[bfcache] Disable bfcache for Web Authenticator API

Disable bfcache for web authenticator, since on DidFinishNavigation it would cleanup all the authentication data. This would be a problem if we restore the document from back-forward cache, so disabling it. Bug: 1001087 Change-Id: I928a89568fc804c6953099560b0d0cc2916d7ada Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1825220 Commit-Queue: Alexander Timin <altimin@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Alexander Timin <altimin@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#710317}

[bfcache] Disable bfcache for Web Authenticator API
Disable bfcache for web authenticator, since on DidFinishNavigation it would cleanup all the authentication data. This would be a problem if we restore the document from back-forward cache, so disabling it. Bug: 1001087 Change-Id: I928a89568fc804c6953099560b0d0cc2916d7ada Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1825220 Commit-Queue: Alexander Timin <altimin@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Alexander Timin <altimin@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#710317}
9d1b6bd4 · Alexander Timin · Commit Bot · d267fcb5 · 9d1b6bd4 · 9d1b6bd4
Commit 9d1b6bd4 authored Oct 29, 2019 by Alexander Timin Committed by Commit Bot Oct 29, 2019
Showing with 21 additions and 0 deletions

content/browser/webauth/authenticator_common.cc content/browser/webauth/authenticator_common.cc +5 -0

content/browser/webauth/webauth_browsertest.cc content/browser/webauth/webauth_browsertest.cc +16 -0

No files found.
--- a/content/browser/webauth/authenticator_common.cc
+++ b/content/browser/webauth/authenticator_common.cc
@@ -526,6 +526,11 @@ AuthenticatorCommon::AuthenticatorCommon(
      timer_(std::move(timer)) {
  DCHECK(render_frame_host_);
  DCHECK(timer_);
+  // Disable the back-forward cache for any document that makes WebAuthn
+  // requests. Pages using privacy-sensitive APIs are generally exempt from
+  // back-forward cache for now as a precaution.
+  BackForwardCache::DisableForRenderFrameHost(render_frame_host,
+                                              "WebAuthenticationAPI");
 }

 AuthenticatorCommon::~AuthenticatorCommon() {

--- a/content/browser/webauth/webauth_browsertest.cc
+++ b/content/browser/webauth/webauth_browsertest.cc
@@ -29,6 +29,7 @@
 #include "content/public/common/content_features.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/service_manager_connection.h"
+#include "content/public/test/back_forward_cache_util.h"
 #include "content/public/test/browser_test_utils.h"
 #include "content/public/test/content_browser_test.h"
 #include "content/public/test/content_browser_test_utils.h"
@@ -1454,6 +1455,21 @@ IN_PROC_BROWSER_TEST_F(WebAuthBrowserBleDisabledTest, CheckBleDisabled) {
  EXPECT_FALSE(fake_ble_discovery->is_start_requested());
 }

+class WebAuthLocalClientBackForwardCacheBrowserTest
+    : public WebAuthLocalClientBrowserTest {
+ protected:
+  BackForwardCacheDisabledTester tester_;
+};
+
+IN_PROC_BROWSER_TEST_F(WebAuthLocalClientBackForwardCacheBrowserTest,
+                       WebAuthDisablesBackForwardCache) {
+  // Initialisation of the test should disable bfcache.
+  EXPECT_TRUE(tester_.IsDisabledForFrameWithReason(
+      shell()->web_contents()->GetMainFrame()->GetProcess()->GetID(),
+      shell()->web_contents()->GetMainFrame()->GetRoutingID(),
+      "WebAuthenticationAPI"));
+}
+
 // WebAuthBrowserCtapTest ----------------------------------------------

 class WebAuthBrowserCtapTest : public WebAuthLocalClientBrowserTest {