Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[DAL][WebView] Add Digital Asset Link validation for WebView
Experimental feature to validate main frame origins using Digital Asset Links. Feature is disabled by default via a feature flag. Low-Coverage-Reason: The actual origin verification logic is tested and the initialization is tested manually. Bug: crbug.com/1376958 Change-Id: I6d4f4876622a02e6efc0d3f58fd2d5d4035a9cf0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3966337 Reviewed-by: Peter Conn <peconn@chromium.org> Reviewed-by: Richard Coles <torne@chromium.org> Reviewed-by: Rayan Kanso <rayankans@chromium.org> Commit-Queue: Susanne Westphal <swestphal@chromium.org> Cr-Commit-Position: refs/heads/main@{#1084906}
- Loading branch information
1 parent
05a67cf
commit da24b14
Showing
23 changed files
with
513 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
75 changes: 75 additions & 0 deletions
75
android_webview/java/src/org/chromium/android_webview/AwOriginVerificationScheduler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
// Copyright 2022 The Chromium Authors | ||
// Use of this source code is governed by a BSD-style license that can be | ||
// found in the LICENSE file. | ||
|
||
package org.chromium.android_webview; | ||
|
||
import android.content.Context; | ||
|
||
import androidx.annotation.Nullable; | ||
|
||
import org.chromium.base.Callback; | ||
import org.chromium.base.ThreadUtils; | ||
import org.chromium.components.digital_asset_links.OriginVerificationScheduler; | ||
import org.chromium.components.digital_asset_links.OriginVerifier; | ||
import org.chromium.components.digital_asset_links.OriginVerifierHelper; | ||
import org.chromium.components.embedder_support.util.Origin; | ||
|
||
import java.util.Set; | ||
|
||
/** | ||
* Singleton. | ||
* AwOriginVerificationScheduler provides a WebView specific implementation of {@link | ||
* OriginVerificationScheduler}. | ||
* | ||
* Call {@link AwOriginVerificationScheduler#init} to initialize the statement list and call | ||
* {@link AwOriginVerificationScheduler#validate} to perform a validation. | ||
*/ | ||
public class AwOriginVerificationScheduler extends OriginVerificationScheduler { | ||
private static final String TAG = "AwOriginVerification"; | ||
|
||
/** Lock on creation of sInstance. */ | ||
private static final Object sLock = new Object(); | ||
|
||
private static AwOriginVerificationScheduler sInstance; | ||
|
||
private AwOriginVerificationScheduler( | ||
AwOriginVerifier originVerifier, Set<Origin> pendingOrigins) { | ||
super(originVerifier, pendingOrigins); | ||
} | ||
|
||
/** | ||
* Initializes the AwOriginVerificationScheduler. | ||
* This should be called exactly only once as it parses the AndroidManifest and statement list. | ||
* | ||
* @param packageName the package name of the host application. | ||
* @param context a context associated with an Activity/Service to load resources. | ||
*/ | ||
public static void init(String packageName, Context context) { | ||
ThreadUtils.assertOnUiThread(); | ||
synchronized (sLock) { | ||
assert sInstance | ||
== null | ||
: "`init(String packageName, Context context)` must only be called once"; | ||
|
||
sInstance = new AwOriginVerificationScheduler( | ||
new AwOriginVerifier(packageName, OriginVerifier.HANDLE_ALL_URLS, | ||
AwVerificationResultStore.getInstance()), | ||
OriginVerifierHelper.getClaimedOriginsFromManifest(packageName, context)); | ||
} | ||
} | ||
|
||
public static void initAndScheduleAll(String packageName, Context context, | ||
AwBrowserContext browserContext, @Nullable Callback<Boolean> callback) { | ||
init(packageName, context); | ||
synchronized (sLock) { | ||
sInstance.scheduleAllPendingVerifications(browserContext, callback); | ||
} | ||
} | ||
|
||
public static AwOriginVerificationScheduler getInstance() { | ||
synchronized (sLock) { | ||
return sInstance; | ||
} | ||
} | ||
} |
62 changes: 62 additions & 0 deletions
62
android_webview/java/src/org/chromium/android_webview/AwOriginVerifier.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
// Copyright 2022 The Chromium Authors | ||
// Use of this source code is governed by a BSD-style license that can be | ||
// found in the LICENSE file. | ||
|
||
package org.chromium.android_webview; | ||
|
||
import androidx.annotation.Nullable; | ||
|
||
import org.chromium.components.digital_asset_links.OriginVerifier; | ||
import org.chromium.components.digital_asset_links.Relationship; | ||
import org.chromium.components.embedder_support.util.Origin; | ||
|
||
import java.util.List; | ||
|
||
/** | ||
* AwOriginVerifier performs OriginVerifications for WebView. | ||
*/ | ||
public class AwOriginVerifier extends OriginVerifier { | ||
public AwOriginVerifier(String packageName, String relationship, | ||
@Nullable AwVerificationResultStore verificationResultStore) { | ||
super(packageName, relationship, null, verificationResultStore); | ||
} | ||
|
||
@Override | ||
public boolean isAllowlisted(String packageName, Origin origin, String relation) { | ||
return false; | ||
} | ||
|
||
@Override | ||
public boolean wasPreviouslyVerified(Origin origin) { | ||
return wasPreviouslyVerified(mPackageName, mSignatureFingerprints, origin, mRelation); | ||
} | ||
|
||
/** | ||
* Returns whether an origin is first-party relative to a given package name. | ||
* | ||
* This only returns data from previously cached relations, and does not trigger an asynchronous | ||
* validation. | ||
* | ||
* @param packageName The package name. | ||
* @param signatureFingerprint The signatures of the package. | ||
* @param origin The origin to verify. | ||
* @param relation The Digital Asset Links relation to verify for. | ||
*/ | ||
private static boolean wasPreviouslyVerified(String packageName, | ||
List<String> signatureFingerprints, Origin origin, String relation) { | ||
AwVerificationResultStore resultStore = AwVerificationResultStore.getInstance(); | ||
return resultStore.shouldOverride(packageName, origin, relation) | ||
|| resultStore.isRelationshipSaved( | ||
new Relationship(packageName, signatureFingerprints, origin, relation)); | ||
} | ||
|
||
@Override | ||
public void recordResultMetrics(OriginVerifier.VerifierResult result) { | ||
// TODO(crbug.com/1376958): Implement UMA logging. | ||
} | ||
|
||
@Override | ||
public void recordVerificationTimeMetrics(long duration, boolean online) { | ||
// TODO(crbug.com/1376958): Implement UMA logging. | ||
} | ||
} |
Oops, something went wrong.