Google Git
Sign in
chromium / chromium / src / 72e9685ef075da4b67e93ac30e62625aac2e8c5d
commit72e9685ef075da4b67e93ac30e62625aac2e8c5d[log] [tgz]
authorTakashi Toyoshima <toyoshim@chromium.org>Thu Mar 07 20:31:58 2019
committerCommit Bot <commit-bot@chromium.org>Thu Mar 07 20:31:58 2019
tree4227acc0694e51a99f38752fe3ce117f3b7b326e
parent4ac69276819f1d8cb0da81ea65fe61cccbc0bb18 [diff]
OOR-CORS: Support cross-origin redirect on webRequest::onBeforeRequest

Chrome Extensions can generate internal redirects in
webRequest::onBeforeRequest event handler.
See Life cycle of requests below.
https://developer.chrome.com/extensions/webRequest

Without OOR-CORS, WebRequestProxyingURLLoaderFactory generates virtual
response for Blink, and Blink-CORS handles the redirects. Simply said,
it rewrites the Origin header to be 'null' for cross-origin redirects.

Detailed steps are:
 1. A certain request is made by Blink.
 2. webRequest::onBeforeRequest intercepts the request, and generates
    an internal redirect response with status 307.
 3. Blink receives the generated response and Blink-CORS handles
    cross-origin redirects if it is needed, e.g. using Origin: null

But, if OOR-CORS is enabled, Blink does nothing. Detailed steps are:
 1. and 2. is ditto
 3. Blink receives the generated response and Blink-CORS is disabled
    and does nothing. Just new request for the redirect is made.
 4. The request is handled in NetworkService, with OOR-CORS. It sets
    Origin header for such cross-origin request, but the value is
    based on the request initiator's origin.

So the proxy needs to craft its ResourceRequest so that the OOR-CORS
can set a proper Origin header, null for such internal redirect cases.

My approach in this patch set is:
 1. Set null origin to the ResourceRequest.request_initiator to pretend
    the retained origin flag is set.
    See https://fetch.spec.whatwg.org/#concept-request-tainted-origin
 2. But WebRequestInfo is initialized with copied ResourceRequest that
    has the original request_initiator.

2. is needed for webRequest events. See API document below.
https://developer.chrome.com/extensions/webRequest#event-onBeforeRequest
That says the initiator does not change through redirects.

Following tests in ExtensionWebRequestApiTest.WebRequestBlocking failed
if OOR-CORS is enabled without this patch.
- crossOriginAnonymousRedirect()
- crossOriginCredentialedRedirect()
- syncXhrsFromOurselfAreInvisible()

And this patch fixes them to pass.

Bug: 909633
Change-Id: I755db213256605c72015ab21c845e649bc35e319
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1503273
Auto-Submit: Takashi Toyoshima <toyoshim@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Karan Bhatia <karandeepb@chromium.org>
Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
Commit-Queue: Karan Bhatia <karandeepb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#638724}
2 files changed
tree: 4227acc0694e51a99f38752fe3ce117f3b7b326e
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chrome_elf/
  11. chromecast/
  12. chromeos/
  13. cloud_print/
  14. components/
  15. content/
  16. courgette/
  17. crypto/
  18. dbus/
  19. device/
  20. docs/
  21. extensions/
  22. fuchsia/
  23. gin/
  24. google_apis/
  25. google_update/
  26. gpu/
  27. headless/
  28. infra/
  29. ios/
  30. ipc/
  31. jingle/
  32. media/
  33. mojo/
  34. native_client_sdk/
  35. net/
  36. pdf/
  37. ppapi/
  38. printing/
  39. remoting/
  40. rlz/
  41. sandbox/
  42. services/
  43. skia/
  44. sql/
  45. storage/
  46. styleguide/
  47. testing/
  48. third_party/
  49. tools/
  50. ui/
  51. url/
  52. .clang-format
  53. .eslintrc.js
  54. .git-blame-ignore-revs
  55. .gitattributes
  56. .gitignore
  57. .gn
  58. .vpython
  59. AUTHORS
  60. BUILD.gn
  61. CODE_OF_CONDUCT.md
  62. codereview.settings
  63. DEPS
  64. ENG_REVIEW_OWNERS
  65. LICENSE
  66. LICENSE.chromium_os
  67. OWNERS
  68. PRESUBMIT.py
  69. PRESUBMIT_test.py
  70. PRESUBMIT_test_mocks.py
  71. README.md
  72. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .