fix: bypass CORB when web security is disabled (#15737)

* fix: extend content layer hook to bypass corb when web security is disabled.

* chore: add patch to disable CORB
This commit is contained in:
Robo 2018-11-22 01:40:05 +05:30 committed by Charles Kerr
parent 5db8197a5d
commit 9e8b26cc4e
4 changed files with 74 additions and 1 deletions

View file

@ -223,28 +223,34 @@ bool AtomBrowserClient::ShouldCreateNewSiteInstance(
void AtomBrowserClient::AddProcessPreferences( void AtomBrowserClient::AddProcessPreferences(
int process_id, int process_id,
AtomBrowserClient::ProcessPreferences prefs) { AtomBrowserClient::ProcessPreferences prefs) {
base::AutoLock auto_lock(process_preferences_lock_);
process_preferences_[process_id] = prefs; process_preferences_[process_id] = prefs;
} }
void AtomBrowserClient::RemoveProcessPreferences(int process_id) { void AtomBrowserClient::RemoveProcessPreferences(int process_id) {
base::AutoLock auto_lock(process_preferences_lock_);
process_preferences_.erase(process_id); process_preferences_.erase(process_id);
} }
bool AtomBrowserClient::IsProcessObserved(int process_id) { bool AtomBrowserClient::IsProcessObserved(int process_id) {
base::AutoLock auto_lock(process_preferences_lock_);
return process_preferences_.find(process_id) != process_preferences_.end(); return process_preferences_.find(process_id) != process_preferences_.end();
} }
bool AtomBrowserClient::IsRendererSandboxed(int process_id) { bool AtomBrowserClient::IsRendererSandboxed(int process_id) {
base::AutoLock auto_lock(process_preferences_lock_);
auto it = process_preferences_.find(process_id); auto it = process_preferences_.find(process_id);
return it != process_preferences_.end() && it->second.sandbox; return it != process_preferences_.end() && it->second.sandbox;
} }
bool AtomBrowserClient::RendererUsesNativeWindowOpen(int process_id) { bool AtomBrowserClient::RendererUsesNativeWindowOpen(int process_id) {
base::AutoLock auto_lock(process_preferences_lock_);
auto it = process_preferences_.find(process_id); auto it = process_preferences_.find(process_id);
return it != process_preferences_.end() && it->second.native_window_open; return it != process_preferences_.end() && it->second.native_window_open;
} }
bool AtomBrowserClient::RendererDisablesPopups(int process_id) { bool AtomBrowserClient::RendererDisablesPopups(int process_id) {
base::AutoLock auto_lock(process_preferences_lock_);
auto it = process_preferences_.find(process_id); auto it = process_preferences_.find(process_id);
return it != process_preferences_.end() && it->second.disable_popups; return it != process_preferences_.end() && it->second.disable_popups;
} }
@ -274,6 +280,8 @@ void AtomBrowserClient::RenderProcessWillLaunch(
prefs.native_window_open = prefs.native_window_open =
web_preferences->IsEnabled(options::kNativeWindowOpen); web_preferences->IsEnabled(options::kNativeWindowOpen);
prefs.disable_popups = web_preferences->IsEnabled("disablePopups"); prefs.disable_popups = web_preferences->IsEnabled("disablePopups");
prefs.web_security = web_preferences->IsEnabled(options::kWebSecurity,
true /* default value */);
} }
AddProcessPreferences(host->GetID(), prefs); AddProcessPreferences(host->GetID(), prefs);
// ensure the ProcessPreferences is removed later // ensure the ProcessPreferences is removed later
@ -778,6 +786,13 @@ void AtomBrowserClient::OnNetworkServiceCreated(
network_service); network_service);
} }
bool AtomBrowserClient::ShouldBypassCORB(int render_process_id) {
// This is called on the network thread.
base::AutoLock auto_lock(process_preferences_lock_);
auto it = process_preferences_.find(render_process_id);
return it != process_preferences_.end() && !it->second.web_security;
}
std::string AtomBrowserClient::GetApplicationLocale() { std::string AtomBrowserClient::GetApplicationLocale() {
if (BrowserThread::CurrentlyOn(BrowserThread::IO)) if (BrowserThread::CurrentlyOn(BrowserThread::IO))
return g_io_thread_application_locale.Get(); return g_io_thread_application_locale.Get();

View file

@ -11,6 +11,7 @@
#include <string> #include <string>
#include <vector> #include <vector>
#include "base/synchronization/lock.h"
#include "content/public/browser/content_browser_client.h" #include "content/public/browser/content_browser_client.h"
#include "content/public/browser/render_process_host_observer.h" #include "content/public/browser/render_process_host_observer.h"
#include "net/ssl/client_cert_identity.h" #include "net/ssl/client_cert_identity.h"
@ -143,6 +144,7 @@ class AtomBrowserClient : public content::ContentBrowserClient,
GetSystemSharedURLLoaderFactory() override; GetSystemSharedURLLoaderFactory() override;
void OnNetworkServiceCreated( void OnNetworkServiceCreated(
network::mojom::NetworkService* network_service) override; network::mojom::NetworkService* network_service) override;
bool ShouldBypassCORB(int render_process_id) override;
// content::RenderProcessHostObserver: // content::RenderProcessHostObserver:
void RenderProcessHostDestroyed(content::RenderProcessHost* host) override; void RenderProcessHostDestroyed(content::RenderProcessHost* host) override;
@ -164,6 +166,7 @@ class AtomBrowserClient : public content::ContentBrowserClient,
bool sandbox = false; bool sandbox = false;
bool native_window_open = false; bool native_window_open = false;
bool disable_popups = false; bool disable_popups = false;
bool web_security = true;
}; };
bool ShouldCreateNewSiteInstance(content::RenderFrameHost* render_frame_host, bool ShouldCreateNewSiteInstance(content::RenderFrameHost* render_frame_host,
@ -180,7 +183,6 @@ class AtomBrowserClient : public content::ContentBrowserClient,
// pending_render_process => web contents. // pending_render_process => web contents.
std::map<int, content::WebContents*> pending_processes_; std::map<int, content::WebContents*> pending_processes_;
std::map<int, ProcessPreferences> process_preferences_;
std::map<int, base::ProcessId> render_process_host_pids_; std::map<int, base::ProcessId> render_process_host_pids_;
// list of site per affinity. weak_ptr to prevent instance locking // list of site per affinity. weak_ptr to prevent instance locking
@ -194,6 +196,9 @@ class AtomBrowserClient : public content::ContentBrowserClient,
Delegate* delegate_ = nullptr; Delegate* delegate_ = nullptr;
base::Lock process_preferences_lock_;
std::map<int, ProcessPreferences> process_preferences_;
DISALLOW_COPY_AND_ASSIGN(AtomBrowserClient); DISALLOW_COPY_AND_ASSIGN(AtomBrowserClient);
}; };

View file

@ -75,3 +75,4 @@ verbose_generate_breakpad_symbols.patch
fix_zoom_display.patch fix_zoom_display.patch
chrome_process_finder.patch chrome_process_finder.patch
customizable_app_indicator_id_prefix.patch customizable_app_indicator_id_prefix.patch
cross_site_document_resource_handler.patch

View file

@ -0,0 +1,52 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: deepak1556 <hop2deep@gmail.com>
Date: Thu, 15 Nov 2018 22:04:34 +0530
Subject: cross_site_document_resource_handler.patch
Add a content layer hook to disable CORB for a renderer process,
this patch can be removed once we switch to network service,
where the embedders have a chance to design their URLLoaders.
diff --git a/content/browser/loader/cross_site_document_resource_handler.cc b/content/browser/loader/cross_site_document_resource_handler.cc
index 907922701280b589bf11691342de0ec95cdec6a1..eaf8bac18f8e3a2735ce7ded606199092a3746d3 100644
--- a/content/browser/loader/cross_site_document_resource_handler.cc
+++ b/content/browser/loader/cross_site_document_resource_handler.cc
@@ -593,6 +593,9 @@ bool CrossSiteDocumentResourceHandler::ShouldBlockBasedOnHeaders(
return false;
}
+ if (GetContentClient()->browser()->ShouldBypassCORB(info->GetChildID()))
+ return false;
+
return true;
}
diff --git a/content/public/browser/content_browser_client.cc b/content/public/browser/content_browser_client.cc
index bb54b89bef5c6f32e7b4a056336c85494e2a04de..f069dfc4d2823b22eb0d90d28bc20236aeeddd04 100644
--- a/content/public/browser/content_browser_client.cc
+++ b/content/public/browser/content_browser_client.cc
@@ -47,6 +47,10 @@ void OverrideOnBindInterface(const service_manager::BindSourceInfo& remote_info,
handle);
}
+bool ContentBrowserClient::ShouldBypassCORB(int render_process_id) {
+ return false;
+}
+
BrowserMainParts* ContentBrowserClient::CreateBrowserMainParts(
const MainFunctionParams& parameters) {
return nullptr;
diff --git a/content/public/browser/content_browser_client.h b/content/public/browser/content_browser_client.h
index 2c22cb1cfe0dddc97c00e5f4ff89de6b18bc232f..a7b59095a887d566af9e74a646443fb49ea23bfc 100644
--- a/content/public/browser/content_browser_client.h
+++ b/content/public/browser/content_browser_client.h
@@ -205,6 +205,9 @@ class CONTENT_EXPORT ContentBrowserClient {
SiteInstance* candidate_site_instance,
SiteInstance** new_instance) {}
+ // Electron: Allows bypassing CORB checks for a renderer process.
+ virtual bool ShouldBypassCORB(int render_process_id);
+
// Allows the embedder to set any number of custom BrowserMainParts
// implementations for the browser startup code. See comments in
// browser_main_parts.h.