Fix network data path for Android.

r983860 unintentionally caused a network data path change for Android. This reverts to the data paths used before r983860. Any cookies saved since r983860 will be lost as a result of this CL, and instead the cookie store will revert back how it was before r983860. On Android (non-Webview), the default network context file paths under e.g. /data/user/0/org.chromium.chrome/app_chrome/ are: - `unsandboxed_data_path` - Default/ - `data_directory` - Default/Network/ and `trigger_migration` is set to false. Passing kDidNotAttemptToGrantSandboxAccess to CreateNetworkContextInternal causes IsSafeToUseDataPath to return 'true' and the `data_directory` is used for the cookie and other files meaning `data_directory` ('Default/Network') is used without a migration occurring. As GrantSandboxAccessOnThreadPool is never called, DCHECKs created to prevent this issue are not being hit. Setting this to kNoMigrationRequested means that IsSafeToUseDataPath now returns 'false' meaning that unsandboxed_data_path is used correctly as the main data path (as it was before r983860). For Webview, `unsandboxed_data_path` is never supplied (compare AwBrowserContext::ConfigureNetworkContextParams with ProfileNetworkContextService::ConfigureNetworkContextParamsInternal) and thus `data_directory` of 'Default/' is always correct and is is safe to pass kDidNotAttemptToGrantSandboxAccess. This is because migration is never supported on WebView due to a different threading model at network context creation. BUG=1309921 (cherry picked from commit b57cfc5) Change-Id: I176ce94c7feaa8da56011b62c28735efa78b952c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3671642 Reviewed-by: Yaron Friedman <yfriedman@chromium.org> Reviewed-by: Bo Liu <boliu@chromium.org> Commit-Queue: Will Harris <wfh@chromium.org> Cr-Original-Commit-Position: refs/heads/main@{#1008388} Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3673604 Commit-Queue: Krishna Govind <govind@chromium.org> Owners-Override: Krishna Govind <govind@chromium.org> Reviewed-by: Will Harris <wfh@chromium.org> Cr-Commit-Position: refs/branch-heads/5060@{#347} Cr-Branched-From: b83393d-refs/heads/main@{#1002911}
chromium · May 29, 2022 · 79d6759 · 79d6759
1 parent 6153908
commit 79d6759
Showing 1 changed file with 30 additions and 3 deletions.
diff --git a/content/browser/network_service_instance_impl.cc b/content/browser/network_service_instance_impl.cc
@@ -840,10 +840,37 @@ void CreateNetworkContextInNetworkService(
   }
 
 #if BUILDFLAG(IS_ANDROID)
+  // On Android, if a cookie_manager pending receiver was passed then migration
+  // should not be attempted as the cookie file is already being accessed by the
+  // browser instance.
+  if (params->cookie_manager) {
+    if (params->file_paths) {
+      // No migration should ever be attempted under this configuration.
+      DCHECK(!params->file_paths->unsandboxed_data_path);
+    }
+    CreateNetworkContextInternal(
+        std::move(context), std::move(params),
+        SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess);
+    return;
+  }
+
+  // Note: This logic is duplicated from MaybeGrantAccessToDataPath to this fast
+  // path. This should be kept in sync if there are any changes to the logic.
+  SandboxGrantResult grant_result = SandboxGrantResult::kNoMigrationRequested;
+  if (!params->file_paths) {
+    // No file paths (e.g. in-memory context) so nothing to do.
+    grant_result = SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess;
+  } else {
+    // If no `unsandboxed_data_path` is supplied, it means this is network
+    // context has been created by Android Webview, which does not understand
+    // the concept of `unsandboxed_data_path`. In this case, `data_directory`
+    // should always be used, if present.
+    if (!params->file_paths->unsandboxed_data_path)
+      grant_result = SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess;
+  }
   // Create network context immediately without thread hops.
-  CreateNetworkContextInternal(
-      std::move(context), std::move(params),
-      SandboxGrantResult::kDidNotAttemptToGrantSandboxAccess);
+  CreateNetworkContextInternal(std::move(context), std::move(params),
+                               grant_result);
 #else
   // Restrict disk access to a certain path (on another thread) and continue
   // with network context creation.