Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not commit subframe navigations for ipfs #14313

Merged
merged 1 commit into from Aug 3, 2022
Merged

Do not commit subframe navigations for ipfs #14313

merged 1 commit into from Aug 3, 2022

Conversation

cypt4
Copy link
Collaborator

@cypt4 cypt4 commented Jul 25, 2022

Fixes brave/brave-browser#24211

Submitter Checklist:

  • I confirm that no security/privacy review is needed, or that I have requested one
  • There is a ticket for my issue
  • Used Github auto-closing keywords in the PR description above
  • Wrote a good PR/commit description
  • Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
  • Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
  • Checked the PR locally: npm run test -- brave_browser_tests, npm run test -- brave_unit_tests, npm run lint, npm run gn_check, npm run tslint
  • Ran git rebase master (if needed)

Reviewer Checklist:

  • A security review is not needed, or a link to one is included in the PR description
  • New files have MPL-2.0 license header
  • Adequate test coverage exists to prevent regressions
  • Major classes, functions and non-trivial code blocks are well-commented
  • Changes in component dependencies are properly reflected in gn
  • Code follows the style guide
  • Test plan is specified in PR before merging

After-merge Checklist:

@cypt4 cypt4 requested review from iefremov and a team as code owners July 25, 2022 08:00
@github-actions github-actions bot added the CI/run-network-audit Run network-audit label Jul 25, 2022
@cypt4 cypt4 force-pushed the brave_24211 branch 2 times, most recently from 01e5662 to 8e373d0 Compare July 25, 2022 17:55
// account as well.
// If the request was canceled by the user, do not show an error page.
if (net::ERR_ABORTED == net_error_ ||
+ BRAVE_ONIPFSIPNS_MAYBE_CANCEL_NAVIGATION
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can't we do that via NavigationThrottle ?

@cypt4 cypt4 force-pushed the brave_24211 branch 5 times, most recently from 86adb1b to acf4234 Compare August 2, 2022 07:08
@cypt4 cypt4 requested a review from a team as a code owner August 2, 2022 07:08
@cypt4 cypt4 force-pushed the brave_24211 branch 3 times, most recently from 714c02e to f3d0858 Compare August 2, 2022 09:25
@@ -965,6 +966,8 @@ BraveContentBrowserClient::CreateThrottlesForNavigation(
#endif

#if BUILDFLAG(ENABLE_IPFS)
throttles.push_back(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

don't you want to push_front it?

const IpfsSubframeNavigationThrottle&) = delete;

// content::NavigationThrottle implementation:
content::NavigationThrottle::ThrottleCheckResult WillFailRequest() override;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add comments pls


namespace ipfs {

class IpfsSubframeNavigationThrottle : public content::NavigationThrottle {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

class-level comment

@cypt4
Copy link
Collaborator Author

cypt4 commented Aug 2, 2022

/build linux

@cypt4 cypt4 merged commit 50ca5d2 into master Aug 3, 2022
14 checks passed
@cypt4 cypt4 deleted the brave_24211 branch August 3, 2022 06:03
@github-actions github-actions bot added this to the 1.44.x - Nightly milestone Aug 3, 2022
@stephendonner
Copy link
Collaborator

stephendonner commented Aug 4, 2022

Verified PASSED using

Brave 1.44.21 Chromium: 104.0.5112.81 (Official Build) nightly (x86_64)
Revision 5b7b76419d50f583022568b6764b630f6ddc9208-refs/branch-heads/5112@{#1309}
OS macOS Version 13.0 (Build 22A5311f)

Reproduced the crash using 1.42.86, and the privately-provided minimized testcase.

Worked with @cypt4 and used the minimal testcases from both this issue and these others, collected from HackerOne in brave/brave-browser#24093.

Confirmed I was able to open the following HTML testcases in both Private and regular windows, without crashes.

minimized testcase testcase 1 testcase 2 testcase 3 testcase 4 testcase 5 testcase 6
Screenshot 2022-08-04 at 3 33 10 PM Screenshot 2022-08-04 at 3 29 13 PM Screenshot 2022-08-04 at 3 29 20 PM Screenshot 2022-08-04 at 3 29 28 PM Screenshot 2022-08-04 at 3 29 37 PM Screenshot 2022-08-04 at 3 29 44 PM Screenshot 2022-08-04 at 3 29 50 PM

@stephendonner
Copy link
Collaborator

@cypt4 @spylogsster can we get an uplift for this started? Am assuming we'll want it at least in 1.43.x, if not also 1.42.x, via a hotfix/maintenance release?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
CI/run-network-audit Run network-audit
Projects
None yet
4 participants