mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
electron/patches/chromium/add_trustedauthclient_to_urlloaderfactory.patch
Electron Bot a4de915b74
chore: bump chromium to d66c2e32380bf5d1eb5e1fe37faef (master) (#23791) 
* chore: bump chromium in DEPS to db7d7b3e7cb2bc925f2abfde526280cfdfc21a41

* Update patches

* chore: bump chromium in DEPS to 5613e1b99a44fcbe22f3910f803ca76903a77ec1

* Update patches

* Network service: Remove primary_network_context bool.

https://chromium-review.googlesource.com/c/chromium/src/+/2204678

* WebContentsObserver now implements OnRendererResponsive

https://chromium-review.googlesource.com/c/chromium/src/+/2211066

* update patches

* Fixup printing patch

* chore: bump chromium in DEPS to e387b972cdd7160c416fa6c64a724e2258aa0218

* update patches

* [printing] Move PrintHostMsg_DidPrintContent_Params to print.mojom

https://chromium-review.googlesource.com/c/chromium/src/+/2212110

* [XProto] Move items from ::x11::XProto to ::x11

https://chromium-review.googlesource.com/c/chromium/src/+/2218476

* revert Add IChromeAccessible

This was added in https://chromium-review.googlesource.com/c/chromium/src/+/2206224 but it breaks WOA builds because third_party/win_build_output/midl/ui/accessibility/platform/arm64 does not exist. The link above says that the new interface is behind a feature flag which is disabled by default so it is safe to remove for now.

* rebaseline ichromeaccessible for Windows arm64

This patch will not be needed once we get the next roll.

* Update to 1b9e01844e8bf1aaafc4a52c0c62af7f56d9637b to get arm64 fix

* update patches

* chore: bump chromium in DEPS to 096aefa04092ea00f7b68d8d19345883f20db3c3

* chore: bump chromium in DEPS to a524a45ffd1d6fd46a7a86138fe2b22df5b6651a

* chore: update patches

* Window Placement: Gate cross-screen fullscreen behavior on permission

https://chromium-review.googlesource.com/c/chromium/src/+/2203268

* chore: add spec for https://crbug.com/1085836

* chore: bump chromium in DEPS to ff6c4f4b826d66c2e32380bf5d1eb5e1fe37faef

* update patches

Co-authored-by: John Kleinschmidt <jkleinsc@github.com>
Co-authored-by: Electron Bot <anonymous@electronjs.org>
Co-authored-by: deepak1556 <hop2deep@gmail.com>
2020-06-01 16:34:34 -04:00

161 lines
7.9 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Jeremy Apthorp <nornagon@nornagon.net>
Date: Tue, 12 Nov 2019 11:50:16 -0800
Subject: add TrustedAuthClient to URLLoaderFactory
This allows intercepting authentication requests for the 'net' module.
Without this, the 'login' event for electron.net.ClientRequest can't be
implemented, because the existing path checks for the presence of a
WebContents, and cancels the authentication if there's no WebContents
available, which there isn't in the case of the 'net' module.
diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom
index 2001e6202cf61d1c70bf81334b62d0502ea8c9ba..9dad884c877ae77d1a2460361112903c06023021 100644
--- a/services/network/public/mojom/network_context.mojom
+++ b/services/network/public/mojom/network_context.mojom
@@ -198,6 +198,25 @@ struct CTPolicy {
array<string> excluded_legacy_spkis;
};
+interface TrustedAuthClient {
+ OnAuthRequired(
+ mojo_base.mojom.UnguessableToken? window_id,
+ uint32 process_id,
+ uint32 routing_id,
+ uint32 request_id,
+ url.mojom.Url url,
+ bool first_auth_attempt,
+ AuthChallengeInfo auth_info,
+ URLResponseHead? head,
+ pending_remote<AuthChallengeResponder> auth_challenge_responder);
+};
+interface TrustedURLLoaderAuthClient {
+ // When a new URLLoader is created, this will be called to pass a
+ // corresponding |auth_client|.
+ OnLoaderCreated(int32 request_id,
+ pending_receiver<TrustedAuthClient> auth_client);
+};
+
interface CertVerifierClient {
Verify(
int32 default_error,
@@ -627,6 +646,8 @@ struct URLLoaderFactoryParams {
// impact because of the extra process hops, so use should be minimized.
pending_remote<TrustedURLLoaderHeaderClient>? header_client;
+ pending_remote<TrustedURLLoaderAuthClient>? auth_client;
+
// |factory_bound_access_patterns| are used for CORS checks in addition to
// the per-context allow patterns that is managed via NetworkContext
// interface. This still respects the per-context block lists.
diff --git a/services/network/url_loader.cc b/services/network/url_loader.cc
index 5d984482a2e5e18216bfc2229a18a513558dbcf4..1662f0878df16639ad585694be428058ab5a6c92 100644
--- a/services/network/url_loader.cc
+++ b/services/network/url_loader.cc
@@ -437,6 +437,7 @@ URLLoader::URLLoader(
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
base::WeakPtr<NetworkUsageAccumulator> network_usage_accumulator,
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
mojom::OriginPolicyManager* origin_policy_manager,
std::unique_ptr<TrustTokenRequestHelperFactory> trust_token_helper_factory,
mojo::PendingRemote<mojom::CookieAccessObserver> cookie_observer)
@@ -496,6 +497,11 @@ URLLoader::URLLoader(
header_client_.set_disconnect_handler(
base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
}
+ if (url_loader_auth_client) {
+ url_loader_auth_client->OnLoaderCreated(request_id_, auth_client_.BindNewPipeAndPassReceiver());
+ auth_client_.set_disconnect_handler(
+ base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this)));
+ }
if (want_raw_headers_) {
options_ |= mojom::kURLLoadOptionSendSSLInfoWithResponse |
mojom::kURLLoadOptionSendSSLInfoForCertificateError;
@@ -994,7 +1000,7 @@ void URLLoader::OnReceivedRedirect(net::URLRequest* url_request,
void URLLoader::OnAuthRequired(net::URLRequest* url_request,
const net::AuthChallengeInfo& auth_info) {
- if (!network_context_client_) {
+ if (!network_context_client_ && !auth_client_) {
OnAuthCredentials(base::nullopt);
return;
}
@@ -1010,11 +1016,20 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request,
if (url_request->response_headers())
head->headers = url_request->response_headers();
head->auth_challenge_info = auth_info;
- network_context_client_->OnAuthRequired(
- fetch_window_id_, factory_params_->process_id, render_frame_id_,
- request_id_, url_request_->url(), first_auth_attempt_, auth_info,
- std::move(head),
- auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+
+ if (auth_client_) {
+ auth_client_->OnAuthRequired(
+ fetch_window_id_, factory_params_->process_id, render_frame_id_,
+ request_id_, url_request_->url(), first_auth_attempt_, auth_info,
+ std::move(head),
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+ } else {
+ network_context_client_->OnAuthRequired(
+ fetch_window_id_, factory_params_->process_id, render_frame_id_,
+ request_id_, url_request_->url(), first_auth_attempt_, auth_info,
+ std::move(head),
+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote());
+ }
auth_challenge_responder_receiver_.set_disconnect_handler(
base::BindOnce(&URLLoader::DeleteSelf, base::Unretained(this)));
diff --git a/services/network/url_loader.h b/services/network/url_loader.h
index 077344d12f001b00590598bccbba2d614c8c1af2..d9c8a41c9c4fe11277392dd428c71f022f22063b 100644
--- a/services/network/url_loader.h
+++ b/services/network/url_loader.h
@@ -115,6 +115,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
base::WeakPtr<KeepaliveStatisticsRecorder> keepalive_statistics_recorder,
base::WeakPtr<NetworkUsageAccumulator> network_usage_accumulator,
mojom::TrustedURLLoaderHeaderClient* url_loader_header_client,
+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client,
mojom::OriginPolicyManager* origin_policy_manager,
std::unique_ptr<TrustTokenRequestHelperFactory>
trust_token_helper_factory,
@@ -454,6 +455,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
base::Optional<base::UnguessableToken> fetch_window_id_;
mojo::Remote<mojom::TrustedHeaderClient> header_client_;
+ mojo::Remote<mojom::TrustedAuthClient> auth_client_;
std::unique_ptr<FileOpenerForUpload> file_opener_for_upload_;
diff --git a/services/network/url_loader_factory.cc b/services/network/url_loader_factory.cc
index c8f02a3760f938c772c9e81afff8b37e49a73cbd..7e5bb5d1384488de2dee3672f933eba643dc14f7 100644
--- a/services/network/url_loader_factory.cc
+++ b/services/network/url_loader_factory.cc
@@ -75,6 +75,7 @@ URLLoaderFactory::URLLoaderFactory(
resource_scheduler_client_(std::move(resource_scheduler_client)),
header_client_(std::move(params_->header_client)),
coep_reporter_(std::move(params_->coep_reporter)),
+ auth_client_(std::move(params_->auth_client)),
cors_url_loader_factory_(cors_url_loader_factory),
cookie_observer_(std::move(params_->cookie_observer)) {
DCHECK(context);
@@ -270,6 +271,7 @@ void URLLoaderFactory::CreateLoaderAndStart(
std::move(keepalive_statistics_recorder),
std::move(network_usage_accumulator),
header_client_.is_bound() ? header_client_.get() : nullptr,
+ auth_client_.is_bound() ? auth_client_.get() : nullptr,
context_->origin_policy_manager(), std::move(trust_token_factory),
std::move(cookie_observer));
diff --git a/services/network/url_loader_factory.h b/services/network/url_loader_factory.h
index 8b29b67a5b0663778df3169e09bf818e6bbcec3f..e504fa3d41066907a3fbc41e69daac968415dfa6 100644
--- a/services/network/url_loader_factory.h
+++ b/services/network/url_loader_factory.h
@@ -75,6 +75,7 @@ class URLLoaderFactory : public mojom::URLLoaderFactory {
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client_;
mojo::Remote<mojom::TrustedURLLoaderHeaderClient> header_client_;
mojo::Remote<mojom::CrossOriginEmbedderPolicyReporter> coep_reporter_;
+ mojo::Remote<mojom::TrustedURLLoaderAuthClient> auth_client_;
// |cors_url_loader_factory_| owns this.
cors::CorsURLLoaderFactory* cors_url_loader_factory_;
Reference in a new issue View git blame Copy permalink