Skip to content

GitLab

T
tangled
Switch branch/tag
Find file BlameHistoryPermalink
  • Lukasz Anforowicz's avatar
    Introduce content::URLLoaderFactoryParamsHelper. · 85176244
    Lukasz Anforowicz authored 
    Summary
=======

This CL consolidates creation of network::mojom::URLLoaderFactoryParams
into a new class - content::URLLoaderFactoryParamsHelper.


Motivation
==========

This CL helps simplify the code by lowering the number of parameters
that need to be propagated by various methods.

This CL also makes it easier to audit security properties of the code,
by grouping all assignments into the helper class.  For example,
after the CL, it is hopefully much easier to see when |is_trusted| is
set.

This CL also avoids exposing unnecessary public //content APIs through
RenderProcessHost (e.g. by moving |is_trusted| and
|network_isolation_key| parameters into the new helper class).


No intended changes in behavior
===============================

In general, this CL intends to introduce no changes in behavior.  In
particular, the values that various scenarios put inside
network::mojom::URLLoaderFactoryParams should not be changed by this CL
(except in the dedicated worker scenario listed below).

The only change of URLLoaderFactoryParams is that WebPreferences
of the |ancestor_render_frame_host| will now be (correctly) taken into
account when creating a factory for a dedicated worker.

Another change in behavior introduced by this CL, is changing which
|origin| is passed to the WillCreateURLLoaderFactory method when
creating a factory for content scripts / isolated worlds:
- Before the CL, the isolated world origin would be passed
- After the CL, the main world origin is passed
This change should be insignificant:
- AwContentBrowserClient::WillCreateURLLoaderFactory and
  ShellContentBrowserClient::WillCreateURLLoaderFactory overrides do not
  dereference the |request_initiator| parameter.
- ChromeContentBrowserClient::WillCreateURLLoaderFactory passes
  the origin into signin::ProxyingURLLoaderFactory::MaybeProxyRequest
  and then into gaia::IsGaiaSignonRealm.  I believe that it is okay if
  content script requests are also proxied - if an extension has
  permission to inject content scripts then it effectively "owns" the
  origin anyway.

Bug: 1025303
Change-Id: I56c224dc67bcc637e77d4c9ffad91b87cb99d83c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1915299
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: default avatarAlex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#722626}
    85176244
url_loader_factory_params_helper.h 2.47 KB