[FS] Add explicit origin to NFSTransferTokenImpl.

Rather than extracting the origin a token is associated with from its
FileSystemURL, store the URL separately. This lets us use FileSystemURLs
that don't have an origin (or in the future move away from FileSystemURL
entirely).

Other classes that have a FileSystemURL and are associated with an
origin (i.e. NFSHandleBase) already stored the origin separately, this
just bring TransferToken in line with those.

Bug: 1093653
Change-Id: I26aeabce7bf35ad74e6beb3ffcb49d50b33d034a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2391179
Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
Commit-Queue: Victor Costan <pwnall@chromium.org>
Auto-Submit: Marijn Kruisselbrink <mek@chromium.org>
Reviewed-by: Victor Costan <pwnall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#804031}

content/browser/native_file_system/native_file_system_handle_base.h

@@ -52,6 +52,7 @@ class CONTENT_EXPORT NativeFileSystemHandleBase : public WebContentsObserver {
   const storage::IsolatedContext::ScopedFSHandle& file_system() const {
     return handle_state_.file_system;
   }
+  const BindingContext& context() const { return context_; }
 
   PermissionStatus GetReadPermissionStatus();
   PermissionStatus GetWritePermissionStatus();
@@ -80,7 +81,6 @@ class CONTENT_EXPORT NativeFileSystemHandleBase : public WebContentsObserver {
 
  protected:
   NativeFileSystemManagerImpl* manager() { return manager_; }
-  const BindingContext& context() { return context_; }
   storage::FileSystemContext* file_system_context() {
     return manager()->context();
   }

content/browser/native_file_system/native_file_system_manager_impl.cc

@@ -134,7 +134,7 @@ bool IsValidTransferToken(NativeFileSystemTransferTokenImpl* token,
     return false;
   }
 
-  if (token->url().origin() != expected_origin) {
+  if (token->origin() != expected_origin) {
     return false;
   }
 
@@ -514,7 +514,8 @@ void NativeFileSystemManagerImpl::DeserializeHandle(
           base::MakeRefCounted<FixedNativeFileSystemPermissionGrant>(
               PermissionStatus::GRANTED);
       CreateTransferTokenImpl(
-          url, SharedHandleState(permission_grant, permission_grant, {}),
+          url, origin,
+          SharedHandleState(permission_grant, permission_grant, {}),
           data.handle_type() == NativeFileSystemHandleData::kDirectory
               ? HandleType::kDirectory
               : HandleType::kFile,
@@ -545,7 +546,7 @@ void NativeFileSystemManagerImpl::DeserializeHandle(
           NativeFileSystemPermissionContext::UserAction::kLoadFromStorage);
 
       CreateTransferTokenImpl(
-          child, handle_state,
+          child, origin, handle_state,
           is_directory ? HandleType::kDirectory : HandleType::kFile,
           std::move(token));
       break;
@@ -653,15 +654,17 @@ void NativeFileSystemManagerImpl::CreateTransferToken(
     const NativeFileSystemFileHandleImpl& file,
     mojo::PendingReceiver<blink::mojom::NativeFileSystemTransferToken>
         receiver) {
-  return CreateTransferTokenImpl(file.url(), file.handle_state(),
-                                 HandleType::kFile, std::move(receiver));
+  return CreateTransferTokenImpl(file.url(), file.context().origin,
+                                 file.handle_state(), HandleType::kFile,
+                                 std::move(receiver));
 }
 
 void NativeFileSystemManagerImpl::CreateTransferToken(
     const NativeFileSystemDirectoryHandleImpl& directory,
     mojo::PendingReceiver<blink::mojom::NativeFileSystemTransferToken>
         receiver) {
-  return CreateTransferTokenImpl(directory.url(), directory.handle_state(),
+  return CreateTransferTokenImpl(directory.url(), directory.context().origin,
+                                 directory.handle_state(),
                                  HandleType::kDirectory, std::move(receiver));
 }
 
@@ -912,6 +915,7 @@ void NativeFileSystemManagerImpl::DidChooseDirectory(
 
 void NativeFileSystemManagerImpl::CreateTransferTokenImpl(
     const storage::FileSystemURL& url,
+    const url::Origin& origin,
     const SharedHandleState& handle_state,
     HandleType handle_type,
     mojo::PendingReceiver<blink::mojom::NativeFileSystemTransferToken>
@@ -919,7 +923,7 @@ void NativeFileSystemManagerImpl::CreateTransferTokenImpl(
   DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
 
   auto token_impl = std::make_unique<NativeFileSystemTransferTokenImpl>(
-      url, handle_state, handle_type, this, std::move(receiver));
+      url, origin, handle_state, handle_type, this, std::move(receiver));
   auto token = token_impl->token();
   transfer_tokens_.emplace(token, std::move(token_impl));
 }

content/browser/native_file_system/native_file_system_manager_impl.h

@@ -266,6 +266,7 @@ class CONTENT_EXPORT NativeFileSystemManagerImpl
 
   void CreateTransferTokenImpl(
       const storage::FileSystemURL& url,
+      const url::Origin& origin,
       const SharedHandleState& handle_state,
       NativeFileSystemPermissionContext::HandleType handle_type,
       mojo::PendingReceiver<blink::mojom::NativeFileSystemTransferToken>

content/browser/native_file_system/native_file_system_transfer_token_impl.cc

@@ -15,6 +15,7 @@ using SharedHandleState = NativeFileSystemManagerImpl::SharedHandleState;
 
 NativeFileSystemTransferTokenImpl::NativeFileSystemTransferTokenImpl(
     const storage::FileSystemURL& url,
+    const url::Origin& origin,
     const NativeFileSystemManagerImpl::SharedHandleState& handle_state,
     HandleType handle_type,
     NativeFileSystemManagerImpl* manager,
@@ -23,8 +24,10 @@ NativeFileSystemTransferTokenImpl::NativeFileSystemTransferTokenImpl(
       handle_type_(handle_type),
       manager_(manager),
       url_(url),
+      origin_(origin),
       handle_state_(handle_state) {
   DCHECK(manager_);
+  DCHECK(url.origin().opaque() || url.origin() == origin);
 
   receivers_.set_disconnect_handler(
       base::BindRepeating(&NativeFileSystemTransferTokenImpl::OnMojoDisconnect,

content/browser/native_file_system/native_file_system_transfer_token_impl.h

@@ -28,6 +28,7 @@ class CONTENT_EXPORT NativeFileSystemTransferTokenImpl
  public:
   NativeFileSystemTransferTokenImpl(
       const storage::FileSystemURL& url,
+      const url::Origin& origin,
       const NativeFileSystemManagerImpl::SharedHandleState& handle_state,
       NativeFileSystemPermissionContext::HandleType handle_type,
       NativeFileSystemManagerImpl* manager,
@@ -40,6 +41,7 @@ class CONTENT_EXPORT NativeFileSystemTransferTokenImpl
     return handle_type_;
   }
   const storage::FileSystemURL& url() const { return url_; }
+  const url::Origin& origin() const { return origin_; }
 
   // Returns permission grants associated with this token. These can
   // return nullptr if this token does not have associated permission grants.
@@ -68,6 +70,7 @@ class CONTENT_EXPORT NativeFileSystemTransferTokenImpl
   // Raw pointer since NativeFileSystemManagerImpl owns `this`.
   NativeFileSystemManagerImpl* const manager_;
   const storage::FileSystemURL url_;
+  const url::Origin origin_;
   const NativeFileSystemManagerImpl::SharedHandleState handle_state_;
   mojo::ReceiverSet<blink::mojom::NativeFileSystemTransferToken> receivers_;