CacheStorage: Verify opaque responses do not generate full code cache.

This is important since we do not want to expose the existence of the x-CacheStorageCodeCacheHint header for an opaque response by accident. Bug: 1007272 Change-Id: Ide6f863e732a7b145a244e5ad0f5670bf740a7b0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1906808 Commit-Queue: Ben Kelly <wanderview@chromium.org> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Cr-Commit-Position: refs/heads/master@{#714336}

CacheStorage: Verify opaque responses do not generate full code cache.
This is important since we do not want to expose the existence of the x-CacheStorageCodeCacheHint header for an opaque response by accident. Bug: 1007272 Change-Id: Ide6f863e732a7b145a244e5ad0f5670bf740a7b0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1906808 Commit-Queue: Ben Kelly <wanderview@chromium.org> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Cr-Commit-Position: refs/heads/master@{#714336}
0f7aee6c · Ben Kelly · Commit Bot · 1fbf5160 · 0f7aee6c · 0f7aee6c
Commit 0f7aee6c authored Nov 12, 2019 by Ben Kelly Committed by Commit Bot Nov 12, 2019
3 changed files
--- a/content/browser/service_worker/service_worker_browsertest.cc
+++ b/content/browser/service_worker/service_worker_browsertest.cc
@@ -3349,7 +3349,7 @@ class ServiceWorkerV8CodeCacheForCacheStorageTest
  }

 protected:
-  virtual const char* GetWorkerURL() { return kWorkerUrl; }
+  virtual std::string GetWorkerURL() { return kWorkerUrl; }

  void RegisterAndActivateServiceWorker() {
    scoped_refptr<WorkerActivatedObserver> observer =
@@ -3595,7 +3595,7 @@ IN_PROC_BROWSER_TEST_F(ServiceWorkerV8CodeCacheForCacheStorageBadOriginTest,
 class ServiceWorkerCacheStorageFullCodeCacheFromInstallEventTest
    : public ServiceWorkerV8CodeCacheForCacheStorageTest {
 public:
-  const char* GetWorkerURL() override {
+  std::string GetWorkerURL() override {
    return "/service_worker/install_event_caches_script.js";
  }
 };
@@ -3619,7 +3619,7 @@ class ServiceWorkerCacheStorageFullCodeCacheFromInstallEventDisabledByHintTest
                                    "CacheStorageCodeCacheHint");
  }

-  const char* GetWorkerURL() override {
+  std::string GetWorkerURL() override {
    return "/service_worker/install_event_caches_script_with_hint.js";
  }
 };
@@ -3633,6 +3633,34 @@ IN_PROC_BROWSER_TEST_F(
  WaitUntilSideDataSizeIs(0);
 }

+class ServiceWorkerCacheStorageFullCodeCacheFromInstallEventOpaqueResponseTest
+    : public ServiceWorkerV8CodeCacheForCacheStorageTest {
+ public:
+  ServiceWorkerCacheStorageFullCodeCacheFromInstallEventOpaqueResponseTest() {}
+
+  void SetUpOnMainThread() override {
+    host_resolver()->AddRule("*", "127.0.0.1");
+    ServiceWorkerV8CodeCacheForCacheStorageTest::SetUpOnMainThread();
+  }
+
+  std::string GetWorkerURL() override {
+    GURL cross_origin_script = embedded_test_server()->GetURL(
+        "bar.com", "/service_worker/v8_cache_test.js");
+    return "/service_worker/"
+           "install_event_caches_no_cors_script.js?script_url=" +
+           cross_origin_script.spec();
+  }
+};
+
+IN_PROC_BROWSER_TEST_F(
+    ServiceWorkerCacheStorageFullCodeCacheFromInstallEventOpaqueResponseTest,
+    FullCodeCacheGenerated) {
+  RegisterAndActivateServiceWorker();
+  // The full code cache should not be generated when the script is an opaque
+  // response.
+  WaitUntilSideDataSizeIs(0);
+}
+
 // ServiceWorkerDisableWebSecurityTests check the behavior when the web security
 // is disabled. If '--disable-web-security' flag is set, we don't check the
 // origin equality in Blink. So the Service Worker related APIs should succeed

--- a/content/test/data/service_worker/install_event_caches_no_cors_script.js
+++ b/content/test/data/service_worker/install_event_caches_no_cors_script.js
+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+self.addEventListener('install', evt => {
+  evt.waitUntil(async function() {
+    const cache_name = 'cache_name';
+
+    const url = new URLSearchParams(self.location.search).get('script_url');
+
+    const cache = await caches.open(cache_name);
+    const response = await fetch(url, { mode: 'no-cors' });
+    await cache.put(url, response);
+  }());
+});
--- a/third_party/blink/renderer/modules/cache_storage/cache.cc
+++ b/third_party/blink/renderer/modules/cache_storage/cache.cc
@@ -88,6 +88,13 @@ CodeCachePolicy GetCodeCachePolicy(const Response* response) {
  if (!RuntimeEnabledFeatures::CacheStorageCodeCacheHintEnabled())
    return CodeCachePolicy::kAuto;

+  // We should never see an opaque response here.  We should have bailed out
+  // from generating code cache when we failed to determine its mime type.
+  // It's important we don't look at the header hint for opaque responses since
+  // it could leak cross-origin information.
+  DCHECK_NE(response->GetResponse()->GetType(),
+            network::mojom::FetchResponseType::kOpaque);
+
  String header_name(
      features::kCacheStorageCodeCacheHintHeaderName.Get().data());
  String header_value;