mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
electron/patches/chromium/add_trustedauthclient_to_urlloaderfactory.patch
Electron Bot 8383c14aba
chore: bump chromium to 7264889ce3aad1568ff3d211c81fe (master) (#27003) 
* chore: bump chromium in DEPS to 91c9f44297abe2844f593ec7956e6ce79c81f463

* chore: update chromium patches

* chore: update v8 patches

* build: service_names.mojom has been deleted

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2568681

* chore: add DISPLAY_CAPTURE permission to converter

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2551098

* chore: handle AXPropertyFilter::SCRIPT in accessibility_ui

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2563923

* refactor: web_isolated_world_ids.h has been deleted

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2585255

* refactor: ResourceType has been deprecated / removed in ExtensionsBrowserClient

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2562002

* chore: fix lint

* chore: remove deleted headers

* build: disable gn check for blink header

* fix: refactor X11 event handling

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2577887
Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2585750

* chore: update patches

* chore: bump chromium in DEPS to bfd8e7dbd37af8b1bc40d887815edd5a29496fa3

* chore: update patches

* refactor: xeventobserver is now x11:eventobserver

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2585750

* refactor: remove UseWebUIBindingsForURL

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2583590

* chore: DidProcessXEvent has been removed

* chore: bump chromium in DEPS to b13e791d7244a08d9d61dbfa2bb2b6cdf1ff6294

* chore: update patches

* build: change gfx::GetAtom to x11:GetAtom

Refs: d972a0ae4a

* build: change gfx namespace to x11

Ref: d972a0ae4a

* build: change ui namespace to x11

Refs: c38f8571a8:ui/gfx/x/xproto_util.h;dlc=ba9145d0c7f2b10e869e2ba482ca05b75ca35812

* chore: add patch to fix blink prefs fetching during frame swap

* chore: fix lint

* fix: do not make invalid SKImageRep in FrameSubscriber

Refs: https://chromium-review.googlesource.com/c/chromium/src/+/2572896

Co-authored-by: Samuel Attard <samuel.r.attard@gmail.com>
2020-12-22 14:14:44 -08:00

161 lines
7.8 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jeremy Apthorp <nornagon@nornagon.net>
Date: Tue, 12 Nov 2019 11:50:16 -0800
Subject: add TrustedAuthClient to URLLoaderFactory
This allows intercepting authentication requests for the 'net' module.
Without this, the 'login' event for electron.net.ClientRequest can't be
implemented, because the existing path checks for the presence of a
WebContents, and cancels the authentication if there's no WebContents
available, which there isn't in the case of the 'net' module.
diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom
index cd4519d88c3bb8688e772eb0ed2d68e368a32052..12544d1a531ac353802f452d49713d309d4322bb 100644
--- a/services/network/public/mojom/network_context.mojom
+++ b/services/network/public/mojom/network_context.mojom
@@ -228,6 +228,25 @@ struct CTPolicy {
array<string> excluded_legacy_spkis;
};
+interface TrustedAuthClient {
+ OnAuthRequired(
+ mojo_base.mojom.UnguessableToken? window_id,
+ uint32 process_id,
+ uint32 routing_id,
+ uint32 request_id,
+ url.mojom.Url url,
+ bool first_auth_attempt,
+ AuthChallengeInfo auth_info,
+ URLResponseHead? head,
+ pending_remote<AuthChallengeResponder> auth_challenge_responder);
+};
+interface TrustedURLLoaderAuthClient {
+ // When a new URLLoader is created, this will be called to pass a
+ // corresponding |auth_client|.
+ OnLoaderCreated(int32 request_id,
+ pending_receiver<TrustedAuthClient> auth_client);
+};
+
interface CertVerifierClient {
Verify(
int32 default_error,
@@ -660,6 +679,8 @@ struct URLLoaderFactoryParams {
// impact because of the extra process hops, so use should be minimized.
pending_remote<TrustedURLLoaderHeaderClient>? header_client;
+ pending_remote<TrustedURLLoaderAuthClient>? auth_client;
+
// |factory_bound_access_patterns| are used for CORS checks in addition to
// the per-context allow patterns that is managed via NetworkContext
// interface. This still respects the per-context block lists.
diff --git a/services/network/url_loader.cc b/services/network/url_loader.cc
index c92b8a079b759bb53b47ac96511b4dcd6a31d1fd..f6cae1fe60140362efa062b314f6dd9782afb37f 100644
--- a/services/network/url_loader.cc
+++ b/services/network/url_loader.cc
@@ -462,6 +462,7 @@ URLLoader::URLLoader(
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
base::WeakPtr<NetworkUsageAccumulator> network_usage_accumulator,
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
mojom::OriginPolicyManager* origin_policy_manager,
std::unique_ptr<TrustTokenRequestHelperFactory> trust_token_helper_factory,
const cors::OriginAccessList* origin_access_list,
@@ -526,6 +527,11 @@ URLLoader::URLLoader(
header_client_.set_disconnect_handler(
base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
}
+ if (url_loader_auth_client) {
+ url_loader_auth_client->OnLoaderCreated(request_id_, auth_client_.BindNewPipeAndPassReceiver());
+ auth_client_.set_disconnect_handler(
+ base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
+ }
if (want_raw_headers_) {
options_ |= mojom::kURLLoadOptionSendSSLInfoWithResponse |
mojom::kURLLoadOptionSendSSLInfoForCertificateError;
@@ -1166,7 +1172,7 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request,
// |this| may have been deleted.
return;
}
- if (!network_context_client_) {
+ if (!network_context_client_ && !auth_client_) {
OnAuthCredentials(base::nullopt);
return;
}
@@ -1182,11 +1188,20 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request,
if (url_request->response_headers())
head->headers = url_request->response_headers();
head->auth_challenge_info = auth_info;
- network_context_client_->OnAuthRequired(
- fetch_window_id_, factory_params_->process_id, render_frame_id_,
- request_id_, url_request_->url(), first_auth_attempt_, auth_info,
- std::move(head),
- auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+
+ if (auth_client_) {
+ auth_client_->OnAuthRequired(
+ fetch_window_id_, factory_params_->process_id, render_frame_id_,
+ request_id_, url_request_->url(), first_auth_attempt_, auth_info,
+ std::move(head),
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+ } else {
+ network_context_client_->OnAuthRequired(
+ fetch_window_id_, factory_params_->process_id, render_frame_id_,
+ request_id_, url_request_->url(), first_auth_attempt_, auth_info,
+ std::move(head),
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+ }
auth_challenge_responder_receiver_.set_disconnect_handler(
base::BindOnce(&URLLoader::DeleteSelf, base::Unretained(this)));
diff --git a/services/network/url_loader.h b/services/network/url_loader.h
index 600dd2f10bda513428c16ba6537e5a262f8f6b4b..814662e3bcc2c574ef8e63e607da77f03f655326 100644
--- a/services/network/url_loader.h
+++ b/services/network/url_loader.h
@@ -124,6 +124,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
base::WeakPtr<NetworkUsageAccumulator> network_usage_accumulator,
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
mojom::OriginPolicyManager* origin_policy_manager,
std::unique_ptr<TrustTokenRequestHelperFactory>
trust_token_helper_factory,
@@ -489,6 +490,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
base::Optional<base::UnguessableToken> fetch_window_id_;
mojo::Remote<mojom::TrustedHeaderClient> header_client_;
+ mojo::Remote<mojom::TrustedAuthClient> auth_client_;
std::unique_ptr<FileOpenerForUpload> file_opener_for_upload_;
diff --git a/services/network/url_loader_factory.cc b/services/network/url_loader_factory.cc
index df541bd7513638b4d9b4942e010343b1fdb665c6..1289ed6cc898d3b1c06dd7c4ac9f959727e0b0b2 100644
--- a/services/network/url_loader_factory.cc
+++ b/services/network/url_loader_factory.cc
@@ -77,6 +77,7 @@ URLLoaderFactory::URLLoaderFactory(
resource_scheduler_client_(std::move(resource_scheduler_client)),
header_client_(std::move(params_->header_client)),
coep_reporter_(std::move(params_->coep_reporter)),
+ auth_client_(std::move(params_->auth_client)),
cors_url_loader_factory_(cors_url_loader_factory),
cookie_observer_(std::move(params_->cookie_observer)) {
DCHECK(context);
@@ -296,6 +297,7 @@ void URLLoaderFactory::CreateLoaderAndStart(
std::move(keepalive_statistics_recorder),
std::move(network_usage_accumulator),
header_client_.is_bound() ? header_client_.get() : nullptr,
+ auth_client_.is_bound() ? auth_client_.get() : nullptr,
context_->origin_policy_manager(), std::move(trust_token_factory),
context_->cors_origin_access_list(), std::move(cookie_observer));
diff --git a/services/network/url_loader_factory.h b/services/network/url_loader_factory.h
index 182b26816da9e82d83c47c3c73ecfdcf3003b967..903a3ad083201ed85e82169698041152278697fa 100644
--- a/services/network/url_loader_factory.h
+++ b/services/network/url_loader_factory.h
@@ -74,6 +74,7 @@ class URLLoaderFactory : public mojom::URLLoaderFactory {
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client_;
mojo::Remote<mojom::TrustedURLLoaderHeaderClient> header_client_;
mojo::Remote<mojom::CrossOriginEmbedderPolicyReporter> coep_reporter_;
+ mojo::Remote<mojom::TrustedURLLoaderAuthClient> auth_client_;
// |cors_url_loader_factory_| owns this.
cors::CorsURLLoaderFactory* cors_url_loader_factory_;
Reference in a new issue View git blame Copy permalink