Distinguish untrusted clients in v8 inspector and disable Profiler, HeapProfiler and Schema CDP domains for them.
Bug: chromium:1313437
Change-Id: I7544c64acb4bc368392ba5f6a87ed62176828304
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3616517
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Danil Somsikov <dsv@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80340}
diff --git a/include/v8-inspector.h b/include/v8-inspector.h
index 0938c9f..1fb1c2c61 100644
--- a/include/v8-inspector.h
+++ b/include/v8-inspector.h
@@ -361,9 +361,18 @@
virtual void sendNotification(std::unique_ptr<StringBuffer> message) = 0;
virtual void flushProtocolNotifications() = 0;
};
+ V8_DEPRECATED("Use version with client_is_trusted argument")
virtual std::unique_ptr<V8InspectorSession> connect(int contextGroupId,
- Channel*,
- StringView state) = 0;
+ Channel* channel,
+ StringView state) {
+ return connect(contextGroupId, channel, state, kFullyTrusted);
+ }
+ enum ClientTrustLevel { kUntrusted, kFullyTrusted };
+ virtual std::unique_ptr<V8InspectorSession> connect(
+ int contextGroupId, Channel*, StringView state,
+ ClientTrustLevel client_trust_level) {
+ return nullptr;
+ }
// API methods.
virtual std::unique_ptr<V8StackTrace> createStackTrace(
diff --git a/src/d8/d8.cc b/src/d8/d8.cc
index abb8c07..1f46b5d 100644
--- a/src/d8/d8.cc
+++ b/src/d8/d8.cc
@@ -3889,7 +3889,8 @@
channel_.reset(new InspectorFrontend(context));
inspector_ = v8_inspector::V8Inspector::create(isolate_, this);
session_ =
- inspector_->connect(1, channel_.get(), v8_inspector::StringView());
+ inspector_->connect(1, channel_.get(), v8_inspector::StringView(),
+ v8_inspector::V8Inspector::kFullyTrusted);
context->SetAlignedPointerInEmbedderData(kInspectorClientIndex, this);
inspector_->contextCreated(v8_inspector::V8ContextInfo(
context, kContextGroupId, v8_inspector::StringView()));
diff --git a/src/inspector/v8-inspector-impl.cc b/src/inspector/v8-inspector-impl.cc
index c0fd6a7..bf00e5c 100644
--- a/src/inspector/v8-inspector-impl.cc
+++ b/src/inspector/v8-inspector-impl.cc
@@ -146,11 +146,12 @@
}
std::unique_ptr<V8InspectorSession> V8InspectorImpl::connect(
- int contextGroupId, V8Inspector::Channel* channel, StringView state) {
+ int contextGroupId, V8Inspector::Channel* channel, StringView state,
+ ClientTrustLevel client_trust_level) {
int sessionId = ++m_lastSessionId;
std::unique_ptr<V8InspectorSessionImpl> session =
V8InspectorSessionImpl::create(this, contextGroupId, sessionId, channel,
- state);
+ state, client_trust_level);
m_sessions[contextGroupId][sessionId] = session.get();
return std::move(session);
}
diff --git a/src/inspector/v8-inspector-impl.h b/src/inspector/v8-inspector-impl.h
index 4a3e9bf..d4eb25d 100644
--- a/src/inspector/v8-inspector-impl.h
+++ b/src/inspector/v8-inspector-impl.h
@@ -80,7 +80,8 @@
// V8Inspector implementation.
std::unique_ptr<V8InspectorSession> connect(int contextGroupId,
V8Inspector::Channel*,
- StringView state) override;
+ StringView state,
+ ClientTrustLevel) override;
void contextCreated(const V8ContextInfo&) override;
void contextDestroyed(v8::Local<v8::Context>) override;
v8::MaybeLocal<v8::Context> contextById(int contextId) override;
diff --git a/src/inspector/v8-inspector-session-impl.cc b/src/inspector/v8-inspector-session-impl.cc
index e6e50d5..4aaf4b2 100644
--- a/src/inspector/v8-inspector-session-impl.cc
+++ b/src/inspector/v8-inspector-session-impl.cc
@@ -87,16 +87,16 @@
std::unique_ptr<V8InspectorSessionImpl> V8InspectorSessionImpl::create(
V8InspectorImpl* inspector, int contextGroupId, int sessionId,
- V8Inspector::Channel* channel, StringView state) {
+ V8Inspector::Channel* channel, StringView state,
+ V8Inspector::ClientTrustLevel clientTrustLevel) {
return std::unique_ptr<V8InspectorSessionImpl>(new V8InspectorSessionImpl(
- inspector, contextGroupId, sessionId, channel, state));
+ inspector, contextGroupId, sessionId, channel, state, clientTrustLevel));
}
-V8InspectorSessionImpl::V8InspectorSessionImpl(V8InspectorImpl* inspector,
- int contextGroupId,
- int sessionId,
- V8Inspector::Channel* channel,
- StringView savedState)
+V8InspectorSessionImpl::V8InspectorSessionImpl(
+ V8InspectorImpl* inspector, int contextGroupId, int sessionId,
+ V8Inspector::Channel* channel, StringView savedState,
+ V8Inspector::ClientTrustLevel clientTrustLevel)
: m_contextGroupId(contextGroupId),
m_sessionId(sessionId),
m_inspector(inspector),
@@ -109,7 +109,8 @@
m_heapProfilerAgent(nullptr),
m_profilerAgent(nullptr),
m_consoleAgent(nullptr),
- m_schemaAgent(nullptr) {
+ m_schemaAgent(nullptr),
+ m_clientTrustLevel(clientTrustLevel) {
m_state->getBoolean("use_binary_protocol", &use_binary_protocol_);
m_runtimeAgent.reset(new V8RuntimeAgentImpl(
@@ -120,28 +121,29 @@
this, this, agentState(protocol::Debugger::Metainfo::domainName)));
protocol::Debugger::Dispatcher::wire(&m_dispatcher, m_debuggerAgent.get());
- m_profilerAgent.reset(new V8ProfilerAgentImpl(
- this, this, agentState(protocol::Profiler::Metainfo::domainName)));
- protocol::Profiler::Dispatcher::wire(&m_dispatcher, m_profilerAgent.get());
-
- m_heapProfilerAgent.reset(new V8HeapProfilerAgentImpl(
- this, this, agentState(protocol::HeapProfiler::Metainfo::domainName)));
- protocol::HeapProfiler::Dispatcher::wire(&m_dispatcher,
- m_heapProfilerAgent.get());
-
m_consoleAgent.reset(new V8ConsoleAgentImpl(
this, this, agentState(protocol::Console::Metainfo::domainName)));
protocol::Console::Dispatcher::wire(&m_dispatcher, m_consoleAgent.get());
- m_schemaAgent.reset(new V8SchemaAgentImpl(
- this, this, agentState(protocol::Schema::Metainfo::domainName)));
- protocol::Schema::Dispatcher::wire(&m_dispatcher, m_schemaAgent.get());
+ if (m_clientTrustLevel == V8Inspector::kFullyTrusted) {
+ m_profilerAgent.reset(new V8ProfilerAgentImpl(
+ this, this, agentState(protocol::Profiler::Metainfo::domainName)));
+ protocol::Profiler::Dispatcher::wire(&m_dispatcher, m_profilerAgent.get());
+ m_heapProfilerAgent.reset(new V8HeapProfilerAgentImpl(
+ this, this, agentState(protocol::HeapProfiler::Metainfo::domainName)));
+ protocol::HeapProfiler::Dispatcher::wire(&m_dispatcher,
+ m_heapProfilerAgent.get());
+
+ m_schemaAgent.reset(new V8SchemaAgentImpl(
+ this, this, agentState(protocol::Schema::Metainfo::domainName)));
+ protocol::Schema::Dispatcher::wire(&m_dispatcher, m_schemaAgent.get());
+ }
if (savedState.length()) {
m_runtimeAgent->restore();
m_debuggerAgent->restore();
- m_heapProfilerAgent->restore();
- m_profilerAgent->restore();
+ if (m_heapProfilerAgent) m_heapProfilerAgent->restore();
+ if (m_profilerAgent) m_profilerAgent->restore();
m_consoleAgent->restore();
}
}
@@ -150,8 +152,8 @@
v8::Isolate::Scope scope(m_inspector->isolate());
discardInjectedScripts();
m_consoleAgent->disable();
- m_profilerAgent->disable();
- m_heapProfilerAgent->disable();
+ if (m_profilerAgent) m_profilerAgent->disable();
+ if (m_heapProfilerAgent) m_heapProfilerAgent->disable();
m_debuggerAgent->disable();
m_runtimeAgent->disable();
m_inspector->disconnect(this);
@@ -499,7 +501,8 @@
void V8InspectorSessionImpl::triggerPreciseCoverageDeltaUpdate(
StringView occasion) {
- m_profilerAgent->triggerPreciseCoverageDeltaUpdate(toString16(occasion));
+ if (m_profilerAgent)
+ m_profilerAgent->triggerPreciseCoverageDeltaUpdate(toString16(occasion));
}
} // namespace v8_inspector
diff --git a/src/inspector/v8-inspector-session-impl.h b/src/inspector/v8-inspector-session-impl.h
index 5d874264..85bf4cb 100644
--- a/src/inspector/v8-inspector-session-impl.h
+++ b/src/inspector/v8-inspector-session-impl.h
@@ -32,11 +32,10 @@
class V8InspectorSessionImpl : public V8InspectorSession,
public protocol::FrontendChannel {
public:
- static std::unique_ptr<V8InspectorSessionImpl> create(V8InspectorImpl*,
- int contextGroupId,
- int sessionId,
- V8Inspector::Channel*,
- StringView state);
+ static std::unique_ptr<V8InspectorSessionImpl> create(
+ V8InspectorImpl*, int contextGroupId, int sessionId,
+ V8Inspector::Channel*, StringView state,
+ v8_inspector::V8Inspector::ClientTrustLevel);
~V8InspectorSessionImpl() override;
V8InspectorSessionImpl(const V8InspectorSessionImpl&) = delete;
V8InspectorSessionImpl& operator=(const V8InspectorSessionImpl&) = delete;
@@ -102,7 +101,8 @@
private:
V8InspectorSessionImpl(V8InspectorImpl*, int contextGroupId, int sessionId,
- V8Inspector::Channel*, StringView state);
+ V8Inspector::Channel*, StringView state,
+ V8Inspector::ClientTrustLevel);
protocol::DictionaryValue* agentState(const String16& name);
// protocol::FrontendChannel implementation.
@@ -134,6 +134,7 @@
std::vector<std::unique_ptr<V8InspectorSession::Inspectable>>
m_inspectedObjects;
bool use_binary_protocol_ = false;
+ V8Inspector::ClientTrustLevel m_clientTrustLevel = V8Inspector::kUntrusted;
};
} // namespace v8_inspector
diff --git a/test/cctest/test-inspector.cc b/test/cctest/test-inspector.cc
index 49a08bc..29576af 100644
--- a/test/cctest/test-inspector.cc
+++ b/test/cctest/test-inspector.cc
@@ -56,8 +56,8 @@
NoopChannel channel;
const char* state = "{}";
StringView state_view(reinterpret_cast<const uint8_t*>(state), strlen(state));
- std::unique_ptr<V8InspectorSession> session =
- inspector->connect(1, &channel, state_view);
+ std::unique_ptr<V8InspectorSession> session = inspector->connect(
+ 1, &channel, state_view, v8_inspector::V8Inspector::kFullyTrusted);
const char* object_group = "";
StringView object_group_view(reinterpret_cast<const uint8_t*>(object_group),
diff --git a/test/inspector/isolate-data.cc b/test/inspector/isolate-data.cc
index e26a955..68754ec 100644
--- a/test/inspector/isolate-data.cc
+++ b/test/inspector/isolate-data.cc
@@ -163,7 +163,9 @@
v8_inspector::V8Inspector::Channel* channel) {
v8::SealHandleScope seal_handle_scope(isolate());
int session_id = ++last_session_id_;
- sessions_[session_id] = inspector_->connect(context_group_id, channel, state);
+ sessions_[session_id] =
+ inspector_->connect(context_group_id, channel, state,
+ v8_inspector::V8Inspector::kFullyTrusted);
context_group_by_session_[sessions_[session_id].get()] = context_group_id;
return session_id;
}
