.0 * [Extensions] Move devtools_page and chrome_url_overrides handlers Refs https://chromium-review.googlesource.com/c/chromium/src/+/6862700 * Reland "[api] Advance deprecation of GetIsolate" Refs https://chromium-review.googlesource.com/c/v8/v8/+/6875273 * Move "system integrated UI" concept out of NativeTheme. Refs https://chromium-review.googlesource.com/c/chromium/src/+/6867375 * chore: update patches * Reland "[PermissionOptions] Return PermissionResult in callback for requests" Refs https://chromium-review.googlesource.com/c/chromium/src/+/6851838 * Reland "[exit-time-destructors] Enable by default" Refs https://chromium-review.googlesource.com/c/chromium/src/+/6859042 * chore: update patches * [FSA] Revoke Read access after removing file via FileSystemAccess API Refs https://chromium-review.googlesource.com/c/chromium/src/+/6677249 * chore: IWYU * [DevToolsUIBindings] Accept an object for `dispatchHttpRequest` params Refs https://chromium-review.googlesource.com/c/chromium/src/+/6877528 * chore: IWYU * Pass navigation UI parameters on EnterFullscreen in EAM Refs https://chromium-review.googlesource.com/c/chromium/src/+/6874923 * chore: rm band-aid_over_an_issue_with_using_deprecated_nsopenpanel_api.patch * Remove unused PreHandleMouseEvent Refs https://chromium-review.googlesource.com/c/chromium/src/+/6880411 * 6878583: siso: update to version 1.4.1 https://chromium-review.googlesource.com/c/chromium/src/+/6878583 * Fold native_theme_browser into native_theme. https://chromium-review.googlesource.com/c/chromium/src/+/6882627 * fixup: Reland "[exit-time-destructors] Enable by default https://chromium-review.googlesource.com/c/chromium/src/+/6859042 * chore: update filenames.libcxx.gni * chore: IWYU * fixup: chore: IWYU * fixup: Reland "[exit-time-destructors] Enable by default * fixup: Reland "[exit-time-destructors] Enable by default * Remove common_theme.*; place its method in NativeTheme instead. https://chromium-review.googlesource.com/c/chromium/src/+/6886029 * fixup: Reland "[exit-time-destructors] Enable by default * Better track when WebPreferences need updates for color-related changes. Refs https://chromium-review.googlesource.com/c/chromium/src/+/6886797 * chore: bump chromium in DEPS to 141.0.7390.7 * 6904664: Reland "Make BrowserContext::GetPath() const" https://chromium-review.googlesource.com/c/chromium/src/+/6904664 * Restore read access after certain file modification operations https://chromium-review.googlesource.com/c/chromium/src/+/6861041 * fixup: Move "system integrated UI" concept out of NativeTheme. * fixup: Reland "[exit-time-destructors] Enable by default * chore: update patches * 6906096: Remove GetSysSkColor(). https://chromium-review.googlesource.com/c/chromium/src/+/6906096 * Inline implementation of SysColorChangeListener into the lone user. https://chromium-review.googlesource.com/c/chromium/src/+/6905083 Also 6906096: Remove GetSysSkColor(). | https://chromium-review.googlesource.com/c/chromium/src/+/6906096 * fixup: 6906096: Remove GetSysSkColor() --------- Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com> Co-authored-by: deepak1556 <hop2deep@gmail.com> Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
71 lines
3.9 KiB
Diff
71 lines
3.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Shelley Vohr <shelley.vohr@gmail.com>
|
|
Date: Mon, 29 Aug 2022 11:44:57 +0200
|
|
Subject: fix: crash loading non-standard schemes in iframes
|
|
|
|
This fixes a crash that occurs when loading non-standard schemes from
|
|
iframes or webviews. This was happening because
|
|
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin contains explicit
|
|
exceptions to allow built-in non-standard schemes, but does not check
|
|
for non-standard schemes registered by the embedder.
|
|
|
|
This patch adjusts the origin calculation for subframe non-standard schemes in
|
|
- browser process at `NavigationRequest::GetOriginForURLLoaderFactoryUncheckedWithDebugInfo`
|
|
- render process at `DocumentLoader::CalculateOrigin`
|
|
|
|
When top level frame navigates to non-standard scheme url, the origin is calculated
|
|
as `null` without any derivation. It is only in cases where there is a `initiator_origin`
|
|
then the origin is derived from it, which is usually the case for renderer initiated
|
|
navigations and iframes are no exceptions from this rule.
|
|
|
|
The patch should be removed in favor of either:
|
|
- Remove support for non-standard custom schemes
|
|
- Register non-standard custom schemes as websafe schemes and update
|
|
CPSPI::CanAccessDataForOrigin to allow them for any navigation.
|
|
- Update the callsite to use RFHI::CanCommitOriginAndUrl in upstream, previous
|
|
effort to do this can be found at https://chromium-review.googlesource.com/c/chromium/src/+/3856266.
|
|
|
|
Upstream bug https://bugs.chromium.org/p/chromium/issues/detail?id=1081397.
|
|
|
|
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
|
|
index ed42146d41ed88133780217cea15ab068ca77745..f151330a55443f9e4518265ccc2c1368a38474ae 100644
|
|
--- a/content/browser/renderer_host/navigation_request.cc
|
|
+++ b/content/browser/renderer_host/navigation_request.cc
|
|
@@ -11316,6 +11316,11 @@ url::Origin NavigationRequest::GetOriginForURLLoaderFactoryUnchecked() {
|
|
target_rph_id);
|
|
}
|
|
|
|
+ if (!common_params().url.IsStandard() && !common_params().url.IsAboutBlank()) {
|
|
+ return url::Origin::Resolve(common_params().url,
|
|
+ url::Origin());
|
|
+ }
|
|
+
|
|
// In cases not covered above, URLLoaderFactory should be associated with the
|
|
// origin of |common_params.url| and/or |common_params.initiator_origin|.
|
|
url::Origin resolved_origin = url::Origin::Resolve(
|
|
diff --git a/third_party/blink/renderer/core/loader/document_loader.cc b/third_party/blink/renderer/core/loader/document_loader.cc
|
|
index 24ca17c2cf3e633f5609d13cebfc521991e9aabf..8e34fadf2cb21e561d6a4d3b0c7e8c384e33cc73 100644
|
|
--- a/third_party/blink/renderer/core/loader/document_loader.cc
|
|
+++ b/third_party/blink/renderer/core/loader/document_loader.cc
|
|
@@ -2322,6 +2322,10 @@ Frame* DocumentLoader::CalculateOwnerFrame() {
|
|
scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
|
|
Document* owner_document) {
|
|
scoped_refptr<SecurityOrigin> origin;
|
|
+ bool is_standard = false;
|
|
+ std::string protocol = url_.Protocol().Ascii();
|
|
+ is_standard = url::IsStandard(
|
|
+ protocol.data(), url::Component(0, static_cast<int>(protocol.size())));
|
|
// Whether the origin is newly created within this call, instead of copied
|
|
// from an existing document's origin or from `origin_to_commit_`. If this is
|
|
// true, we won't try to compare the nonce of this origin (if it's opaque) to
|
|
@@ -2358,6 +2362,9 @@ scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
|
|
// non-renderer only origin bits will be the same, which will be asserted at
|
|
// the end of this function.
|
|
origin = origin_to_commit_;
|
|
+ } else if (!SecurityOrigin::ShouldUseInnerURL(url_) &&
|
|
+ !is_standard) {
|
|
+ origin = SecurityOrigin::Create(url_);
|
|
} else {
|
|
// Otherwise, create an origin that propagates precursor information
|
|
// as needed. For non-opaque origins, this creates a standard tuple
|