|request_initiator_site_lock| enforcement - attempt #2.

This CL starts treating |request_initiator| that doesn't match |request_initiator_site_lock| as a bad IPC message and ignoring such malformed resource requests. NetworkService.URLLoader.RequestInitiatorOriginLockCompatibility UMA is non-zero in recent Canary releases. Therefore it is possible that this CL will get reverted after gathering sufficient number of DumpWithoutCrashing reports to understand why the lock doesn't match the initiator in some real world scenarios. Bug: 920634 Change-Id: If4fbdb6336703f53784c036ca5d9e408ff223d78 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2006113 Auto-Submit: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#739359}

|request_initiator_site_lock| enforcement - attempt #2.
This CL starts treating |request_initiator| that doesn't match |request_initiator_site_lock| as a bad IPC message and ignoring such malformed resource requests. NetworkService.URLLoader.RequestInitiatorOriginLockCompatibility UMA is non-zero in recent Canary releases. Therefore it is possible that this CL will get reverted after gathering sufficient number of DumpWithoutCrashing reports to understand why the lock doesn't match the initiator in some real world scenarios. Bug: 920634 Change-Id: If4fbdb6336703f53784c036ca5d9e408ff223d78 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2006113 Auto-Submit: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#739359}
0724e945 · Lukasz Anforowicz · Commit Bot · e22fb4a8 · 0724e945 · 0724e945
Commit 0724e945 authored Feb 07, 2020 by Lukasz Anforowicz Committed by Commit Bot Feb 07, 2020
3 changed files
--- a/services/network/cors/cors_url_loader_factory.cc
+++ b/services/network/cors/cors_url_loader_factory.cc
@@ -308,7 +308,12 @@ bool CorsURLLoaderFactory::IsSane(const NetworkContext* context,
      // TODO(lukasza): https://crbug.com/920634: Report bad message and return
      // false below.
      NOTREACHED();
-      break;
+      debug::ScopedOriginCrashKey initiator_lock_crash_key(
+          debug::GetRequestInitiatorSiteLockCrashKey(),
+          request_initiator_site_lock_);
+      mojo::ReportBadMessage(
+          "CorsURLLoaderFactory: lock VS initiator mismatch");
+      return false;
  }
  if (context) {

--- a/services/network/crash_keys.cc
+++ b/services/network/crash_keys.cc
@@ -26,6 +26,12 @@ base::debug::CrashKeyString* GetRequestInitiatorCrashKey() {
 }  // namespace
+base::debug::CrashKeyString* GetRequestInitiatorSiteLockCrashKey() {
+  static auto* crash_key = base::debug::AllocateCrashKeyString(
+      "request_initiator_site_lock", base::debug::CrashKeySize::Size64);
+  return crash_key;
+}
 ScopedOriginCrashKey::ScopedOriginCrashKey(
    base::debug::CrashKeyString* crash_key,
    const base::Optional<url::Origin>& value)

--- a/services/network/crash_keys.h
+++ b/services/network/crash_keys.h
@@ -15,6 +15,8 @@ struct ResourceRequest;
 namespace debug {
+base::debug::CrashKeyString* GetRequestInitiatorSiteLockCrashKey();
 class ScopedOriginCrashKey : public base::debug::ScopedCrashKeyString {
 public:
  ScopedOriginCrashKey(base::debug::CrashKeyString* crash_key,