diff --git a/patches/chromium/.patches b/patches/chromium/.patches index 676579de2766a..ad2620617ccb8 100644 --- a/patches/chromium/.patches +++ b/patches/chromium/.patches @@ -102,7 +102,6 @@ fix_setparentacessibile_crash_win.patch fix_export_zlib_symbols.patch don_t_use_potentially_null_getwebframe_-_view_when_get_blink.patch web_contents.patch -add_trustedauthclient_to_urlloaderfactory.patch fix_route_mouse_event_navigations_through_the_web_contents_delegate.patch disable_unload_metrics.patch fix_add_check_for_sandbox_then_result.patch diff --git a/patches/chromium/add_trustedauthclient_to_urlloaderfactory.patch b/patches/chromium/add_trustedauthclient_to_urlloaderfactory.patch deleted file mode 100644 index 426dfeb0b545a..0000000000000 --- a/patches/chromium/add_trustedauthclient_to_urlloaderfactory.patch +++ /dev/null @@ -1,162 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: deepak1556 -Date: Wed, 27 Jan 2021 15:20:01 -0800 -Subject: add TrustedAuthClient to URLLoaderFactory - -This allows intercepting authentication requests for the 'net' module. -Without this, the 'login' event for electron.net.ClientRequest can't be -implemented, because the existing path checks for the presence of a -WebContents, and cancels the authentication if there's no WebContents -available, which there isn't in the case of the 'net' module. - -diff --git a/services/network/public/mojom/network_context.mojom b/services/network/public/mojom/network_context.mojom -index 69e8d361c9e14f325fc897dad2819b2a57819e75..66ab57629fb07baa52e7a3f64dde4a9619143993 100644 ---- a/services/network/public/mojom/network_context.mojom -+++ b/services/network/public/mojom/network_context.mojom -@@ -192,6 +192,25 @@ struct CTPolicy { - array excluded_legacy_spkis; - }; - -+interface TrustedAuthClient { -+ OnAuthRequired( -+ mojo_base.mojom.UnguessableToken? window_id, -+ uint32 process_id, -+ uint32 request_id, -+ url.mojom.Url url, -+ bool first_auth_attempt, -+ AuthChallengeInfo auth_info, -+ URLResponseHead? head, -+ pending_remote auth_challenge_responder); -+}; -+ -+interface TrustedURLLoaderAuthClient { -+ // When a new URLLoader is created, this will be called to pass a -+ // corresponding |auth_client|. -+ OnLoaderCreated(int32 request_id, -+ pending_receiver auth_client); -+}; -+ - interface CertVerifierClient { - Verify( - int32 default_error, -@@ -606,6 +625,8 @@ struct URLLoaderFactoryParams { - // impact because of the extra process hops, so use should be minimized. - pending_remote? header_client; - -+ pending_remote? auth_client; -+ - // Information used restrict access to identity information (like SameSite - // cookies) and to shard network resources, like the cache. If set, takes - // precedence over ResourceRequest::TrustedParams::IsolationInfo field -diff --git a/services/network/url_loader.cc b/services/network/url_loader.cc -index 6f0cb6f4ed60b7043febc4e940523cc8863566c5..6b881aada1fda4b88f96907028f932c2cba84d38 100644 ---- a/services/network/url_loader.cc -+++ b/services/network/url_loader.cc -@@ -486,6 +486,7 @@ URLLoader::URLLoader( - scoped_refptr resource_scheduler_client, - base::WeakPtr keepalive_statistics_recorder, - mojom::TrustedURLLoaderHeaderClient* url_loader_header_client, -+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client, - mojom::OriginPolicyManager* origin_policy_manager, - std::unique_ptr trust_token_helper_factory, - const cors::OriginAccessList& origin_access_list, -@@ -552,6 +553,11 @@ URLLoader::URLLoader( - header_client_.set_disconnect_handler( - base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this))); - } -+ if (url_loader_auth_client) { -+ url_loader_auth_client->OnLoaderCreated(request_id_, auth_client_.BindNewPipeAndPassReceiver()); -+ auth_client_.set_disconnect_handler( -+ base::BindOnce(&URLLoader::OnMojoDisconnect, base::Unretained(this))); -+ } - if (want_raw_headers_) { - options_ |= mojom::kURLLoadOptionSendSSLInfoWithResponse | - mojom::kURLLoadOptionSendSSLInfoForCertificateError; -@@ -1238,7 +1244,7 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request, - return; - } - auto* url_loader_network_observer = GetURLLoaderNetworkServiceObserver(); -- if (!url_loader_network_observer) { -+ if (!url_loader_network_observer && !auth_client_) { - OnAuthCredentials(base::nullopt); - return; - } -@@ -1250,10 +1256,22 @@ void URLLoader::OnAuthRequired(net::URLRequest* url_request, - - DCHECK(!auth_challenge_responder_receiver_.is_bound()); - -- url_loader_network_observer->OnAuthRequired( -- fetch_window_id_, request_id_, url_request_->url(), first_auth_attempt_, -- auth_info, url_request->response_headers(), -- auth_challenge_responder_receiver_.BindNewPipeAndPassRemote()); -+ auto head = mojom::URLResponseHead::New(); -+ if (url_request->response_headers()) -+ head->headers = url_request->response_headers(); -+ head->auth_challenge_info = auth_info; -+ if (auth_client_) { -+ auth_client_->OnAuthRequired( -+ fetch_window_id_, factory_params_->process_id, -+ request_id_, url_request_->url(), first_auth_attempt_, auth_info, -+ std::move(head), -+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote()); -+ } else { -+ url_loader_network_observer->OnAuthRequired( -+ fetch_window_id_, request_id_, url_request_->url(), first_auth_attempt_, -+ auth_info, url_request->response_headers(), -+ auth_challenge_responder_receiver_.BindNewPipeAndPassRemote()); -+ } - - auth_challenge_responder_receiver_.set_disconnect_handler( - base::BindOnce(&URLLoader::DeleteSelf, base::Unretained(this))); -diff --git a/services/network/url_loader.h b/services/network/url_loader.h -index 00976c56702ed3e77505438344b214ce134e8a4f..77d0495c628d78c78930d24d9728f1111f6690f4 100644 ---- a/services/network/url_loader.h -+++ b/services/network/url_loader.h -@@ -129,6 +129,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader - scoped_refptr resource_scheduler_client, - base::WeakPtr keepalive_statistics_recorder, - mojom::TrustedURLLoaderHeaderClient* url_loader_header_client, -+ mojom::TrustedURLLoaderAuthClient* url_loader_auth_client, - mojom::OriginPolicyManager* origin_policy_manager, - std::unique_ptr - trust_token_helper_factory, -@@ -516,6 +517,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader - base::Optional fetch_window_id_; - - mojo::Remote header_client_; -+ mojo::Remote auth_client_; - - std::unique_ptr file_opener_for_upload_; - -diff --git a/services/network/url_loader_factory.cc b/services/network/url_loader_factory.cc -index a252f29c7b2a93e55d030481c3e9b7e5910fb3c1..ea5d8f9a3f1183efde596e8f646209c6fedd06fd 100644 ---- a/services/network/url_loader_factory.cc -+++ b/services/network/url_loader_factory.cc -@@ -81,6 +81,7 @@ URLLoaderFactory::URLLoaderFactory( - resource_scheduler_client_(std::move(resource_scheduler_client)), - header_client_(std::move(params_->header_client)), - coep_reporter_(std::move(params_->coep_reporter)), -+ auth_client_(std::move(params_->auth_client)), - cors_url_loader_factory_(cors_url_loader_factory), - cookie_observer_(std::move(params_->cookie_observer)), - url_loader_network_service_observer_( -@@ -291,6 +292,7 @@ void URLLoaderFactory::CreateLoaderAndStart( - context_->require_network_isolation_key(), resource_scheduler_client_, - std::move(keepalive_statistics_recorder), - header_client_.is_bound() ? header_client_.get() : nullptr, -+ auth_client_.is_bound() ? auth_client_.get() : nullptr, - context_->origin_policy_manager(), std::move(trust_token_factory), - context_->cors_origin_access_list(), std::move(cookie_observer), - std::move(url_loader_network_observer), std::move(devtools_observer), -diff --git a/services/network/url_loader_factory.h b/services/network/url_loader_factory.h -index f7f4f075ee5252a43282464bbfbb141be39b8b3e..06d82007ec3ec60b0afcbb7f6722ed44664b4e09 100644 ---- a/services/network/url_loader_factory.h -+++ b/services/network/url_loader_factory.h -@@ -96,6 +96,7 @@ class URLLoaderFactory : public mojom::URLLoaderFactory { - scoped_refptr resource_scheduler_client_; - mojo::Remote header_client_; - mojo::Remote coep_reporter_; -+ mojo::Remote auth_client_; - - // |cors_url_loader_factory_| owns this. - cors::CorsURLLoaderFactory* cors_url_loader_factory_; diff --git a/shell/browser/api/electron_api_url_loader.cc b/shell/browser/api/electron_api_url_loader.cc index c08e65b038bf1..49fc2aa7ec483 100644 --- a/shell/browser/api/electron_api_url_loader.cc +++ b/shell/browser/api/electron_api_url_loader.cc @@ -11,7 +11,6 @@ #include #include -#include "base/containers/id_map.h" #include "base/no_destructor.h" #include "gin/handle.h" #include "gin/object_template_builder.h" @@ -260,12 +259,6 @@ const net::NetworkTrafficAnnotationTag kTrafficAnnotation = setting: "This feature cannot be disabled." })"); -base::IDMap& GetAllRequests() { - static base::NoDestructor> - s_all_requests; - return *s_all_requests; -} - } // namespace gin::WrapperInfo SimpleURLLoaderWrapper::kWrapperInfo = { @@ -274,12 +267,16 @@ gin::WrapperInfo SimpleURLLoaderWrapper::kWrapperInfo = { SimpleURLLoaderWrapper::SimpleURLLoaderWrapper( std::unique_ptr request, network::mojom::URLLoaderFactory* url_loader_factory, - int options) - : id_(GetAllRequests().Add(this)) { - // We slightly abuse the |render_frame_id| field in ResourceRequest so that - // we can correlate any authentication events that arrive with this request. - request->render_frame_id = id_; - + int options) { + if (!request->trusted_params) + request->trusted_params = network::ResourceRequest::TrustedParams(); + mojo::PendingRemote + url_loader_network_observer_remote; + url_loader_network_observer_receivers_.Add( + this, + url_loader_network_observer_remote.InitWithNewPipeAndPassReceiver()); + request->trusted_params->url_loader_network_observer = + std::move(url_loader_network_observer_remote); // SimpleURLLoader wants to control the request body itself. We have other // ideas. auto request_body = std::move(request->request_body); @@ -316,21 +313,15 @@ void SimpleURLLoaderWrapper::PinBodyGetter(v8::Local body_getter) { body_getter); } -SimpleURLLoaderWrapper::~SimpleURLLoaderWrapper() { - GetAllRequests().Remove(id_); -} - -// static -SimpleURLLoaderWrapper* SimpleURLLoaderWrapper::FromID(uint32_t id) { - DCHECK_CURRENTLY_ON(content::BrowserThread::UI); - return GetAllRequests().Lookup(id); -} +SimpleURLLoaderWrapper::~SimpleURLLoaderWrapper() = default; void SimpleURLLoaderWrapper::OnAuthRequired( + const base::Optional& window_id, + uint32_t request_id, const GURL& url, bool first_auth_attempt, - net::AuthChallengeInfo auth_info, - network::mojom::URLResponseHeadPtr head, + const net::AuthChallengeInfo& auth_info, + const scoped_refptr& head_headers, mojo::PendingRemote auth_challenge_responder) { DCHECK_CURRENTLY_ON(content::BrowserThread::UI); @@ -356,6 +347,12 @@ void SimpleURLLoaderWrapper::OnAuthRequired( Emit("login", auth_info, base::AdaptCallbackForRepeating(std::move(cb))); } +void SimpleURLLoaderWrapper::Clone( + mojo::PendingReceiver + observer) { + url_loader_network_observer_receivers_.Add(this, std::move(observer)); +} + void SimpleURLLoaderWrapper::Cancel() { loader_.reset(); pinned_wrapper_.Reset(); diff --git a/shell/browser/api/electron_api_url_loader.h b/shell/browser/api/electron_api_url_loader.h index 6af528c669372..94a4cc93fb4ce 100644 --- a/shell/browser/api/electron_api_url_loader.h +++ b/shell/browser/api/electron_api_url_loader.h @@ -11,10 +11,12 @@ #include "base/memory/weak_ptr.h" #include "gin/wrappable.h" +#include "mojo/public/cpp/bindings/receiver_set.h" #include "net/base/auth.h" #include "services/network/public/cpp/simple_url_loader_stream_consumer.h" #include "services/network/public/mojom/network_context.mojom.h" #include "services/network/public/mojom/url_loader_factory.mojom-forward.h" +#include "services/network/public/mojom/url_loader_network_service_observer.mojom.h" #include "services/network/public/mojom/url_response_head.mojom.h" #include "shell/browser/event_emitter_mixin.h" #include "url/gurl.h" @@ -39,21 +41,12 @@ namespace api { class SimpleURLLoaderWrapper : public gin::Wrappable, public gin_helper::EventEmitterMixin, - public network::SimpleURLLoaderStreamConsumer { + public network::SimpleURLLoaderStreamConsumer, + public network::mojom::URLLoaderNetworkServiceObserver { public: ~SimpleURLLoaderWrapper() override; static gin::Handle Create(gin::Arguments* args); - static SimpleURLLoaderWrapper* FromID(uint32_t id); - - void OnAuthRequired( - const GURL& url, - bool first_auth_attempt, - net::AuthChallengeInfo auth_info, - network::mojom::URLResponseHeadPtr head, - mojo::PendingRemote - auth_challenge_responder); - void Cancel(); // gin::Wrappable @@ -73,6 +66,39 @@ class SimpleURLLoaderWrapper void OnComplete(bool success) override; void OnRetry(base::OnceClosure start_retry) override; + // network::mojom::URLLoaderNetworkServiceObserver: + void OnAuthRequired( + const base::Optional& window_id, + uint32_t request_id, + const GURL& url, + bool first_auth_attempt, + const net::AuthChallengeInfo& auth_info, + const scoped_refptr& head_headers, + mojo::PendingRemote + auth_challenge_responder) override; + void OnSSLCertificateError(const GURL& url, + int net_error, + const net::SSLInfo& ssl_info, + bool fatal, + OnSSLCertificateErrorCallback response) override {} + void OnCertificateRequested( + const base::Optional& window_id, + const scoped_refptr& cert_info, + mojo::PendingRemote + client_cert_responder) override {} + void OnClearSiteData(const GURL& url, + const std::string& header_value, + int32_t load_flags, + OnClearSiteDataCallback callback) override {} + void OnLoadingStateUpdate(network::mojom::LoadInfoPtr info, + OnLoadingStateUpdateCallback callback) override {} + void OnDataUseUpdate(int32_t network_traffic_annotation_id_hash, + int64_t recv_bytes, + int64_t sent_bytes) override {} + void Clone( + mojo::PendingReceiver + listener) override; + // SimpleURLLoader callbacks void OnResponseStarted(const GURL& final_url, const network::mojom::URLResponseHead& response_head); @@ -86,11 +112,12 @@ class SimpleURLLoaderWrapper void Pin(); void PinBodyGetter(v8::Local); - uint32_t id_; std::unique_ptr loader_; v8::Global pinned_wrapper_; v8::Global pinned_chunk_pipe_getter_; + mojo::ReceiverSet + url_loader_network_observer_receivers_; base::WeakPtrFactory weak_factory_{this}; }; diff --git a/shell/browser/electron_browser_context.cc b/shell/browser/electron_browser_context.cc index 4765341dc75ed..42f6f5ca8b298 100644 --- a/shell/browser/electron_browser_context.cc +++ b/shell/browser/electron_browser_context.cc @@ -32,12 +32,10 @@ #include "content/public/browser/cors_origin_pattern_setter.h" #include "content/public/browser/shared_cors_origin_access_list.h" #include "content/public/browser/storage_partition.h" -#include "mojo/public/cpp/bindings/self_owned_receiver.h" #include "net/base/escape.h" #include "services/network/public/cpp/features.h" #include "services/network/public/cpp/wrapper_shared_url_loader_factory.h" #include "services/network/public/mojom/network_context.mojom.h" -#include "shell/browser/api/electron_api_url_loader.h" #include "shell/browser/cookie_change_notifier.h" #include "shell/browser/electron_browser_client.h" #include "shell/browser/electron_browser_main_parts.h" @@ -342,7 +340,6 @@ ElectronBrowserContext::GetURLLoaderFactory() { network::mojom::URLLoaderFactoryParamsPtr params = network::mojom::URLLoaderFactoryParams::New(); params->header_client = std::move(header_client); - params->auth_client = auth_client_.BindNewPipeAndPassRemote(); params->process_id = network::mojom::kBrowserProcessId; params->is_trusted = true; params->is_corb_enabled = false; @@ -362,39 +359,6 @@ ElectronBrowserContext::GetURLLoaderFactory() { return url_loader_factory_; } -class AuthResponder : public network::mojom::TrustedAuthClient { - public: - AuthResponder() {} - ~AuthResponder() override = default; - - private: - void OnAuthRequired( - const base::Optional<::base::UnguessableToken>& window_id, - uint32_t process_id, - uint32_t request_id, - const ::GURL& url, - bool first_auth_attempt, - const ::net::AuthChallengeInfo& auth_info, - ::network::mojom::URLResponseHeadPtr head, - mojo::PendingRemote - auth_challenge_responder) override { - api::SimpleURLLoaderWrapper* url_loader = - api::SimpleURLLoaderWrapper::FromID(routing_id); - if (url_loader) { - url_loader->OnAuthRequired(url, first_auth_attempt, auth_info, - std::move(head), - std::move(auth_challenge_responder)); - } - } -}; - -void ElectronBrowserContext::OnLoaderCreated( - int32_t request_id, - mojo::PendingReceiver auth_client) { - mojo::MakeSelfOwnedReceiver(std::make_unique(), - std::move(auth_client)); -} - content::PushMessagingService* ElectronBrowserContext::GetPushMessagingService() { return nullptr; diff --git a/shell/browser/electron_browser_context.h b/shell/browser/electron_browser_context.h index 1db419e0451b5..1fdf108bd9fd9 100644 --- a/shell/browser/electron_browser_context.h +++ b/shell/browser/electron_browser_context.h @@ -48,9 +48,7 @@ class SpecialStoragePolicy; class WebViewManager; class ProtocolRegistry; -class ElectronBrowserContext - : public content::BrowserContext, - public network::mojom::TrustedURLLoaderAuthClient { +class ElectronBrowserContext : public content::BrowserContext { public: // partition_id => browser_context struct PartitionKey { @@ -151,10 +149,6 @@ class ElectronBrowserContext bool in_memory, base::DictionaryValue options); - void OnLoaderCreated(int32_t request_id, - mojo::PendingReceiver - header_client) override; - // Initialize pref registry. void InitPrefs(); @@ -185,7 +179,6 @@ class ElectronBrowserContext // Shared URLLoaderFactory. scoped_refptr url_loader_factory_; - mojo::Receiver auth_client_{this}; network::mojom::SSLConfigPtr ssl_config_; mojo::Remote ssl_config_client_;