electron/patches/common/chromium/can_create_window.patch
2019-02-14 23:59:24 +05:30

237 lines
11 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Cheng Zhao <zcbenz@gmail.com>
Date: Thu, 20 Sep 2018 17:45:32 -0700
Subject: can_create_window.patch
diff --git a/content/browser/frame_host/render_frame_host_impl.cc b/content/browser/frame_host/render_frame_host_impl.cc
index 1a023385a3d27d9145f2a0a069ff6799c69ec66a..30328f5e62b4fdbb423a97454ee0591c076ac6bc 100644
--- a/content/browser/frame_host/render_frame_host_impl.cc
+++ b/content/browser/frame_host/render_frame_host_impl.cc
@@ -3669,6 +3669,38 @@ void RenderFrameHostImpl::CreateNewWindow(
"frame_tree_node", frame_tree_node_->frame_tree_node_id(), "url",
params->target_url.possibly_invalid_spec());
+ scoped_refptr<network::ResourceRequestBody> body;
+ if (params->body->has_object) {
+ body = new network::ResourceRequestBody;
+ std::vector<network::DataElement> elements;
+ for (const auto& iter : params->body->elements) {
+ network::DataElement element;
+ switch (iter->type) {
+ case network::DataElement::TYPE_BYTES: {
+ element.SetToBytes(iter->bytes.data(), iter->bytes.length());
+ break;
+ }
+ case network::DataElement::TYPE_FILE: {
+ element.SetToFilePathRange(iter->path, iter->offset, iter->length,
+ iter->expected_modification_time);
+ break;
+ }
+ case network::DataElement::TYPE_BLOB: {
+ element.SetToBlobRange(iter->blob_uuid, iter->offset, iter->length);
+ break;
+ }
+ case network::DataElement::TYPE_DATA_PIPE:
+ default:
+ NOTREACHED();
+ break;
+ }
+ elements.push_back(std::move(element));
+ }
+ body->swap_elements(&elements);
+ body->set_identifier(params->body->identifier);
+ body->set_contains_sensitive_info(params->body->contains_sensitive_info);
+ }
+
bool no_javascript_access = false;
// Filter out URLs to which navigation is disallowed from this context.
@@ -3697,6 +3729,7 @@ void RenderFrameHostImpl::CreateNewWindow(
last_committed_origin_, params->window_container_type,
params->target_url, params->referrer.To<Referrer>(),
params->frame_name, params->disposition, *params->features,
+ params->additional_features, body,
effective_transient_activation_state, params->opener_suppressed,
&no_javascript_access);
diff --git a/content/browser/security_exploit_browsertest.cc b/content/browser/security_exploit_browsertest.cc
index 8d01f4e181793677a1eee7585fd7c484767a58b0..01f7a49e7a559e6ae70a4311a2539bc4f60849d7 100644
--- a/content/browser/security_exploit_browsertest.cc
+++ b/content/browser/security_exploit_browsertest.cc
@@ -364,6 +364,7 @@ IN_PROC_BROWSER_TEST_F(SecurityExploitBrowserTest,
mojom::CreateNewWindowParamsPtr params = mojom::CreateNewWindowParams::New();
params->target_url = GURL("about:blank");
+ params->body = mojom::ResourceRequestBody::New();
pending_rfh->CreateNewWindow(
std::move(params), base::BindOnce([](mojom::CreateNewWindowStatus,
mojom::CreateNewWindowReplyPtr) {}));
diff --git a/content/common/frame.mojom b/content/common/frame.mojom
index e566a15b798e2586fa4fae3c4db97ce5f4f2f09f..8a08c7a79eba24bce7f11cf8c499432549c4f25b 100644
--- a/content/common/frame.mojom
+++ b/content/common/frame.mojom
@@ -12,6 +12,8 @@ import "content/public/common/resource_type.mojom";
import "content/public/common/resource_load_info.mojom";
import "content/public/common/transferrable_url_loader.mojom";
import "content/public/common/window_container_type.mojom";
+import "mojo/public/mojom/base/file_path.mojom";
+import "mojo/public/mojom/base/time.mojom";
import "mojo/public/mojom/base/string16.mojom";
import "mojo/public/mojom/base/unguessable_token.mojom";
import "services/network/public/mojom/url_loader.mojom";
@@ -187,6 +189,24 @@ interface FrameFactory {
CreateFrame(int32 frame_routing_id, Frame& frame);
};
+struct DataElement {
+ int32 type;
+ int64 length;
+ string bytes;
+ mojo_base.mojom.FilePath path;
+ int64 offset;
+ mojo_base.mojom.Time expected_modification_time;
+ url.mojom.Url filesystem_url;
+ string blob_uuid;
+};
+
+struct ResourceRequestBody {
+ bool has_object;
+ int64 identifier;
+ bool contains_sensitive_info;
+ array<DataElement> elements;
+};
+
struct CreateNewWindowParams {
// True if this open request came in the context of a user gesture.
//
@@ -226,6 +246,10 @@ struct CreateNewWindowParams {
// The window features to use for the new window.
blink.mojom.WindowFeatures features;
+
+ // Extra fields added by Electron.
+ array<string> additional_features;
+ ResourceRequestBody body;
};
// Operation result when the renderer asks the browser to create a new window.
diff --git a/content/public/browser/content_browser_client.cc b/content/public/browser/content_browser_client.cc
index bce9b68c989da1e287b7e593e1ae281923d1a557..e2f2b8e8d09d1f14b58eb8b093042b89141cdd35 100644
--- a/content/public/browser/content_browser_client.cc
+++ b/content/public/browser/content_browser_client.cc
@@ -494,6 +494,8 @@ bool ContentBrowserClient::CanCreateWindow(
const std::string& frame_name,
WindowOpenDisposition disposition,
const blink::mojom::WindowFeatures& features,
+ const std::vector<std::string>& additional_features,
+ const scoped_refptr<network::ResourceRequestBody>& body,
bool user_gesture,
bool opener_suppressed,
bool* no_javascript_access) {
diff --git a/content/public/browser/content_browser_client.h b/content/public/browser/content_browser_client.h
index 92425b0bded161d513a3e39b8f9631d4c98c143c..5dc21230970fe23a25ad6e811d65c434760d1d1b 100644
--- a/content/public/browser/content_browser_client.h
+++ b/content/public/browser/content_browser_client.h
@@ -171,6 +171,7 @@ class RenderFrameHost;
class RenderProcessHost;
class RenderViewHost;
class ResourceContext;
+class ResourceRequestBody;
class ServiceManagerConnection;
class SiteInstance;
class SpeechRecognitionManagerDelegate;
@@ -788,6 +789,8 @@ class CONTENT_EXPORT ContentBrowserClient {
const std::string& frame_name,
WindowOpenDisposition disposition,
const blink::mojom::WindowFeatures& features,
+ const std::vector<std::string>& additional_features,
+ const scoped_refptr<network::ResourceRequestBody>& body,
bool user_gesture,
bool opener_suppressed,
bool* no_javascript_access);
diff --git a/content/renderer/render_view_impl.cc b/content/renderer/render_view_impl.cc
index ad23a9040c21a674c1b011e7120d4288a722f2bb..c16005d6e20b801217249ed8b902cb42d9223dc4 100644
--- a/content/renderer/render_view_impl.cc
+++ b/content/renderer/render_view_impl.cc
@@ -76,6 +76,7 @@
#include "content/renderer/ime_event_guard.h"
#include "content/renderer/internal_document_state_data.h"
#include "content/renderer/loader/request_extra_data.h"
+#include "content/renderer/loader/web_url_request_util.h"
#include "content/renderer/media/audio/audio_device_factory.h"
#include "content/renderer/media/stream/media_stream_device_observer.h"
#include "content/renderer/media/video_capture_impl_manager.h"
@@ -1345,6 +1346,46 @@ WebView* RenderViewImpl::CreateView(
}
params->features = ConvertWebWindowFeaturesToMojoWindowFeatures(features);
+ params->body = mojom::ResourceRequestBody::New();
+ auto body = GetRequestBodyForWebURLRequest(request);
+ if (body) {
+ params->body->has_object = true;
+ params->body->identifier = body->identifier();
+ params->body->contains_sensitive_info = body->contains_sensitive_info();
+ for (const auto& element : *body->elements()) {
+ content::mojom::DataElementPtr ptr = content::mojom::DataElement::New();
+ ptr->type = element.type();
+ switch (element.type()) {
+ case network::DataElement::TYPE_BYTES: {
+ ptr->bytes = std::string(element.bytes(), element.length());
+ break;
+ }
+ case network::DataElement::TYPE_FILE: {
+ ptr->path = element.path();
+ ptr->offset = element.offset();
+ ptr->length = element.length();
+ ptr->expected_modification_time = element.expected_modification_time();
+ break;
+ }
+ case network::DataElement::TYPE_BLOB: {
+ ptr->blob_uuid = element.blob_uuid();
+ ptr->offset = element.offset();
+ ptr->length = element.length();
+ break;
+ }
+ case network::DataElement::TYPE_CHUNKED_DATA_PIPE:
+ case network::DataElement::TYPE_RAW_FILE:
+ case network::DataElement::TYPE_DATA_PIPE:
+ case network::DataElement::TYPE_UNKNOWN:
+ NOTREACHED();
+ break;
+ }
+ params->body->elements.push_back(std::move(ptr));
+ }
+ } else {
+ params->body->has_object = false;
+ }
+
// We preserve this information before sending the message since |params| is
// moved on send.
bool is_background_tab =
diff --git a/content/shell/browser/web_test/web_test_content_browser_client.cc b/content/shell/browser/web_test/web_test_content_browser_client.cc
index 5352c9ccd0cf0cc13fd06397bef1a91dc987b46c..486ce0eb0400f5dd0bac5eda9f7def226e7efbba 100644
--- a/content/shell/browser/web_test/web_test_content_browser_client.cc
+++ b/content/shell/browser/web_test/web_test_content_browser_client.cc
@@ -298,6 +298,8 @@ bool WebTestContentBrowserClient::CanCreateWindow(
const std::string& frame_name,
WindowOpenDisposition disposition,
const blink::mojom::WindowFeatures& features,
+ const std::vector<std::string>& additional_features,
+ const scoped_refptr<network::ResourceRequestBody>& body,
bool user_gesture,
bool opener_suppressed,
bool* no_javascript_access) {
diff --git a/content/shell/browser/web_test/web_test_content_browser_client.h b/content/shell/browser/web_test/web_test_content_browser_client.h
index ad388b224dc8dec395a9ea82c67ad4031851a2cc..d5cfe02d61dd28c49f4a5e2714f03cd4ebe9e119 100644
--- a/content/shell/browser/web_test/web_test_content_browser_client.h
+++ b/content/shell/browser/web_test/web_test_content_browser_client.h
@@ -67,6 +67,8 @@ class WebTestContentBrowserClient : public ShellContentBrowserClient {
const std::string& frame_name,
WindowOpenDisposition disposition,
const blink::mojom::WindowFeatures& features,
+ const std::vector<std::string>& additional_features,
+ const scoped_refptr<network::ResourceRequestBody>& body,
bool user_gesture,
bool opener_suppressed,
bool* no_javascript_access) override;