chore: bump chromium to 110.0.5415.0 (main) (#36186)

* chore: bump chromium in DEPS to 109.0.5386.0

* chore: bump chromium in DEPS to 109.0.5388.0

* chore: bump chromium in DEPS to 109.0.5390.0

* chore: bump chromium in DEPS to 109.0.5392.0

* chore: bump chromium in DEPS to 109.0.5394.0

* chore: bump chromium in DEPS to 109.0.5396.0

* chore: bump chromium in DEPS to 109.0.5398.0

* chore: bump chromium in DEPS to 109.0.5400.0

* chore: update galactus

* chore: bump chromium in DEPS to 109.0.5402.0

* chore: bump chromium in DEPS to 109.0.5403.0

* chore: bump chromium in DEPS to 109.0.5406.0

* chore: update patches

* 4004247: Delete unused DocumentWebContentsDelegate

Ref: 4004247

* chore: bump chromium in DEPS to 109.0.5408.1

* chore: update patches

* 3949284: Support pkey debug mode without pkey 0 access

Ref: 3949284

* chore: bump chromium in DEPS to 109.0.5410.0

* chore: update patches

* 4000944: [Extensions] Create an API directory in //chrome/renderer/extensions

Ref: 4000944

* 3988524: Remove DocumentOverlayWindowViews | 3988524

Co-authored-by: George Xu <33054982+georgexu99@users.noreply.github.com>

* chore: bump chromium in DEPS to 109.0.5412.0

* chore: update patches

* 3984022: Add AddChildWindowToBrowser to DisplayClient mojo interface

Ref: 3984022

* 3957079: Delete the CryptoToken component extension and internal API

Ref: 3957079

* 4004421: Migreate ScopedAllowIO to ScopedAllowBlocking

Ref: 4004421

Co-authored-by: George Xu <georgexu99@users.noreply.github.com>

* chore: bump chromium in DEPS to 109.0.5414.0

* chore: update patches

* 4016180: Split PPAPI Mojo interfaces out of RenderFrameHostImpl.

Ref: 4016180

* 3970838: [MPArch] Convert HostZoomMap and ZoomController off of RenderViewHost ids

Ref: 3970838

* 3997795: Don't add Chromium as a login item

Ref: 3997795

* 3993482: Remove RefCountedString::TakeString

Ref: 3993482

* 3990749: Allow forward-declared sources in base::ScopedObservation<>

Ref: 3990749

* fixup! 3957079: Delete the CryptoToken component extension and internal API

* chore: bump chromium in DEPS to 110.0.5415.0

* 3883790: Move devtools_frame_token to the RenderFrameHost, to preserve RFH identity across MPArch activations.

3883790

* 4022205: Move license tooling into //tools/licenses

4022205

* chore: fixup patch indices

* fixup! 3957079: Delete the CryptoToken component extension and internal API

* 4008687: Finish ScopedAllowIO migration

4008687

* 3991548: Move WindowButtonOrderObserver and WindowFrameAction to LinuxUi

3991548

* fixup! 3984022: Add AddChildWindowToBrowser to DisplayClient mojo interface

* 4016595: Migrate non-default ScopedObservation<> instantiations to ScopedObservationTraits<> in chrome/browser/

4016595

* 4000481: Rename :chromedriver to :chromedriver_server

Ref: 4000481

* 4008687: Finish ScopedAllowIO migration

4008687

* 3988524: Remove DocumentOverlayWindowViews

3988524

* fixup! 3997795: Don't add Chromium as a login item

* chore: fixup patches

* 3996872: Plumb input event task runner to EventFactoryEvdev

3996872

* 4014994: Enable SiteIsolationForGuests by default.

4014994

* chore: adopt new thread restrictions api for //electron (#36357)

chore: add thread blocking api

* fixup! 4014994: Enable SiteIsolationForGuests by default.

* pull parent HWND for dialogs on ui thread

* chore: set parent_window in MessageBoxSettings

* chore: remove redundant patch

* chore: revert accidental deletion

* chore: update patches

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Samuel Attard <sattard@salesforce.com>
Co-authored-by: Keeley Hammond <khammond@slack-corp.com>
Co-authored-by: VerteDinde <vertedinde@electronjs.org>
Co-authored-by: George Xu <33054982+georgexu99@users.noreply.github.com>
Co-authored-by: George Xu <georgexu99@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: Robo <hop2deep@gmail.com>
Co-authored-by: Jeremy Rose <jeremya@chromium.org>
Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
This commit is contained in:
electron-roller[bot] 2022-11-17 14:59:23 -05:00 committed by GitHub
parent 517225b99e
commit 87c183df6a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
138 changed files with 818 additions and 1630 deletions

View file

@ -10,7 +10,6 @@ assert(enable_extensions,
function_registration("api_registration") {
sources = [
"//electron/shell/common/extensions/api/cryptotoken_private.idl",
"//electron/shell/common/extensions/api/extension.json",
"//electron/shell/common/extensions/api/resources_private.idl",
"//electron/shell/common/extensions/api/tabs.json",

View file

@ -1,308 +0,0 @@
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "shell/browser/extensions/api/cryptotoken_private/cryptotoken_private_api.h"
#include <stddef.h>
#include <memory>
#include <string>
#include <vector>
#include "base/bind.h"
#include "base/callback.h"
#include "base/metrics/histogram_macros.h"
#include "base/strings/utf_string_conversions.h"
#include "build/build_config.h"
// #include "chrome/browser/extensions/extension_tab_util.h"
// #include "chrome/browser/permissions/attestation_permission_request.h"
// #include "chrome/browser/profiles/profile.h"
#include "chrome/common/chrome_features.h"
#include "chrome/common/pref_names.h"
// #include
// "components/page_load_metrics/browser/metrics_web_contents_observer.h"
// #include "components/permissions/permission_request_manager.h"
#include "components/pref_registry/pref_registry_syncable.h"
#include "components/prefs/pref_service.h"
#include "content/public/browser/render_frame_host.h"
#include "content/public/browser/web_contents.h"
#include "crypto/sha2.h"
#include "device/fido/filter.h"
#include "extensions/browser/extension_api_frame_id_map.h"
#include "extensions/common/error_utils.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
#include "shell/browser/api/electron_api_web_contents.h"
#include "url/origin.h"
#if BUILDFLAG(IS_WIN)
#include "device/fido/features.h"
#include "device/fido/win/webauthn_api.h"
#endif // BUILDFLAG(IS_WIN)
namespace extensions::api {
namespace {
const char kGoogleDotCom[] = "google.com";
constexpr const char* kGoogleGstaticAppIds[] = {
"https://www.gstatic.com/securitykey/origins.json",
"https://www.gstatic.com/securitykey/a/google.com/origins.json"};
// ContainsAppIdByHash returns true iff the SHA-256 hash of one of the
// elements of |list| equals |hash|.
bool ContainsAppIdByHash(const base::ListValue& list,
const std::vector<uint8_t>& hash) {
if (hash.size() != crypto::kSHA256Length) {
return false;
}
for (const auto& i : list.GetListDeprecated()) {
const std::string& s = i.GetString();
if (s.find('/') == std::string::npos) {
// No slashes mean that this is a webauthn RP ID, not a U2F AppID.
continue;
}
if (crypto::SHA256HashString(s).compare(
0, crypto::kSHA256Length,
reinterpret_cast<const char*>(hash.data()),
crypto::kSHA256Length) == 0) {
return true;
}
}
return false;
}
content::RenderFrameHost* RenderFrameHostForTabAndFrameId(
content::BrowserContext* const browser_context,
const int tab_id,
const int frame_id) {
auto* contents = electron::api::WebContents::FromID(tab_id);
if (!contents || !contents->web_contents()) {
return nullptr;
}
return ExtensionApiFrameIdMap::GetRenderFrameHostById(
contents->web_contents(), frame_id);
}
} // namespace
// void CryptotokenRegisterProfilePrefs(
// user_prefs::PrefRegistrySyncable* registry) {
// registry->RegisterListPref(prefs::kSecurityKeyPermitAttestation);
// }
CryptotokenPrivateCanOriginAssertAppIdFunction::
CryptotokenPrivateCanOriginAssertAppIdFunction() = default;
ExtensionFunction::ResponseAction
CryptotokenPrivateCanOriginAssertAppIdFunction::Run() {
std::unique_ptr<cryptotoken_private::CanOriginAssertAppId::Params> params =
cryptotoken_private::CanOriginAssertAppId::Params::Create(args());
EXTENSION_FUNCTION_VALIDATE(params);
const GURL origin_url(params->security_origin);
if (!origin_url.is_valid()) {
return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
"Security origin * is not a valid URL", params->security_origin)));
}
const GURL app_id_url(params->app_id_url);
if (!app_id_url.is_valid()) {
return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
"appId * is not a valid URL", params->app_id_url)));
}
if (origin_url == app_id_url) {
return RespondNow(OneArgument(base::Value(true)));
}
// Fetch the eTLD+1 of both.
const std::string origin_etldp1 =
net::registry_controlled_domains::GetDomainAndRegistry(
origin_url,
net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
if (origin_etldp1.empty()) {
return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
"Could not find an eTLD for origin *", params->security_origin)));
}
const std::string app_id_etldp1 =
net::registry_controlled_domains::GetDomainAndRegistry(
app_id_url,
net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES);
if (app_id_etldp1.empty()) {
return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
"Could not find an eTLD for appId *", params->app_id_url)));
}
if (origin_etldp1 == app_id_etldp1) {
return RespondNow(OneArgument(base::Value(true)));
}
// For legacy purposes, allow google.com origins to assert certain
// gstatic.com appIds.
// TODO(juanlang): remove when legacy constraints are removed.
if (origin_etldp1 == kGoogleDotCom) {
for (const char* id : kGoogleGstaticAppIds) {
if (params->app_id_url == id)
return RespondNow(OneArgument(base::Value(true)));
}
}
return RespondNow(OneArgument(base::Value(false)));
}
CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction::
CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction() {}
ExtensionFunction::ResponseAction
CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction::Run() {
std::unique_ptr<cryptotoken_private::IsAppIdHashInEnterpriseContext::Params>
params(
cryptotoken_private::IsAppIdHashInEnterpriseContext::Params::Create(
args()));
EXTENSION_FUNCTION_VALIDATE(params);
#if 0
Profile* const profile = Profile::FromBrowserContext(browser_context());
const PrefService* const prefs = profile->GetPrefs();
const base::ListValue* const permit_attestation =
prefs->GetList(prefs::kSecurityKeyPermitAttestation);
#endif
const base::ListValue permit_attestation;
return RespondNow(ArgumentList(
cryptotoken_private::IsAppIdHashInEnterpriseContext::Results::Create(
ContainsAppIdByHash(permit_attestation, params->app_id_hash))));
}
CryptotokenPrivateCanAppIdGetAttestationFunction::
CryptotokenPrivateCanAppIdGetAttestationFunction() {}
ExtensionFunction::ResponseAction
CryptotokenPrivateCanAppIdGetAttestationFunction::Run() {
std::unique_ptr<cryptotoken_private::CanAppIdGetAttestation::Params> params =
cryptotoken_private::CanAppIdGetAttestation::Params::Create(args());
EXTENSION_FUNCTION_VALIDATE(params);
return RespondNow(Error("API not supported in Electron"));
#if 0
const GURL origin_url(params->options.origin);
if (!origin_url.is_valid()) {
return RespondNow(Error(extensions::ErrorUtils::FormatErrorMessage(
"Security origin * is not a valid URL", params->options.origin)));
}
const url::Origin origin(url::Origin::Create(origin_url));
const std::string& app_id = params->options.app_id;
// If the appId is permitted by the enterprise policy then no permission
// prompt is shown.
// Profile* const profile = Profile::FromBrowserContext(browser_context());
// const PrefService* const prefs = profile->GetPrefs();
// const base::ListValue* const permit_attestation =
// prefs->GetList(prefs::kSecurityKeyPermitAttestation);
// for (const auto& entry : permit_attestation->GetList()) {
// if (entry.GetString() == app_id)
// return RespondNow(OneArgument(base::Value(true)));
// }
// If the origin is blocked, reject attestation.
if (device::fido_filter::Evaluate(
device::fido_filter::Operation::MAKE_CREDENTIAL, origin.Serialize(),
/*device=*/absl::nullopt, /*id=*/absl::nullopt) ==
device::fido_filter::Action::NO_ATTESTATION) {
return RespondNow(OneArgument(base::Value(false)));
}
// If prompting is disabled, allow attestation because that is the historical
// behavior.
if (!base::FeatureList::IsEnabled(
::features::kSecurityKeyAttestationPrompt)) {
return RespondNow(OneArgument(base::Value(true)));
}
#if BUILDFLAG(IS_WIN)
// If the request was handled by the Windows WebAuthn API on a version of
// Windows that shows an attestation permission prompt, don't show another
// one.
//
// Note that this does not account for the possibility of the
// WinWebAuthnApi having been disabled by a FidoDiscoveryFactory override,
// which may be done in tests or via the Virtual Authenticator WebDriver
// API.
if (base::FeatureList::IsEnabled(device::kWebAuthUseNativeWinApi) &&
device::WinWebAuthnApi::GetDefault()->IsAvailable() &&
device::WinWebAuthnApi::GetDefault()->Version() >=
WEBAUTHN_API_VERSION_2) {
return RespondNow(OneArgument(base::Value(true)));
}
#endif // BUILDFLAG(IS_WIN)
// Otherwise, show a permission prompt and pass the user's decision back.
const GURL app_id_url(app_id);
EXTENSION_FUNCTION_VALIDATE(app_id_url.is_valid());
auto* contents = electron::api::WebContents::FromID(params->options.tab_id);
if (!contents || !contents->web_contents()) {
return RespondNow(Error("cannot find specified tab"));
}
// permissions::PermissionRequestManager* permission_request_manager =
// permissions::PermissionRequestManager::FromWebContents(web_contents);
// nullptr;
// if (!permission_request_manager) {
return RespondNow(Error("no PermissionRequestManager"));
// }
#if 0 // TODO(MarshallOfSound): why is this commented out?
// The created AttestationPermissionRequest deletes itself once complete.
permission_request_manager->AddRequest(
web_contents->GetPrimaryMainFrame(),
tab,
NewAttestationPermissionRequest(
origin,
base::BindOnce(
&CryptotokenPrivateCanAppIdGetAttestationFunction::Complete,
this)));
return RespondLater();
#endif
#endif
}
void CryptotokenPrivateCanAppIdGetAttestationFunction::Complete(bool result) {
Respond(OneArgument(base::Value(result)));
}
ExtensionFunction::ResponseAction
CryptotokenPrivateRecordRegisterRequestFunction::Run() {
auto params =
cryptotoken_private::RecordRegisterRequest::Params::Create(args());
EXTENSION_FUNCTION_VALIDATE(params);
content::RenderFrameHost* frame = RenderFrameHostForTabAndFrameId(
browser_context(), params->tab_id, params->frame_id);
if (!frame) {
return RespondNow(Error("cannot find specified tab or frame"));
}
// page_load_metrics::MetricsWebContentsObserver::RecordFeatureUsage(
// frame, blink::mojom::WebFeature::kU2FCryptotokenRegister);
return RespondNow(NoArguments());
}
ExtensionFunction::ResponseAction
CryptotokenPrivateRecordSignRequestFunction::Run() {
auto params = cryptotoken_private::RecordSignRequest::Params::Create(args());
EXTENSION_FUNCTION_VALIDATE(params);
content::RenderFrameHost* frame = RenderFrameHostForTabAndFrameId(
browser_context(), params->tab_id, params->frame_id);
if (!frame) {
return RespondNow(Error("cannot find specified tab or frame"));
}
// page_load_metrics::MetricsWebContentsObserver::RecordFeatureUsage(
// frame, blink::mojom::WebFeature::kU2FCryptotokenSign);
return RespondNow(NoArguments());
}
} // namespace extensions::api

View file

@ -1,84 +0,0 @@
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef ELECTRON_SHELL_BROWSER_EXTENSIONS_API_CRYPTOTOKEN_PRIVATE_CRYPTOTOKEN_PRIVATE_API_H_
#define ELECTRON_SHELL_BROWSER_EXTENSIONS_API_CRYPTOTOKEN_PRIVATE_CRYPTOTOKEN_PRIVATE_API_H_
#include "chrome/common/extensions/api/cryptotoken_private.h"
#include "extensions/browser/extension_function.h"
namespace user_prefs {
class PrefRegistrySyncable;
}
// Implementations for chrome.cryptotokenPrivate API functions.
namespace extensions::api {
// void CryptotokenRegisterProfilePrefs(
// user_prefs::PrefRegistrySyncable* registry);
class CryptotokenPrivateCanOriginAssertAppIdFunction
: public ExtensionFunction {
public:
CryptotokenPrivateCanOriginAssertAppIdFunction();
DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.canOriginAssertAppId",
CRYPTOTOKENPRIVATE_CANORIGINASSERTAPPID)
protected:
~CryptotokenPrivateCanOriginAssertAppIdFunction() override {}
ResponseAction Run() override;
};
class CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction
: public ExtensionFunction {
public:
CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction();
DECLARE_EXTENSION_FUNCTION(
"cryptotokenPrivate.isAppIdHashInEnterpriseContext",
CRYPTOTOKENPRIVATE_ISAPPIDHASHINENTERPRISECONTEXT)
protected:
~CryptotokenPrivateIsAppIdHashInEnterpriseContextFunction() override {}
ResponseAction Run() override;
};
class CryptotokenPrivateCanAppIdGetAttestationFunction
: public ExtensionFunction {
public:
CryptotokenPrivateCanAppIdGetAttestationFunction();
DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.canAppIdGetAttestation",
CRYPTOTOKENPRIVATE_CANAPPIDGETATTESTATION)
protected:
~CryptotokenPrivateCanAppIdGetAttestationFunction() override {}
ResponseAction Run() override;
void Complete(bool result);
};
class CryptotokenPrivateRecordRegisterRequestFunction
: public ExtensionFunction {
public:
CryptotokenPrivateRecordRegisterRequestFunction() = default;
DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.recordRegisterRequest",
CRYPTOTOKENPRIVATE_RECORDREGISTERREQUEST)
protected:
~CryptotokenPrivateRecordRegisterRequestFunction() override = default;
ResponseAction Run() override;
};
class CryptotokenPrivateRecordSignRequestFunction : public ExtensionFunction {
public:
CryptotokenPrivateRecordSignRequestFunction() = default;
DECLARE_EXTENSION_FUNCTION("cryptotokenPrivate.recordSignRequest",
CRYPTOTOKENPRIVATE_RECORDSIGNREQUEST)
protected:
~CryptotokenPrivateRecordSignRequestFunction() override = default;
ResponseAction Run() override;
};
} // namespace extensions::api
#endif // ELECTRON_SHELL_BROWSER_EXTENSIONS_API_CRYPTOTOKEN_PRIVATE_CRYPTOTOKEN_PRIVATE_API_H_