Fix SharedWorker URLLoaderFactory NetworkIsolationKey.

SharedWorkerServiceImpl was using a SiteForCookies based on the URL of the worker being loaded, but a NetworkIsolationKey based on the URL of the RenderFrameHost. In practice, these are always the same...except for the case of extensions loading a SharedWorker of some site. This CL fixes the issue. Bug: 1052148 Change-Id: I53d37354defdcca5fe0ea3f1412ee7a638016a5b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2057525 Commit-Queue: Matt Menke <mmenke@chromium.org> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Cr-Commit-Position: refs/heads/master@{#743140}

Fix SharedWorker URLLoaderFactory NetworkIsolationKey.
SharedWorkerServiceImpl was using a SiteForCookies based on the URL of the worker being loaded, but a NetworkIsolationKey based on the URL of the RenderFrameHost. In practice, these are always the same...except for the case of extensions loading a SharedWorker of some site. This CL fixes the issue. Bug: 1052148 Change-Id: I53d37354defdcca5fe0ea3f1412ee7a638016a5b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2057525 Commit-Queue: Matt Menke <mmenke@chromium.org> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Cr-Commit-Position: refs/heads/master@{#743140}
b6099f6e · Matt Menke · Commit Bot · 5853fbdc · b6099f6e
Commit b6099f6e authored Feb 20, 2020 by Matt Menke Committed by Commit Bot Feb 20, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 5 deletions

content/browser/worker_host/shared_worker_service_impl.cc content/browser/worker_host/shared_worker_service_impl.cc +3 -5

No files found.
--- a/content/browser/worker_host/shared_worker_service_impl.cc
+++ b/content/browser/worker_host/shared_worker_service_impl.cc
@@ -314,8 +314,7 @@ SharedWorkerHost* SharedWorkerServiceImpl::CreateWorker(

  RenderFrameHostImpl* creator_render_frame_host =
      RenderFrameHostImpl::FromID(creator_render_frame_host_id);
-  url::Origin origin(
-      creator_render_frame_host->frame_tree_node()->current_origin());
+  url::Origin worker_origin = url::Origin::Create(host->instance().url());

  base::WeakPtr<SharedWorkerHost> weak_host = host->AsWeakPtr();
  // Cloning before std::move() so that the object can be used in two functions.
@@ -326,10 +325,9 @@ SharedWorkerHost* SharedWorkerServiceImpl::CreateWorker(
  // cross-site contexts. Fix this.
  WorkerScriptFetchInitiator::Start(
      worker_process_host->GetID(), host->instance().url(),
-      creator_render_frame_host,
-      net::SiteForCookies::FromUrl(host->instance().url()),
+      creator_render_frame_host, net::SiteForCookies::FromOrigin(worker_origin),
      host->instance().constructor_origin(),
-      net::NetworkIsolationKey(origin, origin), credentials_mode,
+      net::NetworkIsolationKey(worker_origin, worker_origin), credentials_mode,
      std::move(outside_fetch_client_settings_object),
      blink::mojom::ResourceType::kSharedWorker, service_worker_context_,
      service_worker_handle_raw, std::move(appcache_host),