Add "BypassSecurityChecks" suffix to content::CreateFileURLLoader

According to the comment "this does not restrict filesystem access *in any way*", so make it look dangerous. Bug: 1035575, 1036693,1026546 Change-Id: Iadd64b3b1be417b469b8d85144de21c86f67ceba Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1981414Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Ken Rockot <rockot@google.com> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#728817}

Add "BypassSecurityChecks" suffix to content::CreateFileURLLoader
According to the comment "this does not restrict filesystem access *in any way*", so make it look dangerous. Bug: 1035575, 1036693,1026546 Change-Id: Iadd64b3b1be417b469b8d85144de21c86f67ceba Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1981414Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Ken Rockot <rockot@google.com> Commit-Queue: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#728817}
df83dca4 · Yutaka Hirano · Commit Bot · 23ce24ec · df83dca4 · df83dca4
Commit df83dca4 authored Jan 07, 2020 by Yutaka Hirano Committed by Commit Bot Jan 07, 2020
4 changed files
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc
@@ -4368,9 +4368,10 @@ class FileURLLoaderFactory : public network::mojom::URLLoaderFactory {
              network::URLLoaderCompletionStatus(net::ERR_ACCESS_DENIED));
      return;
    }
-    content::CreateFileURLLoader(request, std::move(loader), std::move(client),
+    content::CreateFileURLLoaderBypassingSecurityChecks(
-                                 /*observer=*/nullptr,
+        request, std::move(loader), std::move(client),
-                                 /* allow_directory_listing */ true);
+        /*observer=*/nullptr,
+        /* allow_directory_listing */ true);
  }
  void Clone(

--- a/content/browser/loader/file_url_loader_factory.cc
+++ b/content/browser/loader/file_url_loader_factory.cc
@@ -891,7 +891,7 @@ void FileURLLoaderFactory::Clone(
  receivers_.Add(this, std::move(loader));
 }
-void CreateFileURLLoader(
+void CreateFileURLLoaderBypassingSecurityChecks(
    const network::ResourceRequest& request,
    mojo::PendingReceiver<network::mojom::URLLoader> loader,
    mojo::PendingRemote<network::mojom::URLLoaderClient> client,

--- a/content/public/browser/file_url_loader.h
+++ b/content/public/browser/file_url_loader.h
@@ -50,7 +50,7 @@ class CONTENT_EXPORT FileURLLoaderObserver
 // The URLLoader created by this function does *not* automatically follow
 // filesytem links (e.g. Windows shortcuts) or support directory listing.
 // A directory path will always yield a FILE_NOT_FOUND network error.
-CONTENT_EXPORT void CreateFileURLLoader(
+CONTENT_EXPORT void CreateFileURLLoaderBypassingSecurityChecks(
    const network::ResourceRequest& request,
    mojo::PendingReceiver<network::mojom::URLLoader> loader,
    mojo::PendingRemote<network::mojom::URLLoaderClient> client,

--- a/extensions/browser/extension_protocols.cc
+++ b/extensions/browser/extension_protocols.cc
@@ -604,7 +604,7 @@ class ExtensionURLLoaderFactory : public network::mojom::URLLoaderFactory {
          resource.relative_path());
    }
-    content::CreateFileURLLoader(
+    content::CreateFileURLLoaderBypassingSecurityChecks(
        request, std::move(loader), std::move(client),
        std::make_unique<FileLoaderObserver>(std::move(verify_job)),
        /* allow_directory_listing */ false, std::move(response_headers));