Skip to content

GitLab

T
tangled
Switch branch/tag
Find file BlameHistoryPermalink
  • Ali Juma's avatar
    [iOS] Handle Safe Browsing redirect chains with repeated URLs · 20823499
    Ali Juma authored 
    A navigation redirect chain can include the same URL more than
once, for example, b.com -> a.com -> c.com -> a.com.

However, when mapping Safe Browsing decisions to pending
queries, the logic assumes there can only be at most one
pending query with a given URL. This means that, in the
above example, if the Safe Browsing decisions for a.com
arrive after there are two queries for a.com, only one
of these queries will be assigned a result, even after
both decisions are computed.

This CL modifies
SafeBrowsingTabHelper::PolicyDecider::GetPendingMainFrameQuery
to return the oldest matching query that does not yet have
a decision, and renames this method to
GetOldestPendingMainFrameQuery. With this change,
decisions for URLs in a redirect chain are sent to the
first query that doesn't yet have a decision.

This CL also relaxes a DCHECK in
SafeBrowsingTabHelper::PolicyDecider::HandleMainFrameResponsePolicy
that currently checks that the given URL (passed in by
ShouldAllowResponse) matches the pending query's URL (from
ShouldAllowRequest). There are at least two cases where this fails
to hold:

1) Sometimes when there's a server redirect, a ShouldAllowRequest
   call is never made for the target of the redirect. Instead,
   an additional ShouldAllowRequest call arrives for the source
   of the redirect, and WKWebView's URL is still the source URL
   when DidRedirectNavigation is called. This bug does not seem
   to reproduce in trunk WebKit, so may be fixed there.

2) When the request is handled by a ServiceWorker, the ServiceWorker
   is able to set a different URL on the response it produces. In
   these cases, the URL still has the same origin as the request.

Bug: 1144690
Change-Id: Idae3161c9ddee4fd6e1fe6e13c111a5e90b29c28
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2518330
Commit-Queue: Ali Juma <ajuma@chromium.org>
Reviewed-by: default avatarIlya Sherman <isherman@chromium.org>
Reviewed-by: default avatarWeilun Shi <sweilun@chromium.org>
Reviewed-by: default avatarEugene But <eugenebut@chromium.org>
Cr-Commit-Position: refs/heads/master@{#826400}
    20823499
histograms.xml 34 KB