worker: Add WebFetchClientSettingsObject

This CL introduces yet another variant of FetchClientSettingsObject which is used for passing FetchClientSettingsObject between blink and content. For now it is only used for dedicated workers but we plan to use WebFetchClientSettingsObject for service workers too. Ideally WebFetchClientSettingsObject shouldn't be needed. Once the Onion Soup is done we should just use mojom::FetchClientSettingsObject. This CL does not change existing behavior. Bug: 937177 Tbr: kinuko@chromium.org Change-Id: I224eadeca49ac4a18c3fdf4ef8507e7eb2be4d94 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1843995 Commit-Queue: Kenichi Ishibashi <bashi@chromium.org> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Cr-Commit-Position: refs/heads/master@{#703232}

worker: Add WebFetchClientSettingsObject
This CL introduces yet another variant of FetchClientSettingsObject which is used for passing FetchClientSettingsObject between blink and content. For now it is only used for dedicated workers but we plan to use WebFetchClientSettingsObject for service workers too. Ideally WebFetchClientSettingsObject shouldn't be needed. Once the Onion Soup is done we should just use mojom::FetchClientSettingsObject. This CL does not change existing behavior. Bug: 937177 Tbr: kinuko@chromium.org Change-Id: I224eadeca49ac4a18c3fdf4ef8507e7eb2be4d94 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1843995 Commit-Queue: Kenichi Ishibashi <bashi@chromium.org> Reviewed-by: Matt Falkenhagen <falken@chromium.org> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Cr-Commit-Position: refs/heads/master@{#703232}
dfb966a5 · Kenichi Ishibashi · Commit Bot · da56a41a · dfb966a5 · dfb966a5
Commit dfb966a5 authored Oct 07, 2019 by Kenichi Ishibashi Committed by Commit Bot Oct 07, 2019
7 changed files
--- a/content/renderer/worker/dedicated_worker_host_factory_client.cc
+++ b/content/renderer/worker/dedicated_worker_host_factory_client.cc
@@ -51,22 +51,20 @@ void DedicatedWorkerHostFactoryClient::CreateWorkerHost(
    const blink::WebSecurityOrigin& script_origin,
    network::mojom::CredentialsMode credentials_mode,
    const blink::WebSecurityOrigin& fetch_client_security_origin,
-    network::mojom::ReferrerPolicy fetch_client_referrer_policy,
-    const blink::WebURL& fetch_client_outgoing_referrer,
-    const blink::WebInsecureRequestPolicy fetch_client_insecure_request_policy,
+    const blink::WebFetchClientSettingsObject& fetch_client_settings_object,
    mojo::ScopedMessagePipeHandle blob_url_token) {
  DCHECK(base::FeatureList::IsEnabled(blink::features::kPlzDedicatedWorker));

+  // TODO(bashi): Create a helper function that converts
+  // WebFetchClientSettingsObject to mojom::FetchClientSettingsObject.
  auto outside_fetch_client_settings_object =
      blink::mojom::FetchClientSettingsObject::New();
  outside_fetch_client_settings_object->referrer_policy =
-      fetch_client_referrer_policy;
+      fetch_client_settings_object.referrer_policy;
  outside_fetch_client_settings_object->outgoing_referrer =
-      fetch_client_outgoing_referrer;
+      fetch_client_settings_object.outgoing_referrer;
  outside_fetch_client_settings_object->insecure_requests_policy =
-      fetch_client_insecure_request_policy & blink::kUpgradeInsecureRequests
-          ? blink::mojom::InsecureRequestsPolicy::kUpgrade
-          : blink::mojom::InsecureRequestsPolicy::kDoNotUpgrade;
+      fetch_client_settings_object.insecure_requests_policy;

  factory_->CreateWorkerHostAndStartScriptLoad(
      script_url, script_origin, credentials_mode,

--- a/content/renderer/worker/dedicated_worker_host_factory_client.h
+++ b/content/renderer/worker/dedicated_worker_host_factory_client.h
@@ -49,10 +49,7 @@ class DedicatedWorkerHostFactoryClient final
      const blink::WebSecurityOrigin& script_origin,
      network::mojom::CredentialsMode credentials_mode,
      const blink::WebSecurityOrigin& fetch_client_security_origin,
-      network::mojom::ReferrerPolicy fetch_client_referrer_policy,
-      const blink::WebURL& fetch_client_outgoing_referrer,
-      const blink::WebInsecureRequestPolicy
-          fetch_client_insecure_request_policy,
+      const blink::WebFetchClientSettingsObject& fetch_client_settings_object,
      mojo::ScopedMessagePipeHandle blob_url_token) override;
  scoped_refptr<blink::WebWorkerFetchContext> CloneWorkerFetchContext(
      blink::WebWorkerFetchContext* web_worker_fetch_context,

--- a/third_party/blink/public/BUILD.gn
+++ b/third_party/blink/public/BUILD.gn
@@ -237,6 +237,7 @@ source_set("blink_headers") {
    "platform/web_encrypted_media_key_information.h",
    "platform/web_encrypted_media_request.h",
    "platform/web_encrypted_media_types.h",
+    "platform/web_fetch_client_settings_object.h",
    "platform/web_file_system_type.h",
    "platform/web_float_point.h",
    "platform/web_float_point_3d.h",

--- a/third_party/blink/public/mojom/loader/fetch_client_settings_object.mojom
+++ b/third_party/blink/public/mojom/loader/fetch_client_settings_object.mojom
@@ -19,6 +19,8 @@ enum InsecureRequestsPolicy {
 //
 // See comments on blink::FetchClientSettingsObject for details of this struct
 // and each member.
+//
+// Also keep this struct consistent with blink::WebFetchClientSettingsObject.
 struct FetchClientSettingsObject {
  network.mojom.ReferrerPolicy referrer_policy;
  url.mojom.Url outgoing_referrer;

--- a/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h
+++ b/third_party/blink/public/platform/web_dedicated_worker_host_factory_client.h
@@ -10,6 +10,7 @@
 #include "services/network/public/mojom/fetch_api.mojom-shared.h"
 #include "services/network/public/mojom/referrer_policy.mojom-shared.h"
 #include "third_party/blink/public/mojom/frame/lifecycle.mojom-shared.h"
+#include "third_party/blink/public/platform/web_fetch_client_settings_object.h"
 #include "third_party/blink/public/platform/web_insecure_request_policy.h"

 namespace base {
@@ -34,17 +35,15 @@ class WebDedicatedWorkerHostFactoryClient {
  virtual void CreateWorkerHostDeprecated(
      const blink::WebSecurityOrigin& script_origin) = 0;
  // For PlzDedicatedWorker.
-  // TODO(nhiroki): Pack |fetch_client_*| into some struct like
-  // WebFetchClientSettingsObject.
+  // |fetch_client_security_origin| is intentionally separated from
+  // |fetch_client_settings_object| as it shouldn't be passed from renderer
+  // process from the security perspective.
  virtual void CreateWorkerHost(
      const blink::WebURL& script_url,
      const blink::WebSecurityOrigin& script_origin,
      network::mojom::CredentialsMode credentials_mode,
      const blink::WebSecurityOrigin& fetch_client_security_origin,
-      network::mojom::ReferrerPolicy fetch_client_referrer_policy,
-      const blink::WebURL& fetch_client_outgoing_referrer,
-      const blink::WebInsecureRequestPolicy
-          fetch_client_insecure_request_policy,
+      const blink::WebFetchClientSettingsObject& fetch_client_settings_object,
      mojo::ScopedMessagePipeHandle blob_url_token) = 0;

  // Clones the given WebWorkerFetchContext for nested workers.

--- a/third_party/blink/public/platform/web_fetch_client_settings_object.h
+++ b/third_party/blink/public/platform/web_fetch_client_settings_object.h
+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef THIRD_PARTY_BLINK_PUBLIC_PLATFORM_WEB_FETCH_CLIENT_SETTINGS_OBJECT_H_
+#define THIRD_PARTY_BLINK_PUBLIC_PLATFORM_WEB_FETCH_CLIENT_SETTINGS_OBJECT_H_
+
+#include "third_party/blink/public/mojom/loader/fetch_client_settings_object.mojom-shared.h"
+#include "third_party/blink/public/platform/web_common.h"
+#include "third_party/blink/public/platform/web_url.h"
+
+#if INSIDE_BLINK
+#include "third_party/blink/renderer/platform/loader/fetch/fetch_client_settings_object_snapshot.h"  // nogncheck
+#include "third_party/blink/renderer/platform/weborigin/kurl.h"  // nogncheck
+#endif
+
+namespace blink {
+
+// Yet another variant of FetchClientSettingsObject. Having this is unfortunate
+// but we need this struct for the interaction between blink and content until
+// Onion Soup is done.
+// Keep this struct consistent with mojom::FetchClientSettingsObject.
+struct WebFetchClientSettingsObject {
+  network::mojom::ReferrerPolicy referrer_policy;
+  WebURL outgoing_referrer;
+  mojom::InsecureRequestsPolicy insecure_requests_policy;
+
+#if INSIDE_BLINK
+  explicit WebFetchClientSettingsObject(
+      const FetchClientSettingsObjectSnapshot& snapshot)
+      : referrer_policy(snapshot.GetReferrerPolicy()),
+        outgoing_referrer(KURL(snapshot.GetOutgoingReferrer())),
+        insecure_requests_policy(
+            snapshot.GetInsecureRequestsPolicy() &
+                    blink::kUpgradeInsecureRequests
+                ? blink::mojom::InsecureRequestsPolicy::kUpgrade
+                : blink::mojom::InsecureRequestsPolicy::kDoNotUpgrade) {}
+#endif  // INSIDE_BLINK
+};
+
+}  // namespace blink
+
+#endif  // THIRD_PARTY_BLINK_PUBLIC_PLATFORM_WEB_FETCH_CLIENT_SETTINGS_OBJECT_H_
--- a/third_party/blink/renderer/core/workers/dedicated_worker.cc
+++ b/third_party/blink/renderer/core/workers/dedicated_worker.cc
@@ -15,6 +15,7 @@
 #include "third_party/blink/public/mojom/script/script_type.mojom-blink.h"
 #include "third_party/blink/public/mojom/worker/dedicated_worker_host_factory.mojom-blink.h"
 #include "third_party/blink/public/platform/web_content_settings_client.h"
+#include "third_party/blink/public/platform/web_fetch_client_settings_object.h"
 #include "third_party/blink/renderer/bindings/core/v8/serialization/post_message_helper.h"
 #include "third_party/blink/renderer/core/dom/document.h"
 #include "third_party/blink/renderer/core/events/message_event.h"
@@ -246,9 +247,7 @@ void DedicatedWorker::Start() {
        credentials_mode,
        WebSecurityOrigin(
            outside_fetch_client_settings_object_->GetSecurityOrigin()),
-        outside_fetch_client_settings_object_->GetReferrerPolicy(),
-        KURL(outside_fetch_client_settings_object_->GetOutgoingReferrer()),
-        outside_fetch_client_settings_object_->GetInsecureRequestsPolicy(),
+        WebFetchClientSettingsObject(*outside_fetch_client_settings_object_),
        blob_url_token.PassPipe());
    // Continue in OnScriptLoadStarted() or OnScriptLoadStartFailed().
    return;