github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-04-10 03:01:51 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
bc02cdf5b35382ae0c03251c202d5c78b0cfa764
electron/patches/chromium/feat_allow_code_cache_in_custom_schemes.patch
trop[bot] 786bf64a09 chore: bump chromium to 148.0.7768.0 (42-x-y) (#50781) 
chore: bump chromium to 148.0.7768.0 42-x-y

* chore: bump chromium in DEPS to 148.0.7765.0

* chore: bump chromium in DEPS to 148.0.7766.0

* fix(patch-conflict): update packed_resources dep name after upstream rename

Upstream renamed //chrome:packed_resources_integrity_header to
//chrome:packed_resources. Updated the patch to guard the new dependency
name with !is_electron_build while preserving the same intent.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7714543



* fix(patch-conflict): update code_cache_host_impl.cc for upstream includes and TODO

Upstream added #include <stdint.h> and a TODO comment in
code_cache_host_impl.cc which conflicted with the Electron code cache
custom schemes patch. Resolved by keeping both upstream additions and
the Electron ProcessLockURLIsCodeCacheScheme function.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7615151



* chore: update patch hunk headers



* 7700837: update RecordContentToVisibleTimeRequest from mojom to native struct

Upstream typemapped RecordContentToVisibleTimeRequest from a Mojo
struct to a native C++ struct. Updated OSR virtual method signatures
from blink::mojom::RecordContentToVisibleTimeRequestPtr to
std::optional<blink::RecordContentToVisibleTimeRequest> and
blink::RecordContentToVisibleTimeRequest to match.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7700837



* 7714579: update WebString::FromASCII to FromUTF8

Upstream renamed blink::WebString::FromASCII to FromAscii. Updated
Electron's usage to FromUTF8 which is equivalent for ASCII scheme
strings and avoids a dependency on the renamed method. Also fixed
blink::String::FromUTF8 to use the String constructor directly.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7714579



* 7696480: add stream_info dep after StreamInfo extraction

Upstream extracted extensions::StreamInfo from PdfViewerStreamManager
to a standalone class in extensions/browser/mime_handler/stream_info.h.
Added the new target as a dependency since Electron's streams_private
and pdf_viewer_private APIs use PdfViewerStreamManager which now
depends on the separate StreamInfo target.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7696480



* chore: bump chromium in DEPS to 148.0.7768.0

* fix(patch-conflict): update PiP patch for new toggle_mute_button in overlay window

Upstream added a toggle_mute_button to the live caption dialog controls
in VideoOverlayWindowViews::SetLiveCaptionDialogVisibility. Extended the
existing #if 0 guard to include the new button handling since Electron
disables live caption dialog functionality.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7682308



* fix(patch-conflict): update packed_resource_integrity patch after upstream dep removal

Upstream removed the deps += [ "//chrome:packed_resources" ] line from
the if (!is_win) block in chrome/browser/BUILD.gn. The Electron patch
no longer needs to guard this dep with !is_electron_build in this
location since the dep was already relocated by an earlier upstream CL.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7714543



* fix(patch-conflict): update WebSocket throttling revert for DisconnectWebSocketOnBFCache guard

Upstream added a DisconnectWebSocketOnBFCacheEnabled() runtime feature
check that wraps the WebSocket BFCache feature registration. Updated the
Electron revert patch to place the kAllowAggressiveThrottlingWithWebSocket
ternary inside the new conditional guard.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7698838



* fix(patch-conflict): update SCContentSharingPicker patch for upstream native picker refactor

Upstream added is_native_picker and filter_ based native picker session
validation to ScreenCaptureKitDeviceMac. Electron's patch uses its own
native picker approach (active_streams_ counter + direct SCContentSharingPicker
API), so marked the new upstream parameters as [[maybe_unused]] and kept
Electron's implementation.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7713560



* chore: update patch hunk headers



* 7708800: update StartDragging signature to use RenderFrameHost

Upstream refactored StartDragging to take a RenderFrameHost& instead of
separate source_origin and source_rwh parameters. Updated
OffScreenWebContentsView to match the new signature and derive the
RenderWidgetHostImpl from the RenderFrameHost internally.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7708800



* 7682308: add toggle_mute_button to chromium_src build sources

Upstream added a ToggleMuteButton to the PiP overlay window controls.
Added the new toggle_mute_button.cc/h source files to Electron's
chromium_src/BUILD.gn to resolve linker errors.

Ref: https://chromium-review.googlesource.com/c/chromium/src/+/7682308



* chore: update patches after main rebase

* fixup! 7708800: update StartDragging signature to use RenderFrameHost

fix linting

* 7705541: [trap-handler] Track individual Wasm memories | https://chromium-review.googlesource.com/c/v8/v8/+/7705541

Moved the SetUpWebAssemblyTrapHandler() call to before the V8 isolate is created

* fixup! fix utility process tests

---------

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
2026-04-07 15:30:18 -04:00

466 lines
21 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Cheng Zhao <zcbenz@gmail.com>
Date: Thu, 14 Dec 2023 21:16:53 +0900
Subject: Enable V8 code cache for custom schemes
Add a new category in ContentClient::AddAdditionalSchemes which allows
embedders to make custom schemes allow V8 code cache.
Chromium CL: https://chromium-review.googlesource.com/c/chromium/src/+/5019665
diff --git a/content/browser/code_cache/generated_code_cache.cc b/content/browser/code_cache/generated_code_cache.cc
index 7a775f9faac4296806ec1ab421da6dc7e9463a7a..251fdb8fb65e1b68056cb9c97a88a2da5450e380 100644
--- a/content/browser/code_cache/generated_code_cache.cc
+++ b/content/browser/code_cache/generated_code_cache.cc
@@ -4,6 +4,7 @@
#include "content/browser/code_cache/generated_code_cache.h"
+#include <algorithm>
#include <iostream>
#include <string_view>
@@ -33,6 +34,7 @@
#include "third_party/blink/public/common/loader/code_cache_util.h"
#include "third_party/blink/public/common/scheme_registry.h"
#include "url/gurl.h"
+#include "url/url_util.h"
using storage::BigIOBuffer;
@@ -54,13 +56,17 @@ void CheckValidResource(const GURL& resource_url,
GeneratedCodeCache::CodeCacheType cache_type) {
// If the resource url is invalid don't cache the code.
DCHECK(resource_url.is_valid());
- bool resource_url_is_chrome_or_chrome_untrusted =
+ // There are 3 kind of URL scheme compatible for the `resource_url`.
+ // 1. http: and https: URLs.
+ // 2. chrome: and chrome-untrusted: URLs.
+ // 3. URLs whose scheme are allowed by the content/ embedder.
+ const bool resource_url_http = resource_url.SchemeIsHTTPOrHTTPS();
+ const bool resource_url_webui =
resource_url.SchemeIs(content::kChromeUIScheme) ||
resource_url.SchemeIs(content::kChromeUIUntrustedScheme);
- DCHECK(
- resource_url.SchemeIsHTTPOrHTTPS() ||
- resource_url_is_chrome_or_chrome_untrusted ||
- blink::CommonSchemeRegistry::IsExtensionScheme(resource_url.GetScheme()));
+ const bool resource_url_embedder = std::ranges::contains(
+ url::GetCodeCacheSchemes(), resource_url.GetScheme());
+ DCHECK(resource_url_http || resource_url_webui || resource_url_embedder);
if (!blink::features::IsPersistentCacheForCodeCacheEnabled()) {
// The chrome and chrome-untrusted schemes are only used with the WebUI code
@@ -68,35 +74,51 @@ void CheckValidResource(const GURL& resource_url,
// segments WebUI from non-WebUI in multiple ways to prevent privilege
// escalation, using both `GetCacheId` and
// `CheckSecurityForAccessingCodeCacheData`.
- DCHECK_EQ(resource_url_is_chrome_or_chrome_untrusted,
+ DCHECK_EQ(resource_url_webui,
cache_type == GeneratedCodeCache::kWebUIJavaScript);
}
}
void CheckValidContext(const GURL& origin_lock,
GeneratedCodeCache::CodeCacheType cache_type) {
- // |origin_lock| should be either empty or should have
- // Http/Https/chrome/chrome-untrusted schemes and it should not be a URL with
- // opaque origin. Empty origin_locks are allowed when the renderer is not
- // locked to an origin.
- bool origin_lock_is_chrome_or_chrome_untrusted =
+ // |origin_lock| should be either empty or should have code cache allowed
+ // schemes (http/https/chrome/chrome-untrusted or other custom schemes added
+ // by url::AddCodeCacheScheme), and it should not be a URL with opaque
+ // origin. Empty origin_locks are allowed when the renderer is not locked to
+ // an origin.
+ const bool origin_lock_empty = origin_lock.is_empty();
+ const bool origin_lock_for_http = origin_lock.SchemeIsHTTPOrHTTPS();
+ const bool origin_lock_for_webui =
origin_lock.SchemeIs(content::kChromeUIScheme) ||
origin_lock.SchemeIs(content::kChromeUIUntrustedScheme);
- DCHECK(origin_lock.is_empty() ||
- ((origin_lock.SchemeIsHTTPOrHTTPS() ||
- origin_lock_is_chrome_or_chrome_untrusted ||
- blink::CommonSchemeRegistry::IsExtensionScheme(
- origin_lock.GetScheme())) &&
- !url::Origin::Create(origin_lock).opaque()));
+ const bool origin_lock_for_embedder = std::ranges::contains(
+ url::GetCodeCacheSchemes(), origin_lock.GetScheme());
+
+ DCHECK(origin_lock_empty || ((origin_lock_for_http || origin_lock_for_webui ||
+ origin_lock_for_embedder) &&
+ !url::Origin::Create(origin_lock).opaque()));
if (!blink::features::IsPersistentCacheForCodeCacheEnabled()) {
- // The chrome and chrome-untrusted schemes are only used with the WebUI code
- // cache type when PersistentCache is not used. Otherwise, PersistentCache
+ // The chrome and chrome-untrusted schemes are only used with their dedicated
+ // code cache type when PersistentCache is not used. Otherwise, PersistentCache
// segments WebUI from non-WebUI in multiple ways to prevent privilege
// escalation, using both `GetCacheId` and
// `CheckSecurityForAccessingCodeCacheData`.
- DCHECK_EQ(origin_lock_is_chrome_or_chrome_untrusted,
- cache_type == GeneratedCodeCache::kWebUIJavaScript);
+ switch (cache_type) {
+ case GeneratedCodeCache::kJavaScript:
+ case GeneratedCodeCache::kWebAssembly:
+ DCHECK(!origin_lock_for_webui);
+ break;
+ case GeneratedCodeCache::kWebUIJavaScript:
+ DCHECK(origin_lock_for_webui);
+ break;
+ }
+
+ // The custom schemes share the cache type with http(s).
+ if (origin_lock_for_embedder) {
+ DCHECK(cache_type == GeneratedCodeCache::kJavaScript ||
+ cache_type == GeneratedCodeCache::kWebAssembly);
+ }
}
}
diff --git a/content/browser/code_cache/generated_code_cache.h b/content/browser/code_cache/generated_code_cache.h
index a01f0d96ef33ce9460a851b072b7ceed5227dee3..f7e39b28cc0ba2251123925c01083a7935f46f56 100644
--- a/content/browser/code_cache/generated_code_cache.h
+++ b/content/browser/code_cache/generated_code_cache.h
@@ -51,12 +51,14 @@ class CONTENT_EXPORT GeneratedCodeCache {
// Cache type. Used for collecting statistics for JS and Wasm in separate
// buckets.
enum CodeCacheType {
- // JavaScript from http(s) pages.
+ // JavaScript from pages of http(s) schemes or custom schemes registered by
+ // url::AddCodeCacheScheme.
kJavaScript,
- // WebAssembly from http(s) pages. This cache allows more total size and
- // more size per item than the JavaScript cache, since some
- // WebAssembly programs are very large.
+ // WebAssembly from pages of http(s) schemes or custom schemes registered by
+ // url::AddCodeCacheScheme. This cache allows more total size and more size
+ // per item than the JavaScript cache, since some WebAssembly programs are
+ // very large.
kWebAssembly,
// JavaScript from chrome and chrome-untrusted pages. The resource URLs are
diff --git a/content/browser/code_cache/generated_code_cache_browsertest.cc b/content/browser/code_cache/generated_code_cache_browsertest.cc
index 68a3095a49caf472c83b93b5cef66e5549a2d7cc..aa371ba5576f9fbaf5558e39704f7eb87ec7511e 100644
--- a/content/browser/code_cache/generated_code_cache_browsertest.cc
+++ b/content/browser/code_cache/generated_code_cache_browsertest.cc
@@ -16,17 +16,22 @@
#include "base/time/time.h"
#include "content/browser/code_cache/generated_code_cache_context.h"
#include "content/browser/renderer_host/code_cache_host_impl.h"
+#include "content/browser/storage_partition_impl.h"
#include "content/browser/web_contents/web_contents_impl.h"
#include "content/common/renderer.mojom.h"
+#include "content/common/url_schemes.h"
#include "content/public/browser/browser_context.h"
+#include "content/public/browser/browser_thread.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/storage_partition.h"
#include "content/public/test/browser_test.h"
#include "content/public/test/browser_test_utils.h"
#include "content/public/test/content_browser_test.h"
#include "content/public/test/content_browser_test_utils.h"
+#include "content/public/test/test_browser_context.h"
#include "content/shell/browser/shell.h"
#include "content/test/content_browser_test_utils_internal.h"
+#include "content/test/test_content_client.h"
#include "net/base/features.h"
#include "net/dns/mock_host_resolver.h"
#include "third_party/blink/public/common/features.h"
@@ -38,6 +43,8 @@ namespace content {
namespace {
+const std::string kCodeCacheScheme = "test-code-cache";
+
bool SupportsSharedWorker() {
return base::FeatureList::IsEnabled(blink::features::kSharedWorker);
}
@@ -1063,4 +1070,82 @@ IN_PROC_BROWSER_TEST_F(LocalCompileHintsBrowserTest, LocalCompileHints) {
}
}
+class CodeCacheInCustomSchemeBrowserTest : public ContentBrowserTest,
+ public TestContentClient {
+ public:
+ CodeCacheInCustomSchemeBrowserTest() {
+ SetContentClient(this);
+ ReRegisterContentSchemesForTests();
+ }
+
+ ~CodeCacheInCustomSchemeBrowserTest() override { SetContentClient(nullptr); }
+
+ private:
+ void AddAdditionalSchemes(Schemes* schemes) override {
+ schemes->standard_schemes.push_back(kCodeCacheScheme);
+ schemes->code_cache_schemes.push_back(kCodeCacheScheme);
+ }
+
+ url::ScopedSchemeRegistryForTests scheme_registry_;
+};
+
+IN_PROC_BROWSER_TEST_F(CodeCacheInCustomSchemeBrowserTest,
+ AllowedCustomSchemeCanGenerateCodeCache) {
+ StoragePartitionImpl* partition =
+ static_cast<StoragePartitionImpl*>(shell()
+ ->web_contents()
+ ->GetBrowserContext()
+ ->GetDefaultStoragePartition());
+ scoped_refptr<GeneratedCodeCacheContext> context =
+ partition->GetGeneratedCodeCacheContext();
+ EXPECT_NE(context, nullptr);
+
+ GURL url(kCodeCacheScheme + "://host4/script.js");
+ GURL origin(kCodeCacheScheme + "://host1:1/");
+ ASSERT_TRUE(url.is_valid());
+ ASSERT_TRUE(origin.is_valid());
+ std::string data("SomeData");
+
+ // Add a code cache entry for the custom scheme.
+ base::test::TestFuture<void> add_entry_future;
+ GeneratedCodeCacheContext::RunOrPostTask(
+ context.get(), FROM_HERE,
+ base::BindOnce(
+ [](scoped_refptr<GeneratedCodeCacheContext> context, const GURL& url,
+ const GURL& origin, const std::string& data,
+ base::OnceClosure callback) {
+ context->generated_js_code_cache()->WriteEntry(
+ url, origin, net::NetworkIsolationKey(), base::Time::Now(),
+ std::vector<uint8_t>(data.begin(), data.end()));
+ GetUIThreadTaskRunner({})->PostTask(FROM_HERE, std::move(callback));
+ },
+ context, url, origin, data, add_entry_future.GetCallback()));
+ ASSERT_TRUE(add_entry_future.Wait());
+
+ // Get the code cache entry.
+ base::test::TestFuture<std::string> get_entry_future;
+ GeneratedCodeCacheContext::RunOrPostTask(
+ context.get(), FROM_HERE,
+ base::BindOnce(
+ [](scoped_refptr<GeneratedCodeCacheContext> context, const GURL& url,
+ const GURL& origin,
+ base::OnceCallback<void(std::string)> callback) {
+ context->generated_js_code_cache()->FetchEntry(
+ url, origin, net::NetworkIsolationKey(),
+ base::BindOnce(
+ [](base::OnceCallback<void(std::string)> callback,
+ const base::Time& response_time,
+ mojo_base::BigBuffer buffer) {
+ std::string data(buffer.data(),
+ buffer.data() + buffer.size());
+ GetUIThreadTaskRunner({})->PostTask(
+ FROM_HERE, base::BindOnce(std::move(callback), data));
+ },
+ std::move(callback)));
+ },
+ context, url, origin, get_entry_future.GetCallback()));
+ ASSERT_TRUE(get_entry_future.Wait());
+ ASSERT_EQ(data, get_entry_future.Get<0>());
+}
+
} // namespace content
diff --git a/content/browser/renderer_host/code_cache_host_impl.cc b/content/browser/renderer_host/code_cache_host_impl.cc
index a3c5e2ccc611dbab868099b377b05d28422055fe..eb0412e5ebf43b7ce7558d629cb27db967bb86ec 100644
--- a/content/browser/renderer_host/code_cache_host_impl.cc
+++ b/content/browser/renderer_host/code_cache_host_impl.cc
@@ -4,6 +4,7 @@
#include "content/browser/renderer_host/code_cache_host_impl.h"
+#include <algorithm>
#include <stdint.h>
#include <optional>
@@ -51,6 +52,7 @@
#include "third_party/perfetto/include/perfetto/tracing/track_event_args.h"
#include "url/gurl.h"
#include "url/origin.h"
+#include "url/url_util.h"
using blink::mojom::CacheStorageError;
@@ -65,6 +67,10 @@ enum class Operation {
kWrite,
};
+bool ProcessLockURLIsCodeCacheScheme(const ProcessLock& process_lock) {
+ return std::ranges::contains(url::GetCodeCacheSchemes(), process_lock.GetProcessLockURL().scheme());
+}
+
// TODO(crbug.com/492899973): Refactor to use `RenderFrameHost*`.
bool CheckSecurityForAccessingCodeCacheData(const GURL& resource_url,
ChildProcessId render_process_id,
@@ -77,42 +83,56 @@ bool CheckSecurityForAccessingCodeCacheData(const GURL& resource_url,
ChildProcessSecurityPolicyImpl::GetInstance()->GetProcessLock(
render_process_id);
- // Code caching is only allowed for http(s) and chrome/chrome-untrusted
- // scripts. Furthermore, there is no way for http(s) pages to load chrome or
+ // Code caching is only allowed for scripts from:
+ // 1. http: and https: schemes.
+ // 2. chrome: and chrome-untrusted: schemes.
+ // 3. Schemes registered by content/ embedder via url::AddCodeCacheScheme.
+ //
+ // Furthermore, we know there are no way for http(s) pages to load chrome or
// chrome-untrusted scripts, so any http(s) page attempting to store data
// about a chrome or chrome-untrusted script would be an indication of
// suspicious activity.
+ if (resource_url.SchemeIsHTTPOrHTTPS()) {
+ if (process_lock.MatchesScheme(url::kHttpScheme) ||
+ process_lock.MatchesScheme(url::kHttpsScheme)) {
+ return true;
+ }
+ // Pages in custom schemes like isolated-app: are allowed to load http(s)
+ // resources.
+ if (ProcessLockURLIsCodeCacheScheme(process_lock)) {
+ return true;
+ }
+ // It is possible for WebUI pages to include open-web content, but such
+ // usage is rare and we've decided that reasoning about security is easier
+ // if the WebUI code cache includes only WebUI scripts.
+ return false;
+ }
+
if (resource_url.SchemeIs(content::kChromeUIScheme) ||
resource_url.SchemeIs(content::kChromeUIUntrustedScheme)) {
- if (!process_lock.IsLockedToSite()) {
- // We can't tell for certain whether this renderer is doing something
- // malicious, but we don't trust it enough to store data.
- return false;
+ if (process_lock.MatchesScheme(content::kChromeUIScheme) ||
+ process_lock.MatchesScheme(content::kChromeUIUntrustedScheme)) {
+ return true;
}
- if (process_lock.MatchesScheme(url::kHttpScheme) ||
- process_lock.MatchesScheme(url::kHttpsScheme)) {
- if (operation == Operation::kWrite) {
+ if (operation == Operation::kWrite) {
+ if (process_lock.MatchesScheme(url::kHttpScheme) ||
+ process_lock.MatchesScheme(url::kHttpsScheme)) {
mojo::ReportBadMessage("HTTP(S) pages cannot cache WebUI code");
}
+ if (ProcessLockURLIsCodeCacheScheme(process_lock)) {
+ mojo::ReportBadMessage(
+ "Page whose scheme are allowed by content/ embedders cannot cache "
+ "WebUI code. Did the embedder misconfigured content/?");
+ }
return false;
}
// Other schemes which might successfully load chrome or chrome-untrusted
// scripts, such as the PDF viewer, are unsupported but not considered
- // dangerous.
- return process_lock.MatchesScheme(content::kChromeUIScheme) ||
- process_lock.MatchesScheme(content::kChromeUIUntrustedScheme);
+ // dangerous. Similarly, the process might not be locked to a site.
+ return false;
}
- if (resource_url.SchemeIsHTTPOrHTTPS() ||
- blink::CommonSchemeRegistry::IsExtensionScheme(
- resource_url.GetScheme())) {
- if (process_lock.MatchesScheme(content::kChromeUIScheme) ||
- process_lock.MatchesScheme(content::kChromeUIUntrustedScheme)) {
- // It is possible for WebUI pages to include open-web content, but such
- // usage is rare and we've decided that reasoning about security is easier
- // if the WebUI code cache includes only WebUI scripts.
- return false;
- }
- return true;
+ if (std::ranges::contains(url::GetCodeCacheSchemes(), resource_url.GetScheme())) {
+ return ProcessLockURLIsCodeCacheScheme(process_lock);
}
if (operation == Operation::kWrite) {
@@ -200,6 +220,7 @@ std::optional<GURL> GetOriginLock(ChildProcessId render_process_id) {
process_lock.MatchesScheme(url::kHttpsScheme) ||
process_lock.MatchesScheme(content::kChromeUIScheme) ||
process_lock.MatchesScheme(content::kChromeUIUntrustedScheme) ||
+ ProcessLockURLIsCodeCacheScheme(process_lock) ||
blink::CommonSchemeRegistry::IsExtensionScheme(
process_lock.GetProcessLockURL().GetScheme())) {
return process_lock.GetProcessLockURL();
diff --git a/content/common/url_schemes.cc b/content/common/url_schemes.cc
index 225e017909b8869231b870eaaf161a0b5e93e2a0..846a5251429630b8528a84a3d67ed56cb28df5a1 100644
--- a/content/common/url_schemes.cc
+++ b/content/common/url_schemes.cc
@@ -102,6 +102,14 @@ void RegisterContentSchemes(bool should_lock_registry) {
for (auto& scheme : schemes.empty_document_schemes)
url::AddEmptyDocumentScheme(scheme.c_str());
+ for (auto& scheme : schemes.code_cache_schemes) {
+ CHECK_NE(scheme, kChromeUIScheme);
+ CHECK_NE(scheme, kChromeUIUntrustedScheme);
+ CHECK_NE(scheme, url::kHttpScheme);
+ CHECK_NE(scheme, url::kHttpsScheme);
+ url::AddCodeCacheScheme(scheme.c_str());
+ }
+
#if BUILDFLAG(IS_ANDROID)
if (schemes.allow_non_standard_schemes_in_origins)
url::EnableNonStandardSchemesForAndroidWebView();
diff --git a/content/public/common/content_client.h b/content/public/common/content_client.h
index 21c48c9036df0ef79ce8bcd1de009dc35cb1f7e8..5729782fe857acf747ae711501a6034c7a7f3767 100644
--- a/content/public/common/content_client.h
+++ b/content/public/common/content_client.h
@@ -139,6 +139,9 @@ class CONTENT_EXPORT ContentClient {
// Registers a URL scheme as strictly empty documents, allowing them to
// commit synchronously.
std::vector<std::string> empty_document_schemes;
+ // Registers a URL scheme whose js and wasm scripts have V8 code cache
+ // enabled.
+ std::vector<std::string> code_cache_schemes;
// Registers a URL scheme as extension scheme.
std::vector<std::string> extension_schemes;
// Registers a URL scheme with a predefined default custom handler.
diff --git a/url/url_util.cc b/url/url_util.cc
index 0ec8bea97ce124721909768290f7a79876f10c75..1ee0feaad9be437914b101195e862965fcaccff4 100644
--- a/url/url_util.cc
+++ b/url/url_util.cc
@@ -132,6 +132,9 @@ struct SchemeRegistry {
kMaterializedViewScheme,
};
+ // Embedder schemes that have V8 code cache enabled in js and wasm scripts.
+ std::vector<std::string> code_cache_schemes = {};
+
// Schemes with a predefined default custom handler.
std::vector<SchemeWithHandler> predefined_handler_schemes;
@@ -667,6 +670,15 @@ const std::vector<std::string>& GetEmptyDocumentSchemes() {
return GetSchemeRegistry().empty_document_schemes;
}
+void AddCodeCacheScheme(const std::string_view new_scheme) {
+ DoAddScheme(new_scheme,
+ &GetSchemeRegistryWithoutLocking()->code_cache_schemes);
+}
+
+const std::vector<std::string>& GetCodeCacheSchemes() {
+ return GetSchemeRegistry().code_cache_schemes;
+}
+
void AddPredefinedHandlerScheme(std::string_view new_scheme,
std::string_view handler) {
DoAddSchemeWithHandler(
diff --git a/url/url_util.h b/url/url_util.h
index 4af5e6e9e4ec0642d8788c4323aaf07bc27acfb3..6906dd1c903209f3bb6d9ca346e845f1dfeef050 100644
--- a/url/url_util.h
+++ b/url/url_util.h
@@ -115,6 +115,15 @@ COMPONENT_EXPORT(URL) const std::vector<std::string>& GetCSPBypassingSchemes();
COMPONENT_EXPORT(URL) void AddEmptyDocumentScheme(std::string_view new_scheme);
COMPONENT_EXPORT(URL) const std::vector<std::string>& GetEmptyDocumentSchemes();
+// Adds an application-defined scheme to the list of schemes that have V8 code
+// cache enabled for the js and wasm scripts.
+// The WebUI schemes (chrome/chrome-untrusted) do not belong to this list, as
+// they are treated as a separate cache type for security purpose.
+// The http(s) schemes do not belong to this list neither, they always have V8
+// code cache enabled.
+COMPONENT_EXPORT(URL) void AddCodeCacheScheme(std::string_view new_scheme);
+COMPONENT_EXPORT(URL) const std::vector<std::string>& GetCodeCacheSchemes();
+
// Adds a scheme with a predefined default handler.
//
// This pair of strings must be normalized protocol handler parameters as
Reference in New Issue View Git Blame Copy Permalink