From f63e237b9293d3023461b0dcaa73d64a0995a091 Mon Sep 17 00:00:00 2001 From: Jeremy Apthorp Date: Wed, 8 Apr 2020 16:42:52 -0700 Subject: [PATCH 1/3] chore: cherry-pick e246871765f5 from chromium --- patches/chromium/.patches | 1 + .../chromium/cherry-pick-e246871765f5.patch | 519 ++++++++++++++++++ 2 files changed, 520 insertions(+) create mode 100644 patches/chromium/cherry-pick-e246871765f5.patch diff --git a/patches/chromium/.patches b/patches/chromium/.patches index 76a33962905d3..1c5c35762fec3 100644 --- a/patches/chromium/.patches +++ b/patches/chromium/.patches @@ -101,3 +101,4 @@ streams_convert_state_dchecks_to_checks.patch audiocontext_haspendingactivity_unless_it_s_closed.patch protect_automatic_pull_handlers_with_mutex.patch handle_err_cache_race_in_dodoneheadersaddtoentrycomplete.patch +cherry-pick-e246871765f5.patch diff --git a/patches/chromium/cherry-pick-e246871765f5.patch b/patches/chromium/cherry-pick-e246871765f5.patch new file mode 100644 index 0000000000000..9da6ef9a35f35 --- /dev/null +++ b/patches/chromium/cherry-pick-e246871765f5.patch @@ -0,0 +1,519 @@ +From e246871765f5fb2dbe0f9b05726f63745dee03fc Mon Sep 17 00:00:00 2001 +From: Hiroki Nakagawa +Date: Mon, 9 Mar 2020 07:07:57 +0000 +Subject: [PATCH] Worker: Stop passing creator's origin for starting a + dedicated worker + +This CL makes DedicatedWorkerHostFactoryImpl use its +|parent_execution_origin_| (renamed to |creator_origin| by this CL) for +starting a dedicated worker instead of an origin passed from a renderer +process. + +This was not feasible before because |parent_execution_origin_| is +provided from parent's |RenderFrameHostImpl::last_committed_origin_| +that is set during navigation commit. Worker creation IPC from the +renderer to browser could race with navigation commit, and could see the +wrong last committed origin. + +Now this is feasible. This is because worker creation IPC is now tied +with RenderFrameHostImpl's BrowserInterfaceBroker that is re-bound +during navigation commit[*]. This ensures that worker creation requests +issued before the navigation commit are discarded by the previous +BrowserInterfaceBroker, and new requests via the new +BrowserInterfaceBroker are scoped to the new last committed origin. + +[*] The call path between binding BrowserInterfaceBroker and updating +the last committed origin is as follows. These are synchronously done. + +- RenderFrameHostImpl::DidCommitNavigation() re-binds the interface broker +https://source.chromium.org/chromium/chromium/src/+/master:content/browser/frame_host/render_frame_host_impl.cc;l=7489;drc=d54ee0c3d25dfc644282b50c5f57e23b7ab4dda4?originalUrl=https:%2F%2Fcs.chromium.org%2F + -> RenderFrameHostImpl::DidCommitNavigationInternal() + -> NavigatorImpl::DidNavigate() + -> RenderFrameHostImpl::DidNavigate() + -> RenderFrameHostImpl::SetLastCommittedOrigin() + +Change-Id: Id69c3d66e50aa8cbb7fee520a1479b28970de1c6 +Bug: 906991, 1030909 +Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1971660 +Reviewed-by: Daniel Cheng +Reviewed-by: Matt Falkenhagen +Commit-Queue: Hiroki Nakagawa +Cr-Commit-Position: refs/heads/master@{#748127} +--- + content/browser/browser_interface_binders.cc | 2 +- + .../worker_host/dedicated_worker_host.cc | 73 +++++++++---------- + .../worker_host/dedicated_worker_host.h | 14 ++-- + .../dedicated_worker_service_impl_unittest.cc | 4 +- + .../dedicated_worker_host_factory_client.cc | 10 +-- + .../dedicated_worker_host_factory_client.h | 5 +- + .../dedicated_worker_host_factory.mojom | 8 -- + ...web_dedicated_worker_host_factory_client.h | 9 +-- + .../renderer/core/workers/dedicated_worker.cc | 6 +- + 9 files changed, 52 insertions(+), 79 deletions(-) + +diff --git a/content/browser/browser_interface_binders.cc b/content/browser/browser_interface_binders.cc +index afe43f19e981f..bd267e47aedc8 100644 +--- a/content/browser/browser_interface_binders.cc ++++ b/content/browser/browser_interface_binders.cc +@@ -748,7 +748,7 @@ RenderFrameHost* GetContextForHost(RenderFrameHostImpl* host) { + + // Dedicated workers + const url::Origin& GetContextForHost(DedicatedWorkerHost* host) { +- return host->GetOrigin(); ++ return host->GetWorkerOrigin(); + } + + void PopulateDedicatedWorkerBinders(DedicatedWorkerHost* host, +diff --git a/content/browser/worker_host/dedicated_worker_host.cc b/content/browser/worker_host/dedicated_worker_host.cc +index 6b32ed5e783bd..fcc4e6ced119d 100644 +--- a/content/browser/worker_host/dedicated_worker_host.cc ++++ b/content/browser/worker_host/dedicated_worker_host.cc +@@ -45,7 +45,7 @@ DedicatedWorkerHost::DedicatedWorkerHost( + RenderProcessHost* worker_process_host, + base::Optional creator_render_frame_host_id, + GlobalFrameRoutingId ancestor_render_frame_host_id, +- const url::Origin& origin, ++ const url::Origin& creator_origin, + const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, + mojo::PendingReceiver host) + : service_(service), +@@ -54,7 +54,10 @@ DedicatedWorkerHost::DedicatedWorkerHost( + scoped_process_host_observer_(this), + creator_render_frame_host_id_(creator_render_frame_host_id), + ancestor_render_frame_host_id_(ancestor_render_frame_host_id), +- origin_(origin), ++ creator_origin_(creator_origin), ++ // TODO(https://crbug.com/1058759): Calculate the worker origin based on ++ // the worker script URL. ++ worker_origin_(creator_origin), + cross_origin_embedder_policy_(cross_origin_embedder_policy), + host_receiver_(this, std::move(host)) { + DCHECK_CURRENTLY_ON(BrowserThread::UI); +@@ -111,7 +114,6 @@ void DedicatedWorkerHost::RenderProcessExited( + + void DedicatedWorkerHost::StartScriptLoad( + const GURL& script_url, +- const url::Origin& request_initiator_origin, + network::mojom::CredentialsMode credentials_mode, + blink::mojom::FetchClientSettingsObjectPtr + outside_fetch_client_settings_object, +@@ -194,7 +196,7 @@ void DedicatedWorkerHost::StartScriptLoad( + // initiator origin to keep consistency with WorkerScriptFetchInitiator, but + // probably this should be calculated based on the worker origin as the + // factories be used for subresource loading on the worker. +- file_url_support_ = request_initiator_origin.scheme() == url::kFileScheme; ++ file_url_support_ = creator_origin_.scheme() == url::kFileScheme; + + service_worker_handle_ = std::make_unique( + storage_partition_impl->GetServiceWorkerContext()); +@@ -210,7 +212,7 @@ void DedicatedWorkerHost::StartScriptLoad( + WorkerScriptFetchInitiator::Start( + worker_process_host_->GetID(), script_url, creator_render_frame_host, + nearest_ancestor_render_frame_host->ComputeSiteForCookies(), +- request_initiator_origin, network_isolation_key_, credentials_mode, ++ creator_origin_, network_isolation_key_, credentials_mode, + std::move(outside_fetch_client_settings_object), + blink::mojom::ResourceType::kWorker, + storage_partition_impl->GetServiceWorkerContext(), +@@ -321,17 +323,18 @@ DedicatedWorkerHost::CreateNetworkFactoryForSubresources( + + network::mojom::URLLoaderFactoryParamsPtr factory_params = + URLLoaderFactoryParamsHelper::CreateForFrame( +- ancestor_render_frame_host, origin_, ++ ancestor_render_frame_host, worker_origin_, + mojo::Clone(ancestor_render_frame_host + ->last_committed_client_security_state()), + std::move(coep_reporter_remote), worker_process_host_); + GetContentClient()->browser()->WillCreateURLLoaderFactory( + worker_process_host_->GetBrowserContext(), + /*frame=*/nullptr, worker_process_host_->GetID(), +- ContentBrowserClient::URLLoaderFactoryType::kWorkerSubResource, origin_, +- /*navigation_id=*/base::nullopt, &default_factory_receiver, +- &factory_params->header_client, bypass_redirect_checks, +- /*disable_secure_dns=*/nullptr, &factory_params->factory_override); ++ ContentBrowserClient::URLLoaderFactoryType::kWorkerSubResource, ++ worker_origin_, /*navigation_id=*/base::nullopt, ++ &default_factory_receiver, &factory_params->header_client, ++ bypass_redirect_checks, /*disable_secure_dns=*/nullptr, ++ &factory_params->factory_override); + + // TODO(nhiroki): Call devtools_instrumentation::WillCreateURLLoaderFactory() + // here. +@@ -370,7 +373,7 @@ void DedicatedWorkerHost::CreateWebSocketConnector( + mojo::MakeSelfOwnedReceiver( + std::make_unique( + ancestor_render_frame_host_id_.child_id, +- ancestor_render_frame_host_id_.frame_routing_id, origin_, ++ ancestor_render_frame_host_id_.frame_routing_id, worker_origin_, + network_isolation_key_), + std::move(receiver)); + } +@@ -385,10 +388,10 @@ void DedicatedWorkerHost::CreateQuicTransportConnector( + // will soon be terminated too, so abort the connection. + return; + } +- mojo::MakeSelfOwnedReceiver( +- std::make_unique( +- worker_process_host_->GetID(), origin_, network_isolation_key_), +- std::move(receiver)); ++ mojo::MakeSelfOwnedReceiver(std::make_unique( ++ worker_process_host_->GetID(), worker_origin_, ++ network_isolation_key_), ++ std::move(receiver)); + } + + void DedicatedWorkerHost::CreateNestedDedicatedWorker( +@@ -398,8 +401,8 @@ void DedicatedWorkerHost::CreateNestedDedicatedWorker( + CreateDedicatedWorkerHostFactory( + worker_process_host_->GetID(), + /*creator_render_frame_host_id_=*/base::nullopt, +- ancestor_render_frame_host_id_, origin_, cross_origin_embedder_policy_, +- std::move(receiver)); ++ ancestor_render_frame_host_id_, worker_origin_, ++ cross_origin_embedder_policy_, std::move(receiver)); + } + + void DedicatedWorkerHost::CreateIdleManager( +@@ -526,19 +529,18 @@ class DedicatedWorkerHostFactoryImpl final + int worker_process_id, + base::Optional creator_render_frame_host_id, + GlobalFrameRoutingId ancestor_render_frame_host_id, +- const url::Origin& parent_context_origin, ++ const url::Origin& creator_origin, + const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy) + : worker_process_id_(worker_process_id), + creator_render_frame_host_id_(creator_render_frame_host_id), + ancestor_render_frame_host_id_(ancestor_render_frame_host_id), +- parent_context_origin_(parent_context_origin), ++ creator_origin_(creator_origin), + cross_origin_embedder_policy_(cross_origin_embedder_policy) { + DCHECK_CURRENTLY_ON(BrowserThread::UI); + } + + // blink::mojom::DedicatedWorkerHostFactory: + void CreateWorkerHost( +- const url::Origin& origin, + mojo::PendingReceiver + broker_receiver, + mojo::PendingReceiver host_receiver) +@@ -564,22 +566,17 @@ class DedicatedWorkerHostFactoryImpl final + DedicatedWorkerServiceImpl* service = + storage_partition->GetDedicatedWorkerService(); + +- // TODO(crbug.com/729021): Once |parent_context_origin_| no longer races +- // with the request for |DedicatedWorkerHostFactory|, enforce that +- // the worker's origin either matches the origin of the creating context +- // (Document or DedicatedWorkerGlobalScope), or is unique. +- // Deletes itself on Mojo disconnection. + auto* host = new DedicatedWorkerHost( + service, service->GenerateNextDedicatedWorkerId(), worker_process_host, +- creator_render_frame_host_id_, ancestor_render_frame_host_id_, origin, +- cross_origin_embedder_policy_, std::move(host_receiver)); ++ creator_render_frame_host_id_, ancestor_render_frame_host_id_, ++ creator_origin_, cross_origin_embedder_policy_, ++ std::move(host_receiver)); + host->BindBrowserInterfaceBrokerReceiver(std::move(broker_receiver)); + } + + // PlzDedicatedWorker: + void CreateWorkerHostAndStartScriptLoad( + const GURL& script_url, +- const url::Origin& request_initiator_origin, + network::mojom::CredentialsMode credentials_mode, + blink::mojom::FetchClientSettingsObjectPtr + outside_fetch_client_settings_object, +@@ -594,6 +591,9 @@ class DedicatedWorkerHostFactoryImpl final + return; + } + ++ // TODO(https://crbug.com/1058759): Compare |creator_origin_| to ++ // |script_url|, and report as bad message if that fails. ++ + auto* worker_process_host = RenderProcessHost::FromID(worker_process_id_); + if (!worker_process_host) { + // Abort if the worker's process host is gone. This means that the calling +@@ -609,15 +609,10 @@ class DedicatedWorkerHostFactoryImpl final + DedicatedWorkerServiceImpl* service = + storage_partition->GetDedicatedWorkerService(); + +- // TODO(crbug.com/729021): Once |parent_context_origin_| no longer races +- // with the request for |DedicatedWorkerHostFactory|, enforce that +- // the worker's origin either matches the origin of the creating context +- // (Document or DedicatedWorkerGlobalScope), or is unique. +- // Deletes itself on Mojo disconnection. + auto* host = new DedicatedWorkerHost( + service, service->GenerateNextDedicatedWorkerId(), worker_process_host, + creator_render_frame_host_id_, ancestor_render_frame_host_id_, +- request_initiator_origin, cross_origin_embedder_policy_, ++ creator_origin_, cross_origin_embedder_policy_, + std::move(host_receiver)); + mojo::PendingRemote broker; + host->BindBrowserInterfaceBrokerReceiver( +@@ -625,8 +620,7 @@ class DedicatedWorkerHostFactoryImpl final + mojo::Remote remote_client( + std::move(client)); + remote_client->OnWorkerHostCreated(std::move(broker)); +- host->StartScriptLoad(script_url, request_initiator_origin, +- credentials_mode, ++ host->StartScriptLoad(script_url, credentials_mode, + std::move(outside_fetch_client_settings_object), + std::move(blob_url_token), std::move(remote_client)); + } +@@ -639,7 +633,7 @@ class DedicatedWorkerHostFactoryImpl final + const base::Optional creator_render_frame_host_id_; + const GlobalFrameRoutingId ancestor_render_frame_host_id_; + +- const url::Origin parent_context_origin_; ++ const url::Origin creator_origin_; + const network::CrossOriginEmbedderPolicy cross_origin_embedder_policy_; + + DISALLOW_COPY_AND_ASSIGN(DedicatedWorkerHostFactoryImpl); +@@ -651,14 +645,15 @@ void CreateDedicatedWorkerHostFactory( + int worker_process_id, + base::Optional creator_render_frame_host_id, + GlobalFrameRoutingId ancestor_render_frame_host_id, +- const url::Origin& origin, ++ const url::Origin& creator_origin, + const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, + mojo::PendingReceiver receiver) { + DCHECK_CURRENTLY_ON(BrowserThread::UI); + mojo::MakeSelfOwnedReceiver( + std::make_unique( + worker_process_id, creator_render_frame_host_id, +- ancestor_render_frame_host_id, origin, cross_origin_embedder_policy), ++ ancestor_render_frame_host_id, creator_origin, ++ cross_origin_embedder_policy), + std::move(receiver)); + } + +diff --git a/content/browser/worker_host/dedicated_worker_host.h b/content/browser/worker_host/dedicated_worker_host.h +index 6dbbc24489961..03bfd609bacfb 100644 +--- a/content/browser/worker_host/dedicated_worker_host.h ++++ b/content/browser/worker_host/dedicated_worker_host.h +@@ -54,7 +54,7 @@ CONTENT_EXPORT void CreateDedicatedWorkerHostFactory( + int worker_process_id, + base::Optional creator_render_frame_host_id, + GlobalFrameRoutingId ancestor_render_frame_host_id, +- const url::Origin& origin, ++ const url::Origin& creator_origin, + const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, + mojo::PendingReceiver receiver); + +@@ -70,7 +70,7 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, + RenderProcessHost* worker_process_host, + base::Optional creator_render_frame_host_id, + GlobalFrameRoutingId ancestor_render_frame_host_id, +- const url::Origin& origin, ++ const url::Origin& creator_origin, + const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, + mojo::PendingReceiver host); + ~DedicatedWorkerHost() final; +@@ -79,7 +79,7 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, + mojo::PendingReceiver receiver); + + RenderProcessHost* GetProcessHost() { return worker_process_host_; } +- const url::Origin& GetOrigin() { return origin_; } ++ const url::Origin& GetWorkerOrigin() { return worker_origin_; } + const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy() + const { + return cross_origin_embedder_policy_; +@@ -114,7 +114,6 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, + // PlzDedicatedWorker: + void StartScriptLoad( + const GURL& script_url, +- const url::Origin& request_initiator_origin, + network::mojom::CredentialsMode credentials_mode, + blink::mojom::FetchClientSettingsObjectPtr + outside_fetch_client_settings_object, +@@ -195,7 +194,12 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, + // of nested workers) indirectly via a tree of dedicated workers. + const GlobalFrameRoutingId ancestor_render_frame_host_id_; + +- const url::Origin origin_; ++ // The origin of the frame or dedicated worker that starts this worker. ++ const url::Origin creator_origin_; ++ ++ // The origin of this worker. ++ // https://html.spec.whatwg.org/C/#concept-settings-object-origin ++ const url::Origin worker_origin_; + + // The network isolation key to be used for both the worker script and the + // worker's subresources. +diff --git a/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc b/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc +index b45156eba475e..a32af85559013 100644 +--- a/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc ++++ b/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc +@@ -36,14 +36,14 @@ class MockDedicatedWorker + + if (base::FeatureList::IsEnabled(blink::features::kPlzDedicatedWorker)) { + factory_->CreateWorkerHostAndStartScriptLoad( +- GURL(), url::Origin(), network::mojom::CredentialsMode::kSameOrigin, ++ /*script_url=*/GURL(), network::mojom::CredentialsMode::kSameOrigin, + blink::mojom::FetchClientSettingsObject::New(), + mojo::PendingRemote(), + receiver_.BindNewPipeAndPassRemote(), + remote_host_.BindNewPipeAndPassReceiver()); + } else { + factory_->CreateWorkerHost( +- url::Origin(), browser_interface_broker_.BindNewPipeAndPassReceiver(), ++ browser_interface_broker_.BindNewPipeAndPassReceiver(), + remote_host_.BindNewPipeAndPassReceiver()); + } + } +diff --git a/content/renderer/worker/dedicated_worker_host_factory_client.cc b/content/renderer/worker/dedicated_worker_host_factory_client.cc +index 2d39b94a0fe46..d0c2f2a40bcce 100644 +--- a/content/renderer/worker/dedicated_worker_host_factory_client.cc ++++ b/content/renderer/worker/dedicated_worker_host_factory_client.cc +@@ -18,7 +18,6 @@ + #include "third_party/blink/public/mojom/service_worker/service_worker_provider.mojom.h" + #include "third_party/blink/public/mojom/worker/worker_main_script_load_params.mojom.h" + #include "third_party/blink/public/platform/web_dedicated_worker.h" +-#include "third_party/blink/public/platform/web_security_origin.h" + #include "third_party/blink/public/platform/web_url.h" + + namespace content { +@@ -32,28 +31,25 @@ DedicatedWorkerHostFactoryClient::DedicatedWorkerHostFactoryClient( + + DedicatedWorkerHostFactoryClient::~DedicatedWorkerHostFactoryClient() = default; + +-void DedicatedWorkerHostFactoryClient::CreateWorkerHostDeprecated( +- const blink::WebSecurityOrigin& script_origin) { ++void DedicatedWorkerHostFactoryClient::CreateWorkerHostDeprecated() { + DCHECK(!base::FeatureList::IsEnabled(blink::features::kPlzDedicatedWorker)); + mojo::PendingRemote + browser_interface_broker; + factory_->CreateWorkerHost( +- script_origin, browser_interface_broker.InitWithNewPipeAndPassReceiver(), ++ browser_interface_broker.InitWithNewPipeAndPassReceiver(), + remote_host_.BindNewPipeAndPassReceiver()); + OnWorkerHostCreated(std::move(browser_interface_broker)); + } + + void DedicatedWorkerHostFactoryClient::CreateWorkerHost( + const blink::WebURL& script_url, +- const blink::WebSecurityOrigin& script_origin, + network::mojom::CredentialsMode credentials_mode, +- const blink::WebSecurityOrigin& fetch_client_security_origin, + const blink::WebFetchClientSettingsObject& fetch_client_settings_object, + mojo::ScopedMessagePipeHandle blob_url_token) { + DCHECK(base::FeatureList::IsEnabled(blink::features::kPlzDedicatedWorker)); + + factory_->CreateWorkerHostAndStartScriptLoad( +- script_url, script_origin, credentials_mode, ++ script_url, credentials_mode, + FetchClientSettingsObjectFromWebToMojom(fetch_client_settings_object), + mojo::PendingRemote( + std::move(blob_url_token), blink::mojom::BlobURLToken::Version_), +diff --git a/content/renderer/worker/dedicated_worker_host_factory_client.h b/content/renderer/worker/dedicated_worker_host_factory_client.h +index b851aa99b8ccb..2413a049c4eb5 100644 +--- a/content/renderer/worker/dedicated_worker_host_factory_client.h ++++ b/content/renderer/worker/dedicated_worker_host_factory_client.h +@@ -43,13 +43,10 @@ class DedicatedWorkerHostFactoryClient final + ~DedicatedWorkerHostFactoryClient() override; + + // Implements blink::WebDedicatedWorkerHostFactoryClient. +- void CreateWorkerHostDeprecated( +- const blink::WebSecurityOrigin& script_origin) override; ++ void CreateWorkerHostDeprecated() override; + void CreateWorkerHost( + const blink::WebURL& script_url, +- const blink::WebSecurityOrigin& script_origin, + network::mojom::CredentialsMode credentials_mode, +- const blink::WebSecurityOrigin& fetch_client_security_origin, + const blink::WebFetchClientSettingsObject& fetch_client_settings_object, + mojo::ScopedMessagePipeHandle blob_url_token) override; + scoped_refptr CloneWorkerFetchContext( +diff --git a/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom b/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom +index 7c6ca2eff2ee0..831bfa8ec5932 100644 +--- a/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom ++++ b/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom +@@ -14,7 +14,6 @@ import "third_party/blink/public/mojom/worker/dedicated_worker_host.mojom"; + import "third_party/blink/public/mojom/worker/worker_main_script_load_params.mojom"; + import "third_party/blink/public/mojom/service_worker/controller_service_worker.mojom"; + import "third_party/blink/public/mojom/service_worker/service_worker_provider.mojom"; +-import "url/mojom/origin.mojom"; + import "url/mojom/url.mojom"; + + // The name of the InterfaceProviderSpec in service manifests used by the +@@ -74,11 +73,7 @@ interface DedicatedWorkerHostFactory { + // + // Creates a new DedicatedWorkerHost, and requests |browser_interface_broker| + // to provide the worker access to mojo interfaces. +- // |origin| must either be +- // unique or match the origin of the creating context (Document or +- // DedicatedWorkerGlobalScope). + CreateWorkerHost( +- url.mojom.Origin origin, + pending_receiver + browser_interface_broker, + pending_receiver host); +@@ -90,14 +85,11 @@ interface DedicatedWorkerHostFactory { + // Creates a new DedicatedWorkerHost, and requests to start top-level worker + // script loading for |script_url| using |credentials_mode| and + // |outside_fetch_client_settings_object|. +- // |origin| must either be unique or match the origin of the creating context +- // (Document or DedicatedWorkerGlobalScope). + // |blob_url_token| should be non-null when |script_url| is a blob URL. + // |client| is used for notifying the renderer process of results of worker + // host creation and script loading. + CreateWorkerHostAndStartScriptLoad( + url.mojom.Url script_url, +- url.mojom.Origin origin, + network.mojom.CredentialsMode credentials_mode, + blink.mojom.FetchClientSettingsObject + outside_fetch_client_settings_object, +diff --git a/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h b/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h +index f9e6265f056dc..d40e35a70b18e 100644 +--- a/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h ++++ b/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h +@@ -18,7 +18,6 @@ class SingleThreadTaskRunner; + + namespace blink { + +-class WebSecurityOrigin; + class WebURL; + class WebWorkerFetchContext; + +@@ -31,17 +30,11 @@ class WebDedicatedWorkerHostFactoryClient { + // Requests the creation of DedicatedWorkerHost in the browser process. + // For non-PlzDedicatedWorker. This will be removed once PlzDedicatedWorker is + // enabled by default. +- virtual void CreateWorkerHostDeprecated( +- const blink::WebSecurityOrigin& script_origin) = 0; ++ virtual void CreateWorkerHostDeprecated() = 0; + // For PlzDedicatedWorker. +- // |fetch_client_security_origin| is intentionally separated from +- // |fetch_client_settings_object| as it shouldn't be passed from renderer +- // process from the security perspective. + virtual void CreateWorkerHost( + const blink::WebURL& script_url, +- const blink::WebSecurityOrigin& script_origin, + network::mojom::CredentialsMode credentials_mode, +- const blink::WebSecurityOrigin& fetch_client_security_origin, + const blink::WebFetchClientSettingsObject& fetch_client_settings_object, + mojo::ScopedMessagePipeHandle blob_url_token) = 0; + +diff --git a/third_party/blink/renderer/core/workers/dedicated_worker.cc b/third_party/blink/renderer/core/workers/dedicated_worker.cc +index 9993078d72e89..08b258739deb2 100644 +--- a/third_party/blink/renderer/core/workers/dedicated_worker.cc ++++ b/third_party/blink/renderer/core/workers/dedicated_worker.cc +@@ -194,18 +194,14 @@ void DedicatedWorker::Start() { + + factory_client_->CreateWorkerHost( + script_request_url_, +- WebSecurityOrigin(GetExecutionContext()->GetSecurityOrigin()), + credentials_mode, +- WebSecurityOrigin( +- outside_fetch_client_settings_object_->GetSecurityOrigin()), + WebFetchClientSettingsObject(*outside_fetch_client_settings_object_), + blob_url_token.PassPipe()); + // Continue in OnScriptLoadStarted() or OnScriptLoadStartFailed(). + return; + } + +- factory_client_->CreateWorkerHostDeprecated( +- WebSecurityOrigin(GetExecutionContext()->GetSecurityOrigin())); ++ factory_client_->CreateWorkerHostDeprecated(); + + if (options_->type() == "classic") { + // Legacy code path (to be deprecated, see https://crbug.com/835717): From 9b77bd9731c3ba7b74ff25efa5b74158749aa129 Mon Sep 17 00:00:00 2001 From: Jeremy Apthorp Date: Thu, 9 Apr 2020 16:36:30 -0700 Subject: [PATCH 2/3] resolve patch conflicts --- patches/chromium/.patches | 2 +- ...gin_for_starting_a_dedicated_worker.patch} | 406 +++++++----------- 2 files changed, 162 insertions(+), 246 deletions(-) rename patches/chromium/{cherry-pick-e246871765f5.patch => worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch} (50%) diff --git a/patches/chromium/.patches b/patches/chromium/.patches index 60fd4156e898b..6e3d8e5142e13 100644 --- a/patches/chromium/.patches +++ b/patches/chromium/.patches @@ -107,4 +107,4 @@ mojovideoencodeacceleratorservice_handle_potential_later.patch speculative_fix_for_crashes_in_filechooserimpl.patch reland_sequentialise_access_to_callbacks_in.patch handle_err_cache_race_in_dodoneheadersaddtoentrycomplete.patch -cherry-pick-e246871765f5.patch +worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch diff --git a/patches/chromium/cherry-pick-e246871765f5.patch b/patches/chromium/worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch similarity index 50% rename from patches/chromium/cherry-pick-e246871765f5.patch rename to patches/chromium/worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch index 9da6ef9a35f35..e2790f7f3acd1 100644 --- a/patches/chromium/cherry-pick-e246871765f5.patch +++ b/patches/chromium/worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch @@ -1,8 +1,7 @@ -From e246871765f5fb2dbe0f9b05726f63745dee03fc Mon Sep 17 00:00:00 2001 +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Hiroki Nakagawa Date: Mon, 9 Mar 2020 07:07:57 +0000 -Subject: [PATCH] Worker: Stop passing creator's origin for starting a - dedicated worker +Subject: Worker: Stop passing creator's origin for starting a dedicated worker This CL makes DedicatedWorkerHostFactoryImpl use its |parent_execution_origin_| (renamed to |creator_origin| by this CL) for @@ -39,23 +38,12 @@ Reviewed-by: Daniel Cheng Reviewed-by: Matt Falkenhagen Commit-Queue: Hiroki Nakagawa Cr-Commit-Position: refs/heads/master@{#748127} ---- - content/browser/browser_interface_binders.cc | 2 +- - .../worker_host/dedicated_worker_host.cc | 73 +++++++++---------- - .../worker_host/dedicated_worker_host.h | 14 ++-- - .../dedicated_worker_service_impl_unittest.cc | 4 +- - .../dedicated_worker_host_factory_client.cc | 10 +-- - .../dedicated_worker_host_factory_client.h | 5 +- - .../dedicated_worker_host_factory.mojom | 8 -- - ...web_dedicated_worker_host_factory_client.h | 9 +-- - .../renderer/core/workers/dedicated_worker.cc | 6 +- - 9 files changed, 52 insertions(+), 79 deletions(-) diff --git a/content/browser/browser_interface_binders.cc b/content/browser/browser_interface_binders.cc -index afe43f19e981f..bd267e47aedc8 100644 +index f9d3d6f5135f1b98220d6c7e21a9ae16797857a1..7ef518d069b9dbddb2bc74971bdde82b58056f44 100644 --- a/content/browser/browser_interface_binders.cc +++ b/content/browser/browser_interface_binders.cc -@@ -748,7 +748,7 @@ RenderFrameHost* GetContextForHost(RenderFrameHostImpl* host) { +@@ -60,7 +60,7 @@ RenderFrameHost* GetContextForHost(RenderFrameHostImpl* host) { // Dedicated workers const url::Origin& GetContextForHost(DedicatedWorkerHost* host) { @@ -65,31 +53,28 @@ index afe43f19e981f..bd267e47aedc8 100644 void PopulateDedicatedWorkerBinders(DedicatedWorkerHost* host, diff --git a/content/browser/worker_host/dedicated_worker_host.cc b/content/browser/worker_host/dedicated_worker_host.cc -index 6b32ed5e783bd..fcc4e6ced119d 100644 +index c4287066bcae159f52f11a070da22250e6a6f76e..cb66f432829251c5cc52e0e6408688159511ab97 100644 --- a/content/browser/worker_host/dedicated_worker_host.cc +++ b/content/browser/worker_host/dedicated_worker_host.cc -@@ -45,7 +45,7 @@ DedicatedWorkerHost::DedicatedWorkerHost( - RenderProcessHost* worker_process_host, - base::Optional creator_render_frame_host_id, - GlobalFrameRoutingId ancestor_render_frame_host_id, +@@ -39,12 +39,15 @@ DedicatedWorkerHost::DedicatedWorkerHost( + int worker_process_id, + int ancestor_render_frame_id, + int creator_render_frame_id, - const url::Origin& origin, + const url::Origin& creator_origin, - const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, mojo::PendingReceiver host) - : service_(service), -@@ -54,7 +54,10 @@ DedicatedWorkerHost::DedicatedWorkerHost( - scoped_process_host_observer_(this), - creator_render_frame_host_id_(creator_render_frame_host_id), - ancestor_render_frame_host_id_(ancestor_render_frame_host_id), + : worker_process_id_(worker_process_id), + ancestor_render_frame_id_(ancestor_render_frame_id), + creator_render_frame_id_(creator_render_frame_id), - origin_(origin), + creator_origin_(creator_origin), + // TODO(https://crbug.com/1058759): Calculate the worker origin based on + // the worker script URL. + worker_origin_(creator_origin), - cross_origin_embedder_policy_(cross_origin_embedder_policy), host_receiver_(this, std::move(host)) { DCHECK_CURRENTLY_ON(BrowserThread::UI); -@@ -111,7 +114,6 @@ void DedicatedWorkerHost::RenderProcessExited( + RegisterMojoInterfaces(); +@@ -96,7 +99,6 @@ void DedicatedWorkerHost::LifecycleStateChanged( void DedicatedWorkerHost::StartScriptLoad( const GURL& script_url, @@ -97,124 +82,96 @@ index 6b32ed5e783bd..fcc4e6ced119d 100644 network::mojom::CredentialsMode credentials_mode, blink::mojom::FetchClientSettingsObjectPtr outside_fetch_client_settings_object, -@@ -194,7 +196,7 @@ void DedicatedWorkerHost::StartScriptLoad( - // initiator origin to keep consistency with WorkerScriptFetchInitiator, but - // probably this should be calculated based on the worker origin as the - // factories be used for subresource loading on the worker. -- file_url_support_ = request_initiator_origin.scheme() == url::kFileScheme; -+ file_url_support_ = creator_origin_.scheme() == url::kFileScheme; - - service_worker_handle_ = std::make_unique( - storage_partition_impl->GetServiceWorkerContext()); -@@ -210,7 +212,7 @@ void DedicatedWorkerHost::StartScriptLoad( +@@ -205,7 +207,7 @@ void DedicatedWorkerHost::StartScriptLoad( + WorkerScriptFetchInitiator::Start( - worker_process_host_->GetID(), script_url, creator_render_frame_host, - nearest_ancestor_render_frame_host->ComputeSiteForCookies(), + worker_process_id_, script_url, creator_render_frame_host, - request_initiator_origin, network_isolation_key_, credentials_mode, + creator_origin_, network_isolation_key_, credentials_mode, - std::move(outside_fetch_client_settings_object), - blink::mojom::ResourceType::kWorker, + std::move(outside_fetch_client_settings_object), ResourceType::kWorker, storage_partition_impl->GetServiceWorkerContext(), -@@ -321,17 +323,18 @@ DedicatedWorkerHost::CreateNetworkFactoryForSubresources( - - network::mojom::URLLoaderFactoryParamsPtr factory_params = - URLLoaderFactoryParamsHelper::CreateForFrame( -- ancestor_render_frame_host, origin_, -+ ancestor_render_frame_host, worker_origin_, - mojo::Clone(ancestor_render_frame_host - ->last_committed_client_security_state()), - std::move(coep_reporter_remote), worker_process_host_); + service_worker_handle_.get(), +@@ -323,7 +325,7 @@ DedicatedWorkerHost::CreateNetworkFactoryForSubresources( GetContentClient()->browser()->WillCreateURLLoaderFactory( - worker_process_host_->GetBrowserContext(), - /*frame=*/nullptr, worker_process_host_->GetID(), + storage_partition_impl->browser_context(), + /*frame=*/nullptr, worker_process_id_, - ContentBrowserClient::URLLoaderFactoryType::kWorkerSubResource, origin_, -- /*navigation_id=*/base::nullopt, &default_factory_receiver, -- &factory_params->header_client, bypass_redirect_checks, -- /*disable_secure_dns=*/nullptr, &factory_params->factory_override); -+ ContentBrowserClient::URLLoaderFactoryType::kWorkerSubResource, -+ worker_origin_, /*navigation_id=*/base::nullopt, -+ &default_factory_receiver, &factory_params->header_client, -+ bypass_redirect_checks, /*disable_secure_dns=*/nullptr, -+ &factory_params->factory_override); - - // TODO(nhiroki): Call devtools_instrumentation::WillCreateURLLoaderFactory() ++ ContentBrowserClient::URLLoaderFactoryType::kWorkerSubResource, worker_origin_, + &default_factory_receiver, &default_header_client, + bypass_redirect_checks); + +@@ -331,7 +333,7 @@ DedicatedWorkerHost::CreateNetworkFactoryForSubresources( // here. -@@ -370,7 +373,7 @@ void DedicatedWorkerHost::CreateWebSocketConnector( + + worker_process_host->CreateURLLoaderFactory( +- origin_, ancestor_render_frame_host->cross_origin_embedder_policy(), ++ worker_origin_, ancestor_render_frame_host->cross_origin_embedder_policy(), + /*preferences=*/nullptr, network_isolation_key_, + std::move(default_header_client), std::move(default_factory_receiver)); + +@@ -366,7 +368,7 @@ void DedicatedWorkerHost::CreateWebSocketConnector( + } mojo::MakeSelfOwnedReceiver( std::make_unique( - ancestor_render_frame_host_id_.child_id, -- ancestor_render_frame_host_id_.frame_routing_id, origin_, -+ ancestor_render_frame_host_id_.frame_routing_id, worker_origin_, - network_isolation_key_), +- worker_process_id_, ancestor_render_frame_id_, origin_), ++ worker_process_id_, ancestor_render_frame_id_, worker_origin_), std::move(receiver)); } -@@ -385,10 +388,10 @@ void DedicatedWorkerHost::CreateQuicTransportConnector( - // will soon be terminated too, so abort the connection. - return; - } -- mojo::MakeSelfOwnedReceiver( -- std::make_unique( -- worker_process_host_->GetID(), origin_, network_isolation_key_), -- std::move(receiver)); -+ mojo::MakeSelfOwnedReceiver(std::make_unique( -+ worker_process_host_->GetID(), worker_origin_, -+ network_isolation_key_), -+ std::move(receiver)); + +@@ -376,7 +378,7 @@ void DedicatedWorkerHost::CreateNestedDedicatedWorker( + CreateDedicatedWorkerHostFactory(worker_process_id_, + ancestor_render_frame_id_, + /*creator_render_frame_id=*/MSG_ROUTING_NONE, +- origin_, std::move(receiver)); ++ worker_origin_, std::move(receiver)); } - void DedicatedWorkerHost::CreateNestedDedicatedWorker( -@@ -398,8 +401,8 @@ void DedicatedWorkerHost::CreateNestedDedicatedWorker( - CreateDedicatedWorkerHostFactory( - worker_process_host_->GetID(), - /*creator_render_frame_host_id_=*/base::nullopt, -- ancestor_render_frame_host_id_, origin_, cross_origin_embedder_policy_, -- std::move(receiver)); -+ ancestor_render_frame_host_id_, worker_origin_, -+ cross_origin_embedder_policy_, std::move(receiver)); + void DedicatedWorkerHost::BindFileSystemManager( +@@ -385,7 +387,7 @@ void DedicatedWorkerHost::BindFileSystemManager( + RenderProcessHost* worker_process_host = GetProcessHost(); + if (!worker_process_host) + return; +- worker_process_host->BindFileSystemManager(GetOrigin(), std::move(receiver)); ++ worker_process_host->BindFileSystemManager(worker_origin_, std::move(receiver)); } void DedicatedWorkerHost::CreateIdleManager( -@@ -526,19 +529,18 @@ class DedicatedWorkerHostFactoryImpl final - int worker_process_id, - base::Optional creator_render_frame_host_id, - GlobalFrameRoutingId ancestor_render_frame_host_id, -- const url::Origin& parent_context_origin, -+ const url::Origin& creator_origin, - const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy) - : worker_process_id_(worker_process_id), - creator_render_frame_host_id_(creator_render_frame_host_id), - ancestor_render_frame_host_id_(ancestor_render_frame_host_id), -- parent_context_origin_(parent_context_origin), -+ creator_origin_(creator_origin), - cross_origin_embedder_policy_(cross_origin_embedder_policy) { +@@ -426,17 +428,16 @@ class DedicatedWorkerHostFactoryImpl final + DedicatedWorkerHostFactoryImpl(int creator_process_id, + int ancestor_render_frame_id, + int creator_render_frame_id, +- const url::Origin& parent_context_origin) ++ const url::Origin& creator_origin) + : creator_process_id_(creator_process_id), + ancestor_render_frame_id_(ancestor_render_frame_id), + creator_render_frame_id_(creator_render_frame_id), +- parent_context_origin_(parent_context_origin) { ++ creator_origin_(creator_origin) { DCHECK_CURRENTLY_ON(BrowserThread::UI); } // blink::mojom::DedicatedWorkerHostFactory: void CreateWorkerHost( - const url::Origin& origin, + service_manager::mojom::InterfaceProviderRequest request, mojo::PendingReceiver broker_receiver, - mojo::PendingReceiver host_receiver) -@@ -564,22 +566,17 @@ class DedicatedWorkerHostFactoryImpl final - DedicatedWorkerServiceImpl* service = - storage_partition->GetDedicatedWorkerService(); +@@ -448,13 +449,9 @@ class DedicatedWorkerHostFactoryImpl final + return; + } - // TODO(crbug.com/729021): Once |parent_context_origin_| no longer races - // with the request for |DedicatedWorkerHostFactory|, enforce that - // the worker's origin either matches the origin of the creating context - // (Document or DedicatedWorkerGlobalScope), or is unique. -- // Deletes itself on Mojo disconnection. - auto* host = new DedicatedWorkerHost( - service, service->GenerateNextDedicatedWorkerId(), worker_process_host, -- creator_render_frame_host_id_, ancestor_render_frame_host_id_, origin, -- cross_origin_embedder_policy_, std::move(host_receiver)); -+ creator_render_frame_host_id_, ancestor_render_frame_host_id_, -+ creator_origin_, cross_origin_embedder_policy_, -+ std::move(host_receiver)); + auto host = std::make_unique( + creator_process_id_, ancestor_render_frame_id_, +- creator_render_frame_id_, origin, std::move(host_receiver)); ++ creator_render_frame_id_, creator_origin_, std::move(host_receiver)); host->BindBrowserInterfaceBrokerReceiver(std::move(broker_receiver)); - } - + mojo::MakeStrongBinding(std::move(host), + FilterRendererExposedInterfaces( +@@ -465,7 +462,6 @@ class DedicatedWorkerHostFactoryImpl final // PlzDedicatedWorker: void CreateWorkerHostAndStartScriptLoad( const GURL& script_url, @@ -222,102 +179,78 @@ index 6b32ed5e783bd..fcc4e6ced119d 100644 network::mojom::CredentialsMode credentials_mode, blink::mojom::FetchClientSettingsObjectPtr outside_fetch_client_settings_object, -@@ -594,6 +591,9 @@ class DedicatedWorkerHostFactoryImpl final - return; - } - -+ // TODO(https://crbug.com/1058759): Compare |creator_origin_| to -+ // |script_url|, and report as bad message if that fails. -+ - auto* worker_process_host = RenderProcessHost::FromID(worker_process_id_); - if (!worker_process_host) { - // Abort if the worker's process host is gone. This means that the calling -@@ -609,15 +609,10 @@ class DedicatedWorkerHostFactoryImpl final - DedicatedWorkerServiceImpl* service = - storage_partition->GetDedicatedWorkerService(); +@@ -482,14 +478,9 @@ class DedicatedWorkerHostFactoryImpl final + // Create a worker host that will start a new dedicated worker in the + // renderer process whose ID is |creator_process_id_|. +- // - // TODO(crbug.com/729021): Once |parent_context_origin_| no longer races - // with the request for |DedicatedWorkerHostFactory|, enforce that - // the worker's origin either matches the origin of the creating context - // (Document or DedicatedWorkerGlobalScope), or is unique. -- // Deletes itself on Mojo disconnection. - auto* host = new DedicatedWorkerHost( - service, service->GenerateNextDedicatedWorkerId(), worker_process_host, - creator_render_frame_host_id_, ancestor_render_frame_host_id_, -- request_initiator_origin, cross_origin_embedder_policy_, -+ creator_origin_, cross_origin_embedder_policy_, + auto host = std::make_unique( + creator_process_id_, ancestor_render_frame_id_, +- creator_render_frame_id_, request_initiator_origin, ++ creator_render_frame_id_, creator_origin_, std::move(host_receiver)); mojo::PendingRemote broker; host->BindBrowserInterfaceBrokerReceiver( -@@ -625,8 +620,7 @@ class DedicatedWorkerHostFactoryImpl final - mojo::Remote remote_client( - std::move(client)); - remote_client->OnWorkerHostCreated(std::move(broker)); -- host->StartScriptLoad(script_url, request_initiator_origin, -- credentials_mode, -+ host->StartScriptLoad(script_url, credentials_mode, - std::move(outside_fetch_client_settings_object), - std::move(blob_url_token), std::move(remote_client)); +@@ -507,7 +498,7 @@ class DedicatedWorkerHostFactoryImpl final + remote_client->OnWorkerHostCreated(std::move(interface_provider), + std::move(broker)); + host_raw->StartScriptLoad( +- script_url, request_initiator_origin, credentials_mode, ++ script_url, credentials_mode, + std::move(outside_fetch_client_settings_object), + std::move(blob_url_token), std::move(remote_client)); } -@@ -639,7 +633,7 @@ class DedicatedWorkerHostFactoryImpl final - const base::Optional creator_render_frame_host_id_; - const GlobalFrameRoutingId ancestor_render_frame_host_id_; - -- const url::Origin parent_context_origin_; -+ const url::Origin creator_origin_; - const network::CrossOriginEmbedderPolicy cross_origin_embedder_policy_; - - DISALLOW_COPY_AND_ASSIGN(DedicatedWorkerHostFactoryImpl); -@@ -651,14 +645,15 @@ void CreateDedicatedWorkerHostFactory( - int worker_process_id, - base::Optional creator_render_frame_host_id, - GlobalFrameRoutingId ancestor_render_frame_host_id, +@@ -529,12 +520,12 @@ void CreateDedicatedWorkerHostFactory( + int creator_process_id, + int ancestor_render_frame_id, + int creator_render_frame_id, - const url::Origin& origin, + const url::Origin& creator_origin, - const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, mojo::PendingReceiver receiver) { DCHECK_CURRENTLY_ON(BrowserThread::UI); - mojo::MakeSelfOwnedReceiver( - std::make_unique( - worker_process_id, creator_render_frame_host_id, -- ancestor_render_frame_host_id, origin, cross_origin_embedder_policy), -+ ancestor_render_frame_host_id, creator_origin, -+ cross_origin_embedder_policy), - std::move(receiver)); + mojo::MakeSelfOwnedReceiver(std::make_unique( + creator_process_id, ancestor_render_frame_id, +- creator_render_frame_id, origin), ++ creator_render_frame_id, creator_origin), + std::move(receiver)); } diff --git a/content/browser/worker_host/dedicated_worker_host.h b/content/browser/worker_host/dedicated_worker_host.h -index 6dbbc24489961..03bfd609bacfb 100644 +index 4e56abf3ad76671469082c9c1820cc971d8c3843..f159b04f1cacf5cc0c7ad0ec173ce5da1f73047b 100644 --- a/content/browser/worker_host/dedicated_worker_host.h +++ b/content/browser/worker_host/dedicated_worker_host.h -@@ -54,7 +54,7 @@ CONTENT_EXPORT void CreateDedicatedWorkerHostFactory( - int worker_process_id, - base::Optional creator_render_frame_host_id, - GlobalFrameRoutingId ancestor_render_frame_host_id, +@@ -35,7 +35,7 @@ void CreateDedicatedWorkerHostFactory( + int creator_process_id, + int ancestor_render_frame_id, + int creator_render_frame_id, - const url::Origin& origin, + const url::Origin& creator_origin, - const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, mojo::PendingReceiver receiver); -@@ -70,7 +70,7 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, - RenderProcessHost* worker_process_host, - base::Optional creator_render_frame_host_id, - GlobalFrameRoutingId ancestor_render_frame_host_id, + // A host for a single dedicated worker. Its lifetime is managed by the +@@ -49,7 +49,7 @@ class DedicatedWorkerHost final + int worker_process_id, + int ancestor_render_frame_id, + int creator_render_frame_id, - const url::Origin& origin, + const url::Origin& creator_origin, - const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy, mojo::PendingReceiver host); ~DedicatedWorkerHost() final; -@@ -79,7 +79,7 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, - mojo::PendingReceiver receiver); - RenderProcessHost* GetProcessHost() { return worker_process_host_; } +@@ -60,7 +60,7 @@ class DedicatedWorkerHost final + RenderProcessHost* GetProcessHost() { + return RenderProcessHost::FromID(worker_process_id_); + } - const url::Origin& GetOrigin() { return origin_; } + const url::Origin& GetWorkerOrigin() { return worker_origin_; } - const network::CrossOriginEmbedderPolicy& cross_origin_embedder_policy() - const { - return cross_origin_embedder_policy_; -@@ -114,7 +114,6 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, + + void BindFileSystemManager( + mojo::PendingReceiver receiver); +@@ -82,7 +82,6 @@ class DedicatedWorkerHost final // PlzDedicatedWorker: void StartScriptLoad( const GURL& script_url, @@ -325,9 +258,9 @@ index 6dbbc24489961..03bfd609bacfb 100644 network::mojom::CredentialsMode credentials_mode, blink::mojom::FetchClientSettingsObjectPtr outside_fetch_client_settings_object, -@@ -195,7 +194,12 @@ class DedicatedWorkerHost final : public blink::mojom::DedicatedWorkerHost, - // of nested workers) indirectly via a tree of dedicated workers. - const GlobalFrameRoutingId ancestor_render_frame_host_id_; +@@ -145,7 +144,12 @@ class DedicatedWorkerHost final + // MSG_ROUTING_NONE when this worker is nested. + const int creator_render_frame_id_; - const url::Origin origin_; + // The origin of the frame or dedicated worker that starts this worker. @@ -339,32 +272,11 @@ index 6dbbc24489961..03bfd609bacfb 100644 // The network isolation key to be used for both the worker script and the // worker's subresources. -diff --git a/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc b/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc -index b45156eba475e..a32af85559013 100644 ---- a/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc -+++ b/content/browser/worker_host/dedicated_worker_service_impl_unittest.cc -@@ -36,14 +36,14 @@ class MockDedicatedWorker - - if (base::FeatureList::IsEnabled(blink::features::kPlzDedicatedWorker)) { - factory_->CreateWorkerHostAndStartScriptLoad( -- GURL(), url::Origin(), network::mojom::CredentialsMode::kSameOrigin, -+ /*script_url=*/GURL(), network::mojom::CredentialsMode::kSameOrigin, - blink::mojom::FetchClientSettingsObject::New(), - mojo::PendingRemote(), - receiver_.BindNewPipeAndPassRemote(), - remote_host_.BindNewPipeAndPassReceiver()); - } else { - factory_->CreateWorkerHost( -- url::Origin(), browser_interface_broker_.BindNewPipeAndPassReceiver(), -+ browser_interface_broker_.BindNewPipeAndPassReceiver(), - remote_host_.BindNewPipeAndPassReceiver()); - } - } diff --git a/content/renderer/worker/dedicated_worker_host_factory_client.cc b/content/renderer/worker/dedicated_worker_host_factory_client.cc -index 2d39b94a0fe46..d0c2f2a40bcce 100644 +index 9272a5799b6a59a93b358398f85f6f4ba643e5c2..9571677bf94ec3b55fa9fa89bcabb14e006a29f5 100644 --- a/content/renderer/worker/dedicated_worker_host_factory_client.cc +++ b/content/renderer/worker/dedicated_worker_host_factory_client.cc -@@ -18,7 +18,6 @@ +@@ -17,7 +17,6 @@ #include "third_party/blink/public/mojom/service_worker/service_worker_provider.mojom.h" #include "third_party/blink/public/mojom/worker/worker_main_script_load_params.mojom.h" #include "third_party/blink/public/platform/web_dedicated_worker.h" @@ -372,7 +284,7 @@ index 2d39b94a0fe46..d0c2f2a40bcce 100644 #include "third_party/blink/public/platform/web_url.h" namespace content { -@@ -32,28 +31,25 @@ DedicatedWorkerHostFactoryClient::DedicatedWorkerHostFactoryClient( +@@ -32,14 +31,13 @@ DedicatedWorkerHostFactoryClient::DedicatedWorkerHostFactoryClient( DedicatedWorkerHostFactoryClient::~DedicatedWorkerHostFactoryClient() = default; @@ -380,35 +292,39 @@ index 2d39b94a0fe46..d0c2f2a40bcce 100644 - const blink::WebSecurityOrigin& script_origin) { +void DedicatedWorkerHostFactoryClient::CreateWorkerHostDeprecated() { DCHECK(!base::FeatureList::IsEnabled(blink::features::kPlzDedicatedWorker)); + service_manager::mojom::InterfaceProviderPtr interface_provider_ptr; mojo::PendingRemote browser_interface_broker; factory_->CreateWorkerHost( -- script_origin, browser_interface_broker.InitWithNewPipeAndPassReceiver(), -+ browser_interface_broker.InitWithNewPipeAndPassReceiver(), +- script_origin, mojo::MakeRequest(&interface_provider_ptr), ++ mojo::MakeRequest(&interface_provider_ptr), + browser_interface_broker.InitWithNewPipeAndPassReceiver(), remote_host_.BindNewPipeAndPassReceiver()); - OnWorkerHostCreated(std::move(browser_interface_broker)); - } + OnWorkerHostCreated(std::move(interface_provider_ptr), +@@ -48,9 +46,7 @@ void DedicatedWorkerHostFactoryClient::CreateWorkerHostDeprecated( void DedicatedWorkerHostFactoryClient::CreateWorkerHost( const blink::WebURL& script_url, - const blink::WebSecurityOrigin& script_origin, network::mojom::CredentialsMode credentials_mode, - const blink::WebSecurityOrigin& fetch_client_security_origin, - const blink::WebFetchClientSettingsObject& fetch_client_settings_object, - mojo::ScopedMessagePipeHandle blob_url_token) { - DCHECK(base::FeatureList::IsEnabled(blink::features::kPlzDedicatedWorker)); + network::mojom::ReferrerPolicy fetch_client_referrer_policy, + const blink::WebURL& fetch_client_outgoing_referrer, + const blink::WebInsecureRequestPolicy fetch_client_insecure_request_policy, +@@ -69,7 +65,7 @@ void DedicatedWorkerHostFactoryClient::CreateWorkerHost( + : blink::mojom::InsecureRequestsPolicy::kDoNotUpgrade; factory_->CreateWorkerHostAndStartScriptLoad( - script_url, script_origin, credentials_mode, + script_url, credentials_mode, - FetchClientSettingsObjectFromWebToMojom(fetch_client_settings_object), + std::move(outside_fetch_client_settings_object), mojo::PendingRemote( std::move(blob_url_token), blink::mojom::BlobURLToken::Version_), diff --git a/content/renderer/worker/dedicated_worker_host_factory_client.h b/content/renderer/worker/dedicated_worker_host_factory_client.h -index b851aa99b8ccb..2413a049c4eb5 100644 +index 9692cce45ac8369367cd4dbc5d75888512806294..a4f4ae4a9599b67f96f42814cc9f9cb2cdbeb016 100644 --- a/content/renderer/worker/dedicated_worker_host_factory_client.h +++ b/content/renderer/worker/dedicated_worker_host_factory_client.h -@@ -43,13 +43,10 @@ class DedicatedWorkerHostFactoryClient final +@@ -42,13 +42,10 @@ class DedicatedWorkerHostFactoryClient final ~DedicatedWorkerHostFactoryClient() override; // Implements blink::WebDedicatedWorkerHostFactoryClient. @@ -420,11 +336,11 @@ index b851aa99b8ccb..2413a049c4eb5 100644 - const blink::WebSecurityOrigin& script_origin, network::mojom::CredentialsMode credentials_mode, - const blink::WebSecurityOrigin& fetch_client_security_origin, - const blink::WebFetchClientSettingsObject& fetch_client_settings_object, - mojo::ScopedMessagePipeHandle blob_url_token) override; - scoped_refptr CloneWorkerFetchContext( + network::mojom::ReferrerPolicy fetch_client_referrer_policy, + const blink::WebURL& fetch_client_outgoing_referrer, + const blink::WebInsecureRequestPolicy diff --git a/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom b/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom -index 7c6ca2eff2ee0..831bfa8ec5932 100644 +index be2a63cc110461e14873992d8fa7f38b91261779..8a0dccfc5d88fbe87a2e99322784e645839ace4b 100644 --- a/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom +++ b/third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom @@ -14,7 +14,6 @@ import "third_party/blink/public/mojom/worker/dedicated_worker_host.mojom"; @@ -435,19 +351,19 @@ index 7c6ca2eff2ee0..831bfa8ec5932 100644 import "url/mojom/url.mojom"; // The name of the InterfaceProviderSpec in service manifests used by the -@@ -74,11 +73,7 @@ interface DedicatedWorkerHostFactory { - // - // Creates a new DedicatedWorkerHost, and requests |browser_interface_broker| - // to provide the worker access to mojo interfaces. +@@ -77,11 +76,7 @@ interface DedicatedWorkerHostFactory { + // and |browser_interface_broker| (which is expected to replace + // |worker_interface_provider|) to provide the worker access to + // mojo interfaces. - // |origin| must either be - // unique or match the origin of the creating context (Document or - // DedicatedWorkerGlobalScope). CreateWorkerHost( - url.mojom.Origin origin, + // TODO(crbug.com/990845): remove when no longer used. + service_manager.mojom.InterfaceProvider& worker_interface_provider, pending_receiver - browser_interface_broker, - pending_receiver host); -@@ -90,14 +85,11 @@ interface DedicatedWorkerHostFactory { +@@ -95,14 +90,11 @@ interface DedicatedWorkerHostFactory { // Creates a new DedicatedWorkerHost, and requests to start top-level worker // script loading for |script_url| using |credentials_mode| and // |outside_fetch_client_settings_object|. @@ -463,7 +379,7 @@ index 7c6ca2eff2ee0..831bfa8ec5932 100644 blink.mojom.FetchClientSettingsObject outside_fetch_client_settings_object, diff --git a/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h b/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h -index f9e6265f056dc..d40e35a70b18e 100644 +index f0126764ebf29ed8071dff195a907b5a84ed0029..25f3e9474ecc07e4bb3522a2771b1ee65abe6b2c 100644 --- a/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h +++ b/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h @@ -18,7 +18,6 @@ class SingleThreadTaskRunner; @@ -474,7 +390,7 @@ index f9e6265f056dc..d40e35a70b18e 100644 class WebURL; class WebWorkerFetchContext; -@@ -31,17 +30,11 @@ class WebDedicatedWorkerHostFactoryClient { +@@ -31,16 +30,13 @@ class WebDedicatedWorkerHostFactoryClient { // Requests the creation of DedicatedWorkerHost in the browser process. // For non-PlzDedicatedWorker. This will be removed once PlzDedicatedWorker is // enabled by default. @@ -482,22 +398,21 @@ index f9e6265f056dc..d40e35a70b18e 100644 - const blink::WebSecurityOrigin& script_origin) = 0; + virtual void CreateWorkerHostDeprecated() = 0; // For PlzDedicatedWorker. -- // |fetch_client_security_origin| is intentionally separated from -- // |fetch_client_settings_object| as it shouldn't be passed from renderer -- // process from the security perspective. + // TODO(nhiroki): Pack |fetch_client_*| into some struct like + // WebFetchClientSettingsObject. virtual void CreateWorkerHost( const blink::WebURL& script_url, - const blink::WebSecurityOrigin& script_origin, network::mojom::CredentialsMode credentials_mode, - const blink::WebSecurityOrigin& fetch_client_security_origin, - const blink::WebFetchClientSettingsObject& fetch_client_settings_object, - mojo::ScopedMessagePipeHandle blob_url_token) = 0; - + network::mojom::ReferrerPolicy fetch_client_referrer_policy, + const blink::WebURL& fetch_client_outgoing_referrer, + const blink::WebInsecureRequestPolicy diff --git a/third_party/blink/renderer/core/workers/dedicated_worker.cc b/third_party/blink/renderer/core/workers/dedicated_worker.cc -index 9993078d72e89..08b258739deb2 100644 +index eabed31b6236b76307772d597a4d54504f3ac27c..08e9c16ac3f7ad9f33d0a87de02e6af3d497a4ec 100644 --- a/third_party/blink/renderer/core/workers/dedicated_worker.cc +++ b/third_party/blink/renderer/core/workers/dedicated_worker.cc -@@ -194,18 +194,14 @@ void DedicatedWorker::Start() { +@@ -243,10 +243,7 @@ void DedicatedWorker::Start() { factory_client_->CreateWorkerHost( script_request_url_, @@ -505,9 +420,10 @@ index 9993078d72e89..08b258739deb2 100644 credentials_mode, - WebSecurityOrigin( - outside_fetch_client_settings_object_->GetSecurityOrigin()), - WebFetchClientSettingsObject(*outside_fetch_client_settings_object_), - blob_url_token.PassPipe()); - // Continue in OnScriptLoadStarted() or OnScriptLoadStartFailed(). + outside_fetch_client_settings_object_->GetReferrerPolicy(), + KURL(outside_fetch_client_settings_object_->GetOutgoingReferrer()), + outside_fetch_client_settings_object_->GetInsecureRequestsPolicy(), +@@ -255,8 +252,7 @@ void DedicatedWorker::Start() { return; } From 7fe8dc7e6bb1d4ce16f3be256b28ce109d8c4c69 Mon Sep 17 00:00:00 2001 From: Jeremy Apthorp Date: Fri, 10 Apr 2020 11:25:18 -0700 Subject: [PATCH 3/3] fix build --- ...igin_for_starting_a_dedicated_worker.patch | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/patches/chromium/worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch b/patches/chromium/worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch index e2790f7f3acd1..3969f63a419b2 100644 --- a/patches/chromium/worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch +++ b/patches/chromium/worker_stop_passing_creator_s_origin_for_starting_a_dedicated_worker.patch @@ -53,7 +53,7 @@ index f9d3d6f5135f1b98220d6c7e21a9ae16797857a1..7ef518d069b9dbddb2bc74971bdde82b void PopulateDedicatedWorkerBinders(DedicatedWorkerHost* host, diff --git a/content/browser/worker_host/dedicated_worker_host.cc b/content/browser/worker_host/dedicated_worker_host.cc -index c4287066bcae159f52f11a070da22250e6a6f76e..cb66f432829251c5cc52e0e6408688159511ab97 100644 +index c4287066bcae159f52f11a070da22250e6a6f76e..e58d497196d6bc25cc984f669bbf5e63587d8508 100644 --- a/content/browser/worker_host/dedicated_worker_host.cc +++ b/content/browser/worker_host/dedicated_worker_host.cc @@ -39,12 +39,15 @@ DedicatedWorkerHost::DedicatedWorkerHost( @@ -74,6 +74,15 @@ index c4287066bcae159f52f11a070da22250e6a6f76e..cb66f432829251c5cc52e0e640868815 host_receiver_(this, std::move(host)) { DCHECK_CURRENTLY_ON(BrowserThread::UI); RegisterMojoInterfaces(); +@@ -66,7 +69,7 @@ void DedicatedWorkerHost::GetInterface( + return; + + BindWorkerInterface(interface_name, std::move(interface_pipe), +- worker_process_host, origin_); ++ worker_process_host, creator_origin_); + } + + void DedicatedWorkerHost::BindBrowserInterfaceBrokerReceiver( @@ -96,7 +99,6 @@ void DedicatedWorkerHost::LifecycleStateChanged( void DedicatedWorkerHost::StartScriptLoad( @@ -204,6 +213,15 @@ index c4287066bcae159f52f11a070da22250e6a6f76e..cb66f432829251c5cc52e0e640868815 std::move(outside_fetch_client_settings_object), std::move(blob_url_token), std::move(remote_client)); } +@@ -518,7 +509,7 @@ class DedicatedWorkerHostFactoryImpl final + const int ancestor_render_frame_id_; + const int creator_render_frame_id_; + +- const url::Origin parent_context_origin_; ++ const url::Origin creator_origin_; + + DISALLOW_COPY_AND_ASSIGN(DedicatedWorkerHostFactoryImpl); + }; @@ -529,12 +520,12 @@ void CreateDedicatedWorkerHostFactory( int creator_process_id, int ancestor_render_frame_id,