New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 837420 link

Starred by 2 users

Issue metadata

Status: Fixed
Owner:
Closed: May 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 3
Type: Bug

Blocking:
issue 829412



Sign in to add a comment

chrome://discards WebUI makes direct network requests

Project Member Reported by michae...@chromium.org, Apr 26 2018

Issue description

We would like to disallow network subresource requests from WebUI. "WebUI pages should use <webview> instead so that network access is isolated to less privileged renderers".

There might be a simpler solution for favicons than <webview> though.
 

Comment 1 by dpa...@chromium.org, Apr 26 2018

Is chrome://discards doing network requests only to fetch favicons? If so favicons are normally exposed to WebUI pages via chrome://favicon/ (which is backed up by the FaviconService).
Project Member

Comment 2 by bugdroid1@chromium.org, Apr 27 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1f8e01b2c449af4bf170c52d3afe0bc13023363f

commit 1f8e01b2c449af4bf170c52d3afe0bc13023363f
Author: Michael Giuffrida <michaelpg@chromium.org>
Date: Fri Apr 27 00:00:52 2018

Whitelist chrome://discards for network requests

chrome://discards displays tab favicons by URL.

Bug:  837420 
Change-Id: Ia5c2a0386f4707b0d550cec0deee4927a32d34ba
Reviewed-on: https://chromium-review.googlesource.com/1031057
Reviewed-by: Ken Rockot <rockot@chromium.org>
Commit-Queue: Michael Giuffrida <michaelpg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#554199}
[modify] https://crrev.com/1f8e01b2c449af4bf170c52d3afe0bc13023363f/extensions/browser/api/web_request/web_request_permissions.cc

Comment 3 by dpa...@chromium.org, Apr 27 2018

Is this addition to the whitelist temporary? It seems that this would be an easy case to eliminate network requests, see my previous comment as well as [1]. It seems that the code uses whatever URL is returned by the C++, instead of using the API at [2] to fetch the URL from Chromium's favicon service.

[1] https://cs.chromium.org/chromium/src/chrome/browser/resources/discards/discards.js?l=278
[2] https://cs.chromium.org/chromium/src/ui/webui/resources/js/icon.js?l=92

Comment 4 by roc...@chromium.org, Apr 27 2018

All additions to the whitelist are temporary, per the comment above the
whitelist. Though of course if it's easy enough to fix this now, that would
be preferable.
I'll give the favicon service a try.
Owner: michae...@chromium.org
Status: Started (was: Untriaged)
https://chromium-review.googlesource.com/c/chromium/src/+/1031783
Project Member

Comment 7 by bugdroid1@chromium.org, May 2 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/dd64d50d4fd138b768cf78f48332ba007e0e2eab

commit dd64d50d4fd138b768cf78f48332ba007e0e2eab
Author: Michael Giuffrida <michaelpg@chromium.org>
Date: Wed May 02 02:55:04 2018

Remove direct favicon loading in chrome://discards

Load the favicons shown in chrome://discards via cr.icon instead of
doing a direct network request from WebUI.

Remove LifecycleUnit::GetIconURL() which is now unused.

Bug:  837420 
Cq-Include-Trybots: master.tryserver.chromium.linux:closure_compilation
Change-Id: I0ce123cdf944ace2e03b2b56feb18402848f875d
Reviewed-on: https://chromium-review.googlesource.com/1031783
Commit-Queue: Michael Giuffrida <michaelpg@chromium.org>
Reviewed-by: Ken Rockot <rockot@chromium.org>
Reviewed-by: Chris Hamilton <chrisha@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#555291}
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resource_coordinator/discard_metrics_lifecycle_unit_observer_unittest.cc
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resource_coordinator/lifecycle_unit.h
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resource_coordinator/lifecycle_unit_base_unittest.cc
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resource_coordinator/tab_lifecycle_unit.cc
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resource_coordinator/tab_lifecycle_unit.h
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resource_coordinator/tab_manager_delegate_chromeos_unittest.cc
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resources/discards/discards.css
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resources/discards/discards.html
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/resources/discards/discards.js
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/ui/webui/discards/discards.mojom
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/chrome/browser/ui/webui/discards/discards_ui.cc
[modify] https://crrev.com/dd64d50d4fd138b768cf78f48332ba007e0e2eab/extensions/browser/api/web_request/web_request_permissions.cc

Status: Fixed (was: Started)

Sign in to add a comment