mirror of
https://github.com/electron/electron.git
synced 2026-01-08 23:18:06 -05:00
95e87e46ab
* chore: bump chromium in DEPS to 144.0.7543.0 * Pass PipScreenCaptureCoordinatorProxy to ScreenCaptureKitDeviceMac https://chromium-review.googlesource.com/c/chromium/src/+/7157590 * chore: update patches * chore: update filenames.libcxx.gni * 7142359: Spanification of process_singleton_posix.cc https: //chromium-review.googlesource.com/c/chromium/src/+/7142359 Co-Authored-By: Charles Kerr <70381+ckerr@users.noreply.github.com> * Move logging::LoggingSettings to base/logging/logging_settings.h https://chromium-review.googlesource.com/c/chromium/src/+/7173024 * chore: bump chromium in DEPS to 144.0.7545.0 * 7159368: update PluginService API for sync GetPlugins Upstream removed async PluginService APIs: - GetPluginsAsync() removed, use synchronous GetPlugins() - RegisterInternalPlugin() now takes single argument (remove add_at_beginning) - RefreshPlugins() removed entirely Updated ElectronPluginInfoHostImpl to use synchronous plugin loading and simplified ElectronBrowserMainParts internal plugin registration. Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7159368 Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7159328 Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7159056 (cherry picked from commit88cdf50b0a) * 7159184: add missing base/files/file_path.h include Add explicit include for base/files/file_path.h in electron_browser_context.h. After removal of superfluous Mojo includes from content headers, base::FilePath is no longer transitively included via content/public/browser/browser_context.h. Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7159184 (cherry picked from commit6ca8ea03ec) * 7126479: add ShouldForceRefreshTextCheckService parameter to SpellCheckClient Upstream added a force-refresh parameter to WebTextCheckClient::RequestCheckingOfText to bypass spell check cache. Add the new ShouldForceRefreshTextCheckService parameter to SpellCheckClient's override (currently unused in Electron). Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7126479 (cherry picked from commit879c0401c4) * 7083663: remove fingerprinting_protection_ruleset_service override Upstream deleted external references to Fingerprinting Protection Filter (FPF) component. Remove the fingerprinting_protection_ruleset_service() override from BrowserProcessImpl as the method no longer exists in the base class. Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7083663 (cherry picked from commit8350d152f9) * 7155287: implement WebContentsView::GetSize and Resize Upstream delegated WebContents::GetSize() and Resize() to WebContentsView, making them pure virtual. Add const qualifier to GetSize() and implement the Resize() override in OffScreenWebContentsView (no-op for offscreen). Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7155287 (cherry picked from commit084eaa568e) * 7184238: add OnUnconfirmedTapConvertedToTap override Upstream added OnUnconfirmedTapConvertedToTap as a pure virtual method to RenderWidgetHostViewBase to inform root view when child frame converts an unconfirmed tap. Add empty override for offscreen rendering. Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7184238 (cherry picked from commitef03400d9a) * 7143586: add widget parameter to OnCommandsChanged GlobalAcceleratorListener::OnCommandsChanged gained a gfx::AcceleratedWidget parameter for window association in the GlobalShortcutListenerLinux implementation. Pass gfx::kNullAcceleratedWidget for Electron's usage. Ref: : Pass parent handle to GlobalAcceleratorListenerLinux::BindShortcuts | https://chromium-review.googlesource.com/c/chromium/src/+/7143586 (cherry picked from commit38306e2bfc) Co-Authored-By: Samuel Attard <MarshallOfSound@users.noreply.github.com> * chore: update patches Co-Authored-By: Samuel Attard <MarshallOfSound@users.noreply.github.com> * chore: bump chromium in DEPS to 144.0.7547.0 * chore: update patches * 7189232: Add support for UnownedUserData in GlobalFeatures https: //chromium-review.googlesource.com/c/chromium/src/+/7189232 * Refactor: Use std::u16string for extension load error messages https://chromium-review.googlesource.com/c/chromium/src/+/7185844 * fixup Add support for UnownedUserData in GlobalFeatures * 7165650: Remove ResourceContext https://chromium-review.googlesource.com/c/chromium/src/+/7165650 * fixup BUILD.gn for lint * 7202164: Reland "Reland "Remove GenericScopedHandle:IsValid"" https://chromium-review.googlesource.com/c/chromium/src/+/7202164 * advance deprecation of v8::ReturnValue<void>::Set(Local<S>). 7168624: [runtime][api] Relax requirements for setter/definer/deleter callbacks | https://chromium-review.googlesource.com/c/v8/v8/+/7168624 * fixup advance deprecation of v8::ReturnValue<void>::Set(Local<S>) * chore: skip setting LPAC ACLs * Revert "chore: skip setting LPAC ACLs" This reverts commite187aec488. * chore: revert Convert to UNSAFE_TODO in sandbox revert https://chromium-review.googlesource.com/c/chromium/src/+/7131661 to see if it fixes the Windows sandbox issue. * Revert "chore: revert Convert to UNSAFE_TODO in sandbox" This reverts commit57afbfefe5. * chore: Revert "Enable network sandbox by default on Windows" see if this fixes the Windows sandbox issue * Enable network sandbox by default on Windows https://chromium-review.googlesource.com/c/chromium/src/+/7204292 * Revert "chore: Revert "Enable network sandbox by default on Windows"" This reverts commit530ab6af82. * fixup! Enable network sandbox by default on Windows | https://chromium-review.googlesource.com/c/chromium/src/+/7204292 * fixup!: Correct flag name, add kLocalNetworkAccessChecks to all platforms --------- Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com> Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org> Co-authored-by: Charles Kerr <70381+ckerr@users.noreply.github.com> Co-authored-by: Samuel Attard <sattard@anthropic.com> Co-authored-by: Samuel Attard <MarshallOfSound@users.noreply.github.com> Co-authored-by: John Kleinschmidt <kleinschmidtorama@gmail.com> Co-authored-by: Keeley Hammond <khammond@slack-corp.com>
71 lines
3.9 KiB
Diff
71 lines
3.9 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Shelley Vohr <shelley.vohr@gmail.com>
|
|
Date: Mon, 29 Aug 2022 11:44:57 +0200
|
|
Subject: fix: crash loading non-standard schemes in iframes
|
|
|
|
This fixes a crash that occurs when loading non-standard schemes from
|
|
iframes or webviews. This was happening because
|
|
ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin contains explicit
|
|
exceptions to allow built-in non-standard schemes, but does not check
|
|
for non-standard schemes registered by the embedder.
|
|
|
|
This patch adjusts the origin calculation for subframe non-standard schemes in
|
|
- browser process at `NavigationRequest::GetOriginForURLLoaderFactoryUncheckedWithDebugInfo`
|
|
- render process at `DocumentLoader::CalculateOrigin`
|
|
|
|
When top level frame navigates to non-standard scheme url, the origin is calculated
|
|
as `null` without any derivation. It is only in cases where there is a `initiator_origin`
|
|
then the origin is derived from it, which is usually the case for renderer initiated
|
|
navigations and iframes are no exceptions from this rule.
|
|
|
|
The patch should be removed in favor of either:
|
|
- Remove support for non-standard custom schemes
|
|
- Register non-standard custom schemes as websafe schemes and update
|
|
CPSPI::CanAccessDataForOrigin to allow them for any navigation.
|
|
- Update the callsite to use RFHI::CanCommitOriginAndUrl in upstream, previous
|
|
effort to do this can be found at https://chromium-review.googlesource.com/c/chromium/src/+/3856266.
|
|
|
|
Upstream bug https://bugs.chromium.org/p/chromium/issues/detail?id=1081397.
|
|
|
|
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
|
|
index 83c47152aae8652f7ffdb2fe9e79a737056854e5..ad876ab93a0a9765d018c9e5cfda1791d4901c13 100644
|
|
--- a/content/browser/renderer_host/navigation_request.cc
|
|
+++ b/content/browser/renderer_host/navigation_request.cc
|
|
@@ -11464,6 +11464,11 @@ url::Origin NavigationRequest::GetOriginForURLLoaderFactoryUnchecked() {
|
|
target_rph_id);
|
|
}
|
|
|
|
+ if (!common_params().url.IsStandard() && !common_params().url.IsAboutBlank()) {
|
|
+ return url::Origin::Resolve(common_params().url,
|
|
+ url::Origin());
|
|
+ }
|
|
+
|
|
// In cases not covered above, URLLoaderFactory should be associated with the
|
|
// origin of |common_params.url| and/or |common_params.initiator_origin|.
|
|
url::Origin resolved_origin = url::Origin::Resolve(
|
|
diff --git a/third_party/blink/renderer/core/loader/document_loader.cc b/third_party/blink/renderer/core/loader/document_loader.cc
|
|
index 8a98512164870e85b004cb6452dd697d2854b12c..de1020240f52fc43c02d4ad78127ad0ad36d6265 100644
|
|
--- a/third_party/blink/renderer/core/loader/document_loader.cc
|
|
+++ b/third_party/blink/renderer/core/loader/document_loader.cc
|
|
@@ -2329,6 +2329,10 @@ Frame* DocumentLoader::CalculateOwnerFrame() {
|
|
scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
|
|
Document* owner_document) {
|
|
scoped_refptr<SecurityOrigin> origin;
|
|
+ bool is_standard = false;
|
|
+ std::string protocol = url_.Protocol().Ascii();
|
|
+ is_standard = url::IsStandard(
|
|
+ protocol.data(), url::Component(0, static_cast<int>(protocol.size())));
|
|
// Whether the origin is newly created within this call, instead of copied
|
|
// from an existing document's origin or from `origin_to_commit_`. If this is
|
|
// true, we won't try to compare the nonce of this origin (if it's opaque) to
|
|
@@ -2365,6 +2369,9 @@ scoped_refptr<SecurityOrigin> DocumentLoader::CalculateOrigin(
|
|
// non-renderer only origin bits will be the same, which will be asserted at
|
|
// the end of this function.
|
|
origin = origin_to_commit_;
|
|
+ } else if (!SecurityOrigin::ShouldUseInnerURL(url_) &&
|
|
+ !is_standard) {
|
|
+ origin = SecurityOrigin::Create(url_);
|
|
} else {
|
|
// Otherwise, create an origin that propagates precursor information
|
|
// as needed. For non-opaque origins, this creates a standard tuple
|