Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: cherry-pick e246871765f5 from chromium #23040

Merged
merged 4 commits into from Apr 13, 2020

Conversation

nornagon
Copy link
Member

@nornagon nornagon commented Apr 8, 2020

Worker: Stop passing creator's origin for starting a dedicated worker

This CL makes DedicatedWorkerHostFactoryImpl use its
|parent_execution_origin_| (renamed to |creator_origin| by this CL) for
starting a dedicated worker instead of an origin passed from a renderer
process.

This was not feasible before because |parent_execution_origin_| is
provided from parent's |RenderFrameHostImpl::last_committed_origin_|
that is set during navigation commit. Worker creation IPC from the
renderer to browser could race with navigation commit, and could see the
wrong last committed origin.

Now this is feasible. This is because worker creation IPC is now tied
with RenderFrameHostImpl's BrowserInterfaceBroker that is re-bound
during navigation commit[*]. This ensures that worker creation requests
issued before the navigation commit are discarded by the previous
BrowserInterfaceBroker, and new requests via the new
BrowserInterfaceBroker are scoped to the new last committed origin.

[*] The call path between binding BrowserInterfaceBroker and updating
the last committed origin is as follows. These are synchronously done.

Change-Id: Id69c3d66e50aa8cbb7fee520a1479b28970de1c6
Bug: 906991, 1030909
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1971660
Reviewed-by: Daniel Cheng dcheng@chromium.org
Reviewed-by: Matt Falkenhagen falken@chromium.org
Commit-Queue: Hiroki Nakagawa nhiroki@chromium.org
Cr-Commit-Position: refs/heads/master@{#748127}

Notes: Security: backported fix for site isolation bypass in dedicated workers.

@nornagon nornagon requested a review from a team as a code owner April 8, 2020 23:42
@electron-cation electron-cation bot added the new-pr 🌱 PR opened in the last 24 hours label Apr 8, 2020
@nornagon nornagon added 7-2-x backport-check-skip Skip trop's backport validity checking and removed new-pr 🌱 PR opened in the last 24 hours labels Apr 8, 2020
@electron-cation electron-cation bot added the new-pr 🌱 PR opened in the last 24 hours label Apr 8, 2020
ppontes
ppontes previously approved these changes Apr 9, 2020
@ppontes ppontes dismissed their stale review April 9, 2020 22:37

Approved wrong PR by mistake 🤯

@electron-cation electron-cation bot removed the new-pr 🌱 PR opened in the last 24 hours label Apr 9, 2020
@jkleinsc
Copy link
Contributor

Merging as CI failure is known flake unrelated to this PR.

@jkleinsc jkleinsc merged commit ba1b75c into 7-2-x Apr 13, 2020
@release-clerk
Copy link

release-clerk bot commented Apr 13, 2020

Release Notes Persisted

Security: backported fix for site isolation bypass in dedicated workers.

@jkleinsc jkleinsc deleted the cherry-pick/7-2-x/chromium/e246871765f5 branch April 13, 2020 15:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
7-2-x backport-check-skip Skip trop's backport validity checking
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants