New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 3 users

Issue metadata

Status: Fixed
Owner:
Out until 4th March
Closed: Jan 15
Cc:
Components:
EstimatedDays: ----
NextAction: 2019-01-15
OS: ----
Pri: 2
Type: Bug

Blocking:
issue 882501
issue 888079



Sign in to add a comment
link

Issue 882053: Track initiator origin for navigations

Reported by nasko@chromium.org, Sep 7 Project Member

Issue description

Currently, the initiator origin for navigation is not tracked across the entire navigation stack. For example, the browser process is not aware of which origin a data: URL comes from and similarly we lose information about the origin of sandboxed iframes.
Lack of such support prevents us from implementing certain features, such as issue 55084 (injecting extensions content scripts in data: URLs).

This is a bug to track adding support for keeping track of initiator origin across the codebase.
 

Comment 1 by bugdroid1@chromium.org, Sep 17

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9277dfc597167e684a25a8240059159d550d2aa6

commit 9277dfc597167e684a25a8240059159d550d2aa6
Author: Nasko Oskov <nasko@chromium.org>
Date: Mon Sep 17 23:20:54 2018

Allow an opaque url::Origin to remember where it came from.

The problem being solved here is that, although various web platform features
can cause documents to be placed in opaque origins, sometimes doing so
obscures the actual source of the documents, which itself can be a
security risk. "data:" URLs, "srcdoc" plus "sandbox" are particular tricky cases
of this, as neither the URL nor the committed origin retains information about
which network host the content is originally from.

This CL is the first step towards solving this problem by keeping that
information around in url::Origin. It is just the url::Origin changes
from nick@'s work on precursor origins started in https://crrev.com/c/1028985.

The precursor information must be used carefully. Opaque origins should
generally not inherit privileges from the origins they derive from. However, in
some cases (such as restrictions on process placement, or determining the http
lock icon, or determining content script injection) this information may be
relevant to ensure that entering an opaque origin does not grant privileges
initially denied to the original non-opaque origin.

This new tracking is transitive: meaning if a page loaded from
http://example.com navigates to a data URL, which then navigates to a blob:null
URL, which embeds an <iframe sandbox srcdoc="...">, the precursor origin for the
sandboxed iframe is retained to be "http://example.com".

Bug:  882053 
Cq-Include-Trybots: luci.chromium.try:linux_mojo
Change-Id: I021245c624b78f08bd835c5cae9fde7ec5e44b80
Reviewed-on: https://chromium-review.googlesource.com/1214745
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Ian Clelland <iclelland@chromium.org>
Reviewed-by: Luna Lu <loonybear@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Cr-Commit-Position: refs/heads/master@{#591867}
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/content/child/blink_platform_impl_unittest.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/net/http/http_server_properties_impl_unittest.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/services/network/public/cpp/net_ipc_param_traits.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/third_party/blink/common/feature_policy/feature_policy.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/third_party/blink/common/feature_policy/feature_policy_unittest.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/third_party/blink/public/common/feature_policy/feature_policy.h
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/tools/ipc_fuzzer/fuzzer/fuzzer.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/mojom/origin_mojom_traits.h
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/mojom/url_gurl_mojom_traits_unittest.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/origin.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/origin.h
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/origin_unittest.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/scheme_host_port.cc
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/scheme_host_port.h
[modify] https://crrev.com/9277dfc597167e684a25a8240059159d550d2aa6/url/scheme_host_port_unittest.cc

Comment 2 by lukasza@chromium.org, Sep 21

Blocking: 888079

Comment 3 by cthomp@chromium.org, Sep 24

Blocking: 882501

Comment 4 by bugdroid1@chromium.org, Sep 27

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc

commit d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc
Author: Nasko Oskov <nasko@chromium.org>
Date: Thu Sep 27 23:12:42 2018

Change origin.mojom to use url::Origin::Nonce for serializing opaque origins.

This CL is part of adding precursor origin support to url::Origin which
nick@ started in https://crrev.com/c/1028985. It changes the Mojo
representation of url::Origin to use the nonce as an indicator for
whether the origin is opaque or not instead of keeping a boolean.

Bug:  882053 
Cq-Include-Trybots: luci.chromium.try:linux_mojo
Change-Id: If260a09a66cf62b870f15d52f5aabc27a3f73823
Reviewed-on: https://chromium-review.googlesource.com/1227393
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Balazs Engedy <engedy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#594911}
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/services/network/public/cpp/net_ipc_param_traits.cc
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/mock-navigator-credentials.js
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/third_party/blink/renderer/platform/mojo/security_origin_struct_traits.h
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/url/BUILD.gn
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/url/mojom/BUILD.gn
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/url/mojom/origin.mojom
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/url/mojom/origin_mojom_traits.h
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/url/mojom/url_gurl_mojom_traits_unittest.cc
[modify] https://crrev.com/d9e41d5cd03ff3f26b77ac3f3b19c0cac6fb27dc/url/origin.h

Comment 5 by bugdroid1@chromium.org, Oct 10

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/99445acdfcc014c69c3df7e19ecf7242a536bcb7

commit 99445acdfcc014c69c3df7e19ecf7242a536bcb7
Author: Nasko Oskov <nasko@chromium.org>
Date: Wed Oct 10 16:46:00 2018

Add support for precursor origin to Blink's SecurityOrigin.

This CL is part of adding precursor origin support to Chromium which
nick@ started in https://crrev.com/c/1028985. It adds the precursor
origin to Blink's SecurityOrigin class.

Bug:  882053 
Change-Id: Ief9c1cf3c1008a0ce0ee52cf064e35aa8793f639
Reviewed-on: https://chromium-review.googlesource.com/c/1229180
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#598361}
[modify] https://crrev.com/99445acdfcc014c69c3df7e19ecf7242a536bcb7/third_party/blink/renderer/core/execution_context/security_context.cc
[modify] https://crrev.com/99445acdfcc014c69c3df7e19ecf7242a536bcb7/third_party/blink/renderer/platform/mojo/security_origin_struct_traits.h
[modify] https://crrev.com/99445acdfcc014c69c3df7e19ecf7242a536bcb7/third_party/blink/renderer/platform/weborigin/security_origin.cc
[modify] https://crrev.com/99445acdfcc014c69c3df7e19ecf7242a536bcb7/third_party/blink/renderer/platform/weborigin/security_origin.h
[modify] https://crrev.com/99445acdfcc014c69c3df7e19ecf7242a536bcb7/third_party/blink/renderer/platform/weborigin/security_origin_test.cc
[modify] https://crrev.com/99445acdfcc014c69c3df7e19ecf7242a536bcb7/url/origin.h

Comment 6 by bugdroid1@chromium.org, Oct 19

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/83a8cf9b20150285af625768cdbbffaf4f1518bc

commit 83a8cf9b20150285af625768cdbbffaf4f1518bc
Author: Nasko Oskov <nasko@chromium.org>
Date: Fri Oct 19 14:58:56 2018

Replace OpenURL usage in window.open() with LoadURLWithParams.

The current window.open() implementation on the browser side is using
OpenURL to navigate when the opener is suppressed (e.g. 'noopener') and
URL is specified. This results in the navigation being sent up to the
embedder and come back to content. Since the default parameters being
constructed should not cause the embedder to make any changes to the
navigation, it should be safe to skip the extra code and directly
navigate the new window.

This CL adds LoadURLParams storage to WebContentsImpl and implements
all navigations of window.open() that are started browser process side
to use NavigationController::LoadURLWithParams. It effectively
short-circuits the unnecessary trip to the embedder.

Bug:  882053 
Change-Id: I09120397f3a6e7856e76ba0448d0bdff807f7628
Reviewed-on: https://chromium-review.googlesource.com/c/1286194
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#601148}
[modify] https://crrev.com/83a8cf9b20150285af625768cdbbffaf4f1518bc/content/browser/web_contents/web_contents_impl.cc
[modify] https://crrev.com/83a8cf9b20150285af625768cdbbffaf4f1518bc/content/browser/web_contents/web_contents_impl.h

Comment 7 by aleventhal@chromium.org, Dec 5

The CL for comment 6 caused  issue 912348  -- PTAL

Comment 8 by bugdroid1@chromium.org, Dec 6

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/18006bc7a59e2db7fe94d2511d0a0fe66b678f72

commit 18006bc7a59e2db7fe94d2511d0a0fe66b678f72
Author: Nasko Oskov <nasko@chromium.org>
Date: Thu Dec 06 02:53:58 2018

Store the committed origin for navigation in FrameNavigationEntry.

Bug:  882053 
Change-Id: I36960aa5fbab5ef8d3ba89158f31d408950da34b
Reviewed-on: https://chromium-review.googlesource.com/c/1344876
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#614247}
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/browser/frame_host/frame_navigation_entry.cc
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/browser/frame_host/frame_navigation_entry.h
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/browser/frame_host/navigation_controller_impl.cc
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/browser/frame_host/navigation_controller_impl_browsertest.cc
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/browser/frame_host/navigation_entry_impl.cc
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/browser/frame_host/navigation_entry_impl.h
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/test/test_render_frame_host.cc
[modify] https://crrev.com/18006bc7a59e2db7fe94d2511d0a0fe66b678f72/content/test/test_web_contents.cc

Comment 9 by nasko@chromium.org, Dec 12

Status: Started (was: Untriaged)

Comment 10 by bugdroid1@chromium.org, Dec 15

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6e845755633a4fd21c5a2492cc9b587f0248f7f3

commit 6e845755633a4fd21c5a2492cc9b587f0248f7f3
Author: Nasko Oskov <nasko@chromium.org>
Date: Sat Dec 15 00:24:55 2018

FrameLoadRequest should reuse origin instead of recreating it.

FrameLoadRequest is currently constructing the requestor origin from
the URL of the requestor document. However, constructing origins based
on URL is a lossy process and does not preserve precursor origin
information.
Since the requestor document is already passed in as a parameter, the
origin of the document should be used directly. This CL changes that.

It also fixes a bug in the GetDownloadPolicy method where origin
comparison is assigned to a boolean incorrectly.

Bug: 632514,  882053 
Change-Id: Ibb386ef7ecddc0b5dcc5b9e2b83f7b5215fdc1e9
Reviewed-on: https://chromium-review.googlesource.com/c/1378587
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#616889}
[modify] https://crrev.com/6e845755633a4fd21c5a2492cc9b587f0248f7f3/chrome/browser/chrome_navigation_browsertest.cc
[modify] https://crrev.com/6e845755633a4fd21c5a2492cc9b587f0248f7f3/content/browser/navigation_browsertest.cc
[modify] https://crrev.com/6e845755633a4fd21c5a2492cc9b587f0248f7f3/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/6e845755633a4fd21c5a2492cc9b587f0248f7f3/third_party/blink/renderer/core/loader/frame_load_request.cc

Comment 11 by bugdroid1@chromium.org, Dec 19

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/93e7c55ce38ad9dbed722f532c3ab76715d467d1

commit 93e7c55ce38ad9dbed722f532c3ab76715d467d1
Author: Nasko Oskov <nasko@chromium.org>
Date: Wed Dec 19 01:59:29 2018

Add initiator origin information to all renderer-initiated navigations.

To support propagating precursor origin information throughout navigation
it is required to know the initiator origin for navigations. This is
a part of of bigger CL to implement support for precursor origin in
all navigation paths. This CL adds initiator origin to the following
cases that didn't have it before:
* RenderFrame(Host)Impl::OpenURL
* Navigating a remote frame (through RenderFrameProxy)
* window.open() with noopener attribute

Bug:  882053 
Change-Id: Id5d5d0620f4381eb5965cef2168e6e65e098559a
Reviewed-on: https://chromium-review.googlesource.com/c/1379217
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#617708}
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/chrome/browser/ui/browser_navigator.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/chrome/browser/ui/browser_navigator_params.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/chrome/browser/ui/browser_navigator_params.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigation_controller_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigation_controller_impl.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigation_controller_impl_unittest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigation_entry_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigator.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigator_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/navigator_impl.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/frame_host/render_frame_proxy_host.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/loader/navigation_url_loader_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/loader/navigation_url_loader_impl_unittest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/loader/navigation_url_loader_unittest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/loader/resource_dispatcher_host_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/loader/resource_dispatcher_host_unittest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/navigation_browsertest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/security_exploit_browsertest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/service_worker/service_worker_client_utils.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/web_contents/web_contents_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/browser/web_contents/web_contents_impl_browsertest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/common/frame_messages.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/common/navigation_params.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/common/navigation_params.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/common/navigation_params.mojom
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/public/browser/navigation_controller.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/public/browser/page_navigator.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/public/test/navigation_simulator.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/public/test/render_view_test.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/public/test/test_navigation_observer.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/public/test/test_navigation_observer.h
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/renderer/render_frame_proxy.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/renderer/render_view_browsertest.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/shell/browser/shell.cc
[modify] https://crrev.com/93e7c55ce38ad9dbed722f532c3ab76715d467d1/content/test/test_render_frame_host.cc

Comment 12 by bugdroid1@chromium.org, Dec 26

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/857276d8bfcb66456d9e7b6f0e316e45bb68fc2c

commit 857276d8bfcb66456d9e7b6f0e316e45bb68fc2c
Author: Nasko Oskov <nasko@chromium.org>
Date: Wed Dec 26 21:59:27 2018

Update NavigationController unit test to set origin on commit IPCs.

Origin for the committed navigation is expected for all commit IPCs and
some unit tests don't specify them. This CL adds origins to unit tests
for NavigationController and additionally fixes some tests to navigate
the correct RenderFrameHost.

Bug:  882053 
Change-Id: I2c24f669c8b8db50d6b483989498a3d637d3b425
Reviewed-on: https://chromium-review.googlesource.com/c/1391317
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#618967}
[modify] https://crrev.com/857276d8bfcb66456d9e7b6f0e316e45bb68fc2c/content/browser/frame_host/navigation_controller_impl_unittest.cc

Comment 13 Deleted

Comment 14 by bugdroid1@chromium.org, Jan 4

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/dd6585b58f39028974fb5f742b07042a9e3da023

commit dd6585b58f39028974fb5f742b07042a9e3da023
Author: Nasko Oskov <nasko@chromium.org>
Date: Fri Jan 04 00:40:41 2019

Fix HeadlessWebContentsTest.BrowserOpenInTab.

As of https://crrev.com/617708 the expectation is that all renderer
initiated navigations must specify the origin of the document that
started the navigation.

This CL adds support for initiator origin in headless code.

Bug:  882053 
Change-Id: I67dfff88932174f8098f4349412c37fac6e54381
Reviewed-on: https://chromium-review.googlesource.com/c/1395064
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#619831}
[modify] https://crrev.com/dd6585b58f39028974fb5f742b07042a9e3da023/headless/lib/browser/headless_web_contents_impl.cc

Comment 15 by bugdroid1@chromium.org, Jan 4

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6a1befbcdb6b686cbd166e0cab0ff18795addd77

commit 6a1befbcdb6b686cbd166e0cab0ff18795addd77
Author: Nasko Oskov <nasko@chromium.org>
Date: Fri Jan 04 14:57:47 2019

Fix Bookmark Apps by exposing initiator origin from NavigationHandle.

As of https://crrev.com/617708 the expectation is that all renderer
initiated navigations must specify the origin of the document that
started the navigation.

This CL fixes OpenNewForegroundTab to supply initiator origin for
the navigation in the newly opened tab. To achieve that, the initiator
origin is exposed through NavigationHandle's public API.

TBR=ortuno@chromium.org

Bug:  882053 
Change-Id: I3867a5579d5dcc954f0759a93cc5c0f431a092b8
Reviewed-on: https://chromium-review.googlesource.com/c/1395418
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#619949}
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/chrome/browser/extensions/bookmark_app_navigation_throttle_utils.cc
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/browser/frame_host/form_submission_throttle_browsertest.cc
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/browser/frame_host/navigation_handle_impl.h
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/browser/frame_host/navigation_handle_impl_unittest.cc
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/browser/frame_host/origin_policy_throttle_unittest.cc
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/public/browser/navigation_handle.cc
[modify] https://crrev.com/6a1befbcdb6b686cbd166e0cab0ff18795addd77/content/public/browser/navigation_handle.h

Comment 16 by bugdroid1@chromium.org, Jan 4

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e9f1978151f538cfa51fa3142e9e47c4bed855f9

commit e9f1978151f538cfa51fa3142e9e47c4bed855f9
Author: Nasko Oskov <nasko@chromium.org>
Date: Fri Jan 04 18:32:35 2019

Fix PopupBlockerBrowserTest tests for initiator origins.

As of https://crrev.com/617708 the expectation is that all renderer
initiated navigations must specify the origin of the document that
started the navigation.

This CL fixes PopupBlockerBrowserTest to pass when DCHECK for initiator
origin on renderer-initiated navigations is enabled. It also changes
the parameter type for CanCreateWindow from GURL to url::Origin.

Bug:  882053 
Change-Id: Id75c955885bc3c3c4c0e8e5c874ae9a24bcbc8ee
Reviewed-on: https://chromium-review.googlesource.com/c/1395066
Reviewed-by: Bo <boliu@chromium.org>
Reviewed-by: Luke Halliwell <halliwell@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#620004}
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/android_webview/browser/aw_content_browser_client.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/android_webview/browser/aw_content_browser_client.h
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/chrome/browser/chrome_content_browser_client.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/chrome/browser/chrome_content_browser_client.h
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/chrome/browser/ui/blocked_content/blocked_window_params.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/chrome/browser/ui/blocked_content/blocked_window_params.h
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/chrome/browser/ui/content_settings/content_setting_bubble_model_unittest.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/chromecast/browser/cast_content_browser_client.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/chromecast/browser/cast_content_browser_client.h
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/content/public/browser/content_browser_client.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/content/public/browser/content_browser_client.h
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/content/shell/browser/web_test/web_test_content_browser_client.cc
[modify] https://crrev.com/e9f1978151f538cfa51fa3142e9e47c4bed855f9/content/shell/browser/web_test/web_test_content_browser_client.h

Comment 17 by bugdroid1@chromium.org, Jan 5

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/11bce3a15b94992cfb9b0a78df852eef760e6242

commit 11bce3a15b94992cfb9b0a78df852eef760e6242
Author: Nasko Oskov <nasko@chromium.org>
Date: Sat Jan 05 02:25:11 2019

Plumb initiator origin in Java for clank popup handling.

As of https://crrev.com/617708 the expectation is that all renderer
initiated navigations must specify the origin of the document that
started the navigation.

This CL adds initiator origin serialization into Java and back into
C++ to allow Clank popup handling to supply the initiator origin for
renderer-initiated navigations.

Bug:  882053 
Change-Id: I416ec4ad7b8fd20679c107aa67f45ed6b4c9e023
Reviewed-on: https://chromium-review.googlesource.com/c/1396838
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Ted Choc <tedchoc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#620155}
[modify] https://crrev.com/11bce3a15b94992cfb9b0a78df852eef760e6242/chrome/android/java/src/org/chromium/chrome/browser/tab/Tab.java
[modify] https://crrev.com/11bce3a15b94992cfb9b0a78df852eef760e6242/chrome/android/java/src/org/chromium/chrome/browser/tab/TabWebContentsDelegateAndroid.java
[modify] https://crrev.com/11bce3a15b94992cfb9b0a78df852eef760e6242/chrome/browser/android/tab_android.cc
[modify] https://crrev.com/11bce3a15b94992cfb9b0a78df852eef760e6242/chrome/browser/android/tab_android.h
[modify] https://crrev.com/11bce3a15b94992cfb9b0a78df852eef760e6242/content/public/android/java/src/org/chromium/content_public/browser/LoadUrlParams.java

Comment 18 by bugdroid1@chromium.org, Jan 5

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/97e305f61ef51cdefd86742ce7a8dc8a35976cbb

commit 97e305f61ef51cdefd86742ce7a8dc8a35976cbb
Author: Nasko Oskov <nasko@chromium.org>
Date: Sat Jan 05 03:52:10 2019

Add url::Origin::CanBeDerivedFrom method to allow verifying URLs.

In various areas of the code, we should be able to perform sanity checks
whether an URL and an origin are compatible. What that means is that
when a document is committed from an URL, the resulting origin can
only be one of:
* origin based on the URL
* opaque origin with precursor information based on an URL
* opaque unique origin

The CanBeDerivedFrom method is added to url::Origin to allow such
checks to be performed. It will return false in cases where the origin
cannot have come from the supplied URL. An example is http://foo.com
origin with data:text/html,foo URL. URLs with data: schemes always
commit in an unique origin, so they are not compatible with valid
tuple origins.

Bug:  882053 
Change-Id: I681d28526c09e8672b0381e8d93a914cedd1a075
Reviewed-on: https://chromium-review.googlesource.com/c/1388182
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#620167}
[modify] https://crrev.com/97e305f61ef51cdefd86742ce7a8dc8a35976cbb/url/origin.cc
[modify] https://crrev.com/97e305f61ef51cdefd86742ce7a8dc8a35976cbb/url/origin.h
[modify] https://crrev.com/97e305f61ef51cdefd86742ce7a8dc8a35976cbb/url/origin_unittest.cc

Comment 19 by bugdroid1@chromium.org, Jan 11

Project Member
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/03912101eb72d9089320e65955b8da01ed234120

commit 03912101eb72d9089320e65955b8da01ed234120
Author: Nasko Oskov <nasko@chromium.org>
Date: Fri Jan 11 00:21:32 2019

Add support for precursor origin to session history navigations

url::Origin is at this time capable of storing information for opaque origins
that indicates where they have come from - precursor origin. This is very
useful information for making security decisions, such as which process to
place a navigation or verifying that an opaque origin sent by renderer process
is expected/allowed.

This CL adds support for the browser process to tell the renderer process
which origin to commit a specific navigation in. It is currently only used for
session history navigations, as the origin in which they have committed is
stored in FrameNavigationEntry. This allows navigations to session history
entries with URLs that don't have embedded origin (e.g. about:blank, data:) to
still commit in the origin which they initially were created in.

Bug:  882053 
Change-Id: I71f8bace6b017973fc79465b1809ca0ff9794465
Reviewed-on: https://chromium-review.googlesource.com/c/1375390
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#621820}
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/frame_navigation_entry.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/frame_navigation_entry.h
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/frame_tree_browsertest.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/navigation_controller_impl.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/navigation_controller_impl_browsertest.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/navigation_entry_impl.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/navigation_entry_impl.h
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/render_frame_host_manager_browsertest.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/frame_host/render_frame_host_manager_unittest.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/common/frame_messages.h
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/common/navigation_params.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/common/navigation_params.h
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/public/test/navigation_simulator.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/third_party/blink/public/web/web_navigation_params.h
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/third_party/blink/renderer/core/dom/document.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/third_party/blink/renderer/core/dom/document_init.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/third_party/blink/renderer/core/dom/document_init.h
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/third_party/blink/renderer/core/loader/document_loader.cc
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/third_party/blink/renderer/core/loader/document_loader.h
[modify] https://crrev.com/03912101eb72d9089320e65955b8da01ed234120/third_party/blink/renderer/platform/weborigin/security_origin.cc

Comment 20 by nasko@chromium.org, Jan 11

NextAction: 2019-01-15
With the CL which landed in #19, we should now have precursor information in all navigation codepaths. Hopefully the change sticks, so adding a follow up date sometime next week to verify no fall out. At that point, assuming all is good, this bug can be closed.

Comment 21 by monor...@bugs.chromium.org, Jan 15

The NextAction date has arrived: 2019-01-15

Comment 22 by nasko@chromium.org, Jan 15

Status: Fixed (was: Started)
There have been no crashes I can find that are directly attributable to the CL landed in comment #19 and no Navigation tagged bugs in the last few days. As such, I think this CL is sticking and can call this done. Any issues that result from this should just be filed as new bugs.

Sign in to add a comment