Base64 encode web text sent to dino page

To improve security of web downloaded text presented on the dino page this change makes so that it is base64 encoded before being converted into a JSON structure. It is later decoded by Javascript before being inserted into the page. Bug: 852872 Change-Id: Idb31c53b204762bcf99ad56bbc7bf79e8d500bcc Reviewed-on: https://chromium-review.googlesource.com/c/1299780 Commit-Queue: Carlos Knippschild <carlosk@chromium.org> Reviewed-by: Cathy Li <chili@chromium.org> Reviewed-by: Chris Palmer <palmer@chromium.org> Reviewed-by: Dan H <harringtond@google.com> Cr-Commit-Position: refs/heads/master@{#602999}

Base64 encode web text sent to dino page
To improve security of web downloaded text presented on the dino page this change makes so that it is base64 encoded before being converted into a JSON structure. It is later decoded by Javascript before being inserted into the page. Bug: 852872 Change-Id: Idb31c53b204762bcf99ad56bbc7bf79e8d500bcc Reviewed-on: https://chromium-review.googlesource.com/c/1299780 Commit-Queue: Carlos Knippschild <carlosk@chromium.org> Reviewed-by: Cathy Li <chili@chromium.org> Reviewed-by: Chris Palmer <palmer@chromium.org> Reviewed-by: Dan H <harringtond@google.com> Cr-Commit-Position: refs/heads/master@{#602999}
a0a13d82 · Carlos Knippschild · Commit Bot · fd4f1d8c · a0a13d82 · a0a13d82
Commit a0a13d82 authored Oct 26, 2018 by Carlos Knippschild Committed by Commit Bot Oct 26, 2018
3 changed files
--- a/chrome/renderer/net/available_offline_content_helper.cc
+++ b/chrome/renderer/net/available_offline_content_helper.cc
@@ -4,6 +4,7 @@

 #include "chrome/renderer/net/available_offline_content_helper.h"

+#include "base/base64.h"
 #include "base/json/json_reader.h"
 #include "base/json/json_value_converter.h"
 #include "base/json/json_writer.h"
@@ -22,13 +23,20 @@ using chrome::mojom::AvailableOfflineContentPtr;
 using chrome::mojom::AvailableContentType;

 base::Value AvailableContentToValue(const AvailableOfflineContentPtr& content) {
+  // All pieces of text content downloaded from the web will be base64 encoded
+  // to lessen security risks when this dictionary is passed as a string to
+  // |ExecuteJavaScript|.
+  std::string base64_encoded;
  base::Value value(base::Value::Type::DICTIONARY);
  value.SetKey("ID", base::Value(content->id));
  value.SetKey("name_space", base::Value(content->name_space));
-  value.SetKey("title", base::Value(content->title));
-  value.SetKey("snippet", base::Value(content->snippet));
+  base::Base64Encode(content->title, &base64_encoded);
+  value.SetKey("title_base64", base::Value(base64_encoded));
+  base::Base64Encode(content->snippet, &base64_encoded);
+  value.SetKey("snippet_base64", base::Value(base64_encoded));
  value.SetKey("date_modified", base::Value(content->date_modified));
-  value.SetKey("attribution", base::Value(content->attribution));
+  base::Base64Encode(content->attribution, &base64_encoded);
+  value.SetKey("attribution_base64", base::Value(base64_encoded));
  value.SetKey("thumbnail_data_uri",
               base::Value(content->thumbnail_data_uri.spec()));
  value.SetKey("content_type",

--- a/chrome/renderer/net/net_error_helper_core_unittest.cc
+++ b/chrome/renderer/net/net_error_helper_core_unittest.cc
@@ -2717,27 +2717,29 @@ TEST_F(NetErrorHelperCoreAvailableOfflineContentTest, ListAvailableContent) {
  DoErrorLoad(net::ERR_INTERNET_DISCONNECTED);
  task_environment()->RunUntilIdle();
  // Note: content_type is an AvailableContentType enum value.
-  // Below, 0=kPrefetchedPage and 3=kOtherPage.
+  // Below, 0=kPrefetchedPage and 3=kOtherPage. The base64 encoded values
+  // represent the encoded versions of the values returned by
+  // |TestAvailableContent|.
  std::string want_json = R"([
      {
        "ID": "ID",
-        "attribution": "attribution",
+        "attribution_base64": "YXR0cmlidXRpb24=",
        "content_type": 0,
        "date_modified": "date_modified",
        "name_space": "name_space",
-        "snippet": "snippet",
+        "snippet_base64": "c25pcHBldA==",
        "thumbnail_data_uri": "data:image/png;base64,abc",
-        "title": "title"
+        "title_base64": "dGl0bGU="
      },
      {
        "ID": "ID2",
-        "attribution": "attribution2",
+        "attribution_base64": "YXR0cmlidXRpb24y",
        "content_type": 3,
        "date_modified": "date_modified2",
        "name_space": "name_space2",
-        "snippet": "snippet2",
+        "snippet_base64": "c25pcHBldDI=",
        "thumbnail_data_uri": "data:image/png;base64,abc",
-        "title": "title2"
+        "title_base64": "dGl0bGUy"
      }
    ])";
  base::ReplaceChars(want_json, base::kWhitespaceASCII, "", &want_json);

--- a/components/neterror/resources/neterror.js
+++ b/components/neterror/resources/neterror.js
@@ -203,6 +203,8 @@ function getIconForSuggestedItem(item) {
 function getSuggestedContentDiv(item, index) {
  // Note: See AvailableContentToValue in available_offline_content_helper.cc
  // for the data contained in an |item|.
+  // TODO(carlosk): Present |snippet_base64| when that content becomes
+  // available.
  var visual = '';
  var extraContainerClasses = [];
  // html_inline.py will try to replace src attributes with data URIs using a
@@ -217,7 +219,7 @@ function getSuggestedContentDiv(item, index) {
    visual = `<div><img class="${iconClass}"></div>`;
  }

-  if (!item.attribution)
+  if (!item.attribution_base64)
    extraContainerClasses.push('no-attribution');

  return `
@@ -264,9 +266,9 @@ function offlineContentAvailable(suggestions) {
  // plain text.
  for (var index = 0; index < suggestions.length; index++) {
    document.getElementById(`offline-content-suggestion-title-${index}`)
-        .textContent = suggestions[index].title;
+        .textContent = atob(suggestions[index].title_base64);
    document.getElementById(`offline-content-suggestion-attribution-${index}`)
-        .textContent = suggestions[index].attribution;
+        .textContent = atob(suggestions[index].attribution_base64);
  }

  var contentListElement = document.getElementById('offline-content-list');