commit | 72e9685ef075da4b67e93ac30e62625aac2e8c5d | [log] [tgz] |
---|---|---|
author | Takashi Toyoshima <toyoshim@chromium.org> | Thu Mar 07 20:31:58 2019 |
committer | Commit Bot <commit-bot@chromium.org> | Thu Mar 07 20:31:58 2019 |
tree | 4227acc0694e51a99f38752fe3ce117f3b7b326e | |
parent | 4ac69276819f1d8cb0da81ea65fe61cccbc0bb18 [diff] |
OOR-CORS: Support cross-origin redirect on webRequest::onBeforeRequest Chrome Extensions can generate internal redirects in webRequest::onBeforeRequest event handler. See Life cycle of requests below. https://developer.chrome.com/extensions/webRequest Without OOR-CORS, WebRequestProxyingURLLoaderFactory generates virtual response for Blink, and Blink-CORS handles the redirects. Simply said, it rewrites the Origin header to be 'null' for cross-origin redirects. Detailed steps are: 1. A certain request is made by Blink. 2. webRequest::onBeforeRequest intercepts the request, and generates an internal redirect response with status 307. 3. Blink receives the generated response and Blink-CORS handles cross-origin redirects if it is needed, e.g. using Origin: null But, if OOR-CORS is enabled, Blink does nothing. Detailed steps are: 1. and 2. is ditto 3. Blink receives the generated response and Blink-CORS is disabled and does nothing. Just new request for the redirect is made. 4. The request is handled in NetworkService, with OOR-CORS. It sets Origin header for such cross-origin request, but the value is based on the request initiator's origin. So the proxy needs to craft its ResourceRequest so that the OOR-CORS can set a proper Origin header, null for such internal redirect cases. My approach in this patch set is: 1. Set null origin to the ResourceRequest.request_initiator to pretend the retained origin flag is set. See https://fetch.spec.whatwg.org/#concept-request-tainted-origin 2. But WebRequestInfo is initialized with copied ResourceRequest that has the original request_initiator. 2. is needed for webRequest events. See API document below. https://developer.chrome.com/extensions/webRequest#event-onBeforeRequest That says the initiator does not change through redirects. Following tests in ExtensionWebRequestApiTest.WebRequestBlocking failed if OOR-CORS is enabled without this patch. - crossOriginAnonymousRedirect() - crossOriginCredentialedRedirect() - syncXhrsFromOurselfAreInvisible() And this patch fixes them to pass. Bug: 909633 Change-Id: I755db213256605c72015ab21c845e649bc35e319 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1503273 Auto-Submit: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Commit-Queue: Karan Bhatia <karandeepb@chromium.org> Cr-Commit-Position: refs/heads/master@{#638724}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .