mirror of
https://github.com/electron/electron.git
synced 2026-01-09 23:48:01 -05:00
7a6af1a529
* chore: bump chromium in DEPS to 114.0.5712.0 * chore: update patches * 4401084: Remove extensions::InfoMap which is no longer needed. | https://chromium-review.googlesource.com/c/chromium/src/+/4401084 * 4415646: Add more details to print settings error log | https://chromium-review.googlesource.com/c/chromium/src/+/4415646 * chore: bump chromium in DEPS to 114.0.5714.0 * chore: update patches * chore: update libcxx filenames * chore: bump chromium in DEPS to 114.0.5715.0 * chore: update patches * fix extensions test --------- Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com> Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com> Co-authored-by: VerteDinde <vertedinde@electronjs.org> Co-authored-by: Jeremy Rose <jeremya@chromium.org>
79 lines
4.1 KiB
Diff
79 lines
4.1 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Shelley Vohr <shelley.vohr@gmail.com>
|
|
Date: Mon, 29 Aug 2022 11:44:57 +0200
|
|
Subject: fix: crash loading non-standard schemes in iframes
|
|
|
|
This fixes a crash that occurs when loading non-standard schemes from
|
|
iframes or webviews. This was happening because
|
|
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin contains explicit
|
|
exceptions to allow built-in non-standard schemes, but does not check
|
|
for non-standard schemes registered by the embedder.
|
|
|
|
Upstream, https://bugs.chromium.org/p/chromium/issues/detail?id=1081397
|
|
contains several paths forward - here I chose to swap out the
|
|
CHECK in navigation_request.cc from policy->CanAccessDataForOrigin to
|
|
policy->CanCommitOriginAndUrl.
|
|
|
|
Upstreamed at https://chromium-review.googlesource.com/c/chromium/src/+/3856266.
|
|
|
|
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
|
|
index 6ed6d986d0d72603451fef8e6723228cdac63b3b..aabec0138adfca2d2e4a46ed525ae726e840f1c5 100644
|
|
--- a/content/browser/renderer_host/navigation_request.cc
|
|
+++ b/content/browser/renderer_host/navigation_request.cc
|
|
@@ -7386,10 +7386,11 @@ NavigationRequest::GetOriginForURLLoaderFactoryAfterResponseWithDebugInfo() {
|
|
if (IsForMhtmlSubframe())
|
|
return origin_with_debug_info;
|
|
|
|
- int process_id = GetRenderFrameHost()->GetProcess()->GetID();
|
|
- auto* policy = ChildProcessSecurityPolicyImpl::GetInstance();
|
|
- CHECK(
|
|
- policy->CanAccessDataForOrigin(process_id, origin_with_debug_info.first));
|
|
+ CanCommitStatus can_commit = GetRenderFrameHost()->CanCommitOriginAndUrl(
|
|
+ origin_with_debug_info.first, GetURL(), IsSameDocument(), IsPdf(),
|
|
+ GetUrlInfo().is_sandboxed);
|
|
+ CHECK_EQ(CanCommitStatus::CAN_COMMIT_ORIGIN_AND_URL, can_commit);
|
|
+
|
|
return origin_with_debug_info;
|
|
}
|
|
|
|
diff --git a/content/browser/renderer_host/render_frame_host_impl.h b/content/browser/renderer_host/render_frame_host_impl.h
|
|
index 4653e7c5f4ac98bebdcb0de7d05f4a07154f2d36..7f0f920b8beca04bfbeb0025fc3cb69079872d63 100644
|
|
--- a/content/browser/renderer_host/render_frame_host_impl.h
|
|
+++ b/content/browser/renderer_host/render_frame_host_impl.h
|
|
@@ -2893,6 +2893,17 @@ class CONTENT_EXPORT RenderFrameHostImpl
|
|
// last committed document.
|
|
CookieChangeListener::CookieChangeInfo GetCookieChangeInfo();
|
|
|
|
+ // Returns whether the given origin and URL is allowed to commit in the
|
|
+ // current RenderFrameHost. The |url| is used to ensure it matches the origin
|
|
+ // in cases where it is applicable. This is a more conservative check than
|
|
+ // RenderProcessHost::FilterURL, since it will be used to kill processes that
|
|
+ // commit unauthorized origins.
|
|
+ CanCommitStatus CanCommitOriginAndUrl(const url::Origin& origin,
|
|
+ const GURL& url,
|
|
+ bool is_same_document_navigation,
|
|
+ bool is_pdf,
|
|
+ bool is_sandboxed);
|
|
+
|
|
// Sets a ResourceCache in the renderer. `this` must be active and there must
|
|
// be no pending navigation. `remote` must have the same and process
|
|
// isolation policy.
|
|
@@ -3235,17 +3246,6 @@ class CONTENT_EXPORT RenderFrameHostImpl
|
|
// relevant.
|
|
void ResetWaitingState();
|
|
|
|
- // Returns whether the given origin and URL is allowed to commit in the
|
|
- // current RenderFrameHost. The |url| is used to ensure it matches the origin
|
|
- // in cases where it is applicable. This is a more conservative check than
|
|
- // RenderProcessHost::FilterURL, since it will be used to kill processes that
|
|
- // commit unauthorized origins.
|
|
- CanCommitStatus CanCommitOriginAndUrl(const url::Origin& origin,
|
|
- const GURL& url,
|
|
- bool is_same_document_navigation,
|
|
- bool is_pdf,
|
|
- bool is_sandboxed);
|
|
-
|
|
// Returns whether a subframe navigation request should be allowed to commit
|
|
// to the current RenderFrameHost.
|
|
bool CanSubframeCommitOriginAndUrl(NavigationRequest* navigation_request);
|