• Jason Lin's avatar
    Validate sender in terminal private api browser code · f5757b50
    Jason Lin authored
    See the bugs for why we are doing this.
    
    Notes:
    * `tab_id` is removed. `TerminalPrivateAckOutputFunction::Run()` used to
      use `tab_id` to figure out whether it should actually acknowledge the
      output on the process --- it should only do so if the sender owns the
      terminal id. Now that we store the terminal id in the web contents, we
      don't need it anymore.
    * We change the signature of api `ackOutput`. It is not going to
      break anything because only `.../externs/terminal_private.js`, which
      is also updated in this CL, but not "libapps" is supposed to call it.
    * Potentially, we should kill the renderer if the validation fails, but
      we cannot do it for now because libapps might send a invalid ID before
      it receives a valid one.
    * `SetLastActiveTerminal()` is used for setting the CWD for a new
      terminal, but due to a bug, it has been effectively disabled. We don't
      want this CL to change the CWD behavior so we explicitly disable it
      here. We will soon have a follow up CL to deal with the CWD feature.
      Also see https://crbug.com/1113207.
    
    Fixed: 1145053, 1144625
    Test: new browser tests, and manual tests
    Change-Id: I0f39c544a28e23df3aeefe98b626c2b94b973af7
    Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2519182Reviewed-by: default avatarBen Wells <benwells@chromium.org>
    Reviewed-by: default avatarJoel Hockey <joelhockey@chromium.org>
    Reviewed-by: default avatarMike Frysinger <vapier@chromium.org>
    Commit-Queue: Jason Lin <lxj@google.com>
    Cr-Commit-Position: refs/heads/master@{#825779}
    f5757b50
terminal_private.js 5.15 KB