Google Git
Sign in
chromium / chromium / src / 36f5b705e81215a8909ff80842572ca547783776
commit36f5b705e81215a8909ff80842572ca547783776[log] [tgz]
authorTitouan Rigoudy <titouan@chromium.org>Mon Jun 13 14:52:36 2022
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Mon Jun 13 14:52:36 2022
tree642fe7c97eecc201f44f60dd9b12654cde5d9e21
parent27e7be46b9f10ea41a4e0fd4d06e94f6f0c6b7a3 [diff]
[Merge] [Private Network Access] Skip inconsistency check when PNA is disabled.

The special-case logic we have for proxied resources (treat them as `kUnknown`) does not apply to cached resources that were originally proxied. When we load a proxied video, the first few bytes are cached.
Say we then load the video again, this time from cache - at this point
its address space is `kLocal`. Once the next bytes are fetched from the
network, it looks like a split range request pointing to `kUnknown`
after `kLocal`, and the fetch fails. We should not apply any of this
logic when PNA is disabled, as it is entirely specific to PNA.

As argued in test comments, this should not re-open the door to
crbug.com/1279376 - ignored inconsistencies can only trigger a problem
if PNA is enabled in the first place. Indeed, a problem only arises if
we decide to send a PNA preflight after receiving headers, and we can
only send a PNA preflight [1] if the private network request policy is
kPreflightWarn or kPreflightBlock [2].

Also skip the target address space check when PNA is disabled, though
that should never have happened before. The request's target address
space can only be set by CorsURLLoader [1] if the private network
request policy is kPreflightWarn or kPreflightBlock [2].

A couple DCHECKs are introduced to verify the above assumptions, which
revealed a small caveat to the above. If the client security state is
set on the request itself instead of the URL loader factory, then the
preflight request's URLLoader could find itself with no client security
state even though the request carried a target IP address space. While
a benign quirk, it is fixed in this CL by explicitly copying over the
client security state from the original request to the preflight
request.

Also make PrivateNetworkAccessCheckResult streamable for easier test
failure debugging.

[1] https://source.chromium.org/chromium/chromium/src/+/main:services/network/cors/cors_url_loader.cc;l=877-896;drc=8d6a246c9be4f6b731dc7f6e680b7d5e13a512b5
[2] https://source.chromium.org/chromium/chromium/src/+/main:services/network/public/cpp/private_network_access_check_result.cc;l=63-65;drc=8d6a246c9be4f6b731dc7f6e680b7d5e13a512b5

(cherry picked from commit ab2f014c174ff79812568da5307b73d408df4b72)

Bug: chromium:1332495
Change-Id: I3731fe317ef9c67b29fc2926785eabe8a6c49fab
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3687957
Commit-Queue: Titouan Rigoudy <titouan@chromium.org>
Auto-Submit: Titouan Rigoudy <titouan@chromium.org>
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Commit-Queue: Takashi Toyoshima <toyoshim@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1011373}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3695177
Reviewed-by: Lutz Vahl <vahl@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5060@{#782}
Cr-Branched-From: b83393d0f4038aeaf67f970a024d8101df7348d1-refs/heads/main@{#1002911}
7 files changed
tree: 642fe7c97eecc201f44f60dd9b12654cde5d9e21
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. codelabs/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. fuchsia/
  22. fuchsia_webengine/
  23. gin/
  24. google_apis/
  25. google_update/
  26. gpu/
  27. headless/
  28. infra/
  29. ios/
  30. ipc/
  31. media/
  32. mojo/
  33. native_client_sdk/
  34. net/
  35. pdf/
  36. ppapi/
  37. printing/
  38. remoting/
  39. rlz/
  40. sandbox/
  41. services/
  42. skia/
  43. sql/
  44. storage/
  45. styleguide/
  46. testing/
  47. third_party/
  48. tools/
  49. ui/
  50. url/
  51. weblayer/
  52. .clang-format
  53. .clang-tidy
  54. .eslintrc.js
  55. .git-blame-ignore-revs
  56. .gitattributes
  57. .gitignore
  58. .gn
  59. .mailmap
  60. .rustfmt.toml
  61. .vpython
  62. .vpython3
  63. .yapfignore
  64. AUTHORS
  65. BUILD.gn
  66. CODE_OF_CONDUCT.md
  67. codereview.settings
  68. DEPS
  69. DIR_METADATA
  70. ENG_REVIEW_OWNERS
  71. LICENSE
  72. LICENSE.chromium_os
  73. OWNERS
  74. PRESUBMIT.py
  75. PRESUBMIT_test.py
  76. PRESUBMIT_test_mocks.py
  77. README.md
  78. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

To check out the source code locally, don't use git clone! Instead, follow the instructions on how to get the code.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .

For historical reasons, there are some small top level directories. Now the guidance is that new top level directories are for product (e.g. Chrome, Android WebView, Ash). Even if these products have multiple executables, the code should be in subdirectories of the product.

If you found a bug, please file it at https://crbug.com/new.