New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 753842 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
perezju@chromium.org
picksi@chromium.org
nednguyen@chromium.org
pfeldman@chromium.org
dgozman@chromium.org
nedngu...@google.com
primiano@chromium.org
kraynov@chromium.org
EstimatedDays: ----
NextAction: 2019-07-09
OS: Linux
Pri: 3
Type: Bug



Sign in to add a comment

Catapult utils vs. DevTools security feature

Project Member Reported by kraynov@chromium.org, Aug 9 2017 
Recent change https://chromium-review.googlesource.com/c/596719 has introduced more secure (correct me if it's different reason behind) way of exposing DevTools API.

Say 
./chrome --enable-remote-debugging --remote-debugging-port=9222
prints
DevTools listening on ws://127.0.0.1:9222/devtools/browser/8f4d72fd-67cb-412e-805e-4c1c9be24d03
instead of just
DevTools listening on ws://127.0.0.1:9222/devtools/browser

However there are few places where we expect ws://x:x/devtools/browser format:
[1] https://cs.chromium.org/chromium/src/third_party/catapult/tracing/bin/memory_infra_remote_dump
[2] https://cs.chromium.org/chromium/src/third_party/catapult/experimental/telemetry_mini/telemetry_mini.py
...

This problem hasn't been observed on Android.
Obviously we have to determine a GUID when we run a browser and pass correct URL to WebSocket client.
[3] https://chromium-review.googlesource.com/c/596719/15/content/browser/devtools/devtools_http_handler.cc#238
does the job writing a file with port and GUID, and it gets handled on telemetry side
[4] https://codereview.chromium.org/2989413002

However, there is a problem. File is not being written if port is specified bacause of
[5] https://cs.chromium.org/chromium/src/chrome/browser/devtools/remote_debugging_server.cc?sq=package:chromium&dr=CSs&l=98
More surprisingly, PathService::Get(chrome::DIR_USER_DATA, &output_dir) return empty path here.

Propossed solutions:
1. Always write $CHROME_PROFILE/DevToolsActivePort file (and ensure it works) and use it in our tools.
2. Introduce Chrome flag to disable GUIDs in DevTools.

nednguyen@ what do you think?

Comment 1 by kraynov@chromium.org, Aug 9 2017

Cc: nedngu...@google.com

Comment 2 by nedngu...@google.com, Aug 9 2017

Cc: pfeldman@chromium.org
I would vote for using (1) for consistency & good security practice.

Comment 3 by primiano@chromium.org, Aug 10 2017 

kraynov@ my main questions are:
- how does telemetry get the right port and GUID ?
- Why this is a blocker for us (remote_dump / telemetry_mini) but not for telemetry does?
- Why telemetry just works without 1 and we need 1 (or 2)?

Comment 4 by primiano@chromium.org, Aug 10 2017

Cc: perezju@chromium.org
+perezju

Comment 5 by perezju@chromium.org, Aug 11 2017 

Re #3, it looks like the corresponding Telemetry change to make this work was:
https://codereview.chromium.org/2989413002

Also from that change it sounds like this does not apply to Android. So there is nothing to change (at least within telemetry_mini)?

Comment 6 by kraynov@chromium.org, Aug 11 2017 

Correct, Android target doesn't seem to be affected (hence telemetry_mini isn't affected as well). Yes, corresponding Telemetry change cited in the original description [4]. It reads $CHROME_PROFILE/DevToolsActivePort to get port number and GUID of browser instance.
But I'm concerned about 3 problems:
1. DevToolsActivePort is not being written if port was specified (not using a random one).
2. On my recent build faced a problem when PathService::Get(chrome::DIR_USER_DATA, &output_dir) return empty string which prevented me to fix (1.). Will check it again, likely I'm holding this thing wrong.
3. How many tools like [1] (memory_infra_remote_dump) are not expecting GUIDs in WebSocket URL? Tool [1] can be fixed very easily.

Comment 7 by primiano@chromium.org, Aug 11 2017

Cc: dgozman@chromium.org
> 1. DevToolsActivePort is not being written if port was specified (not using a random one).
> 2. On my recent build faced a problem when PathService::Get(chrome::DIR_USER_DATA, &output_dir) return empty string which prevented me to fix (1.). Will check it again, likely I'm holding this thing wrong.

Not a devtools expert here (+dgozman@) but this sounds like a bug in devtools then.


> 3. How many tools like [1] (memory_infra_remote_dump) are not expecting GUIDs in WebSocket URL? Tool [1] can be fixed very easily.

I would guess this is something that devtools folks thought before changing that, hence not something we should worry about.
Specifically memory_infra_remote_dump is a best-effort binary which has no test coverage, so we took the risk of being exposed to braking changes like this here. Not sure there is any other action required other than: let's fix it.

Comment 8 by pfeldman@chromium.org, Aug 11 2017 

How about an option (3) where you parse SYSERR and get the port along with the full socket address?

Comment 9 by pfeldman@chromium.org, Aug 11 2017 

dgozman is going further than that and is suggesting to never use the DevToolsActivePort file, but rather parse syserr all the time!

Comment 10 by primiano@chromium.org, Aug 12 2017 

Uh Pavel can you expand / provide pointers plz? What do you mean with "parse syserr"? 
That decodes to me like errno.h but I am pretty convinced you mean something else here

Comment 11 by perezju@chromium.org, Aug 14 2017 

I think they meant to parse STDERR? e.g. when Chrome starts and prints:

DevTools listening on ws://127.0.0.1:9222/devtools/browser/8f4d72fd-67cb-412e-805e-4c1c9be24d03

Comment 12 by benhenry@google.com, Jan 10

Labels: Pri-3
NextAction: 2019-07-09
Downgrading P2s that haven't been modified in more than 6 months, which have no component or owner.

Sign in to add a comment