|request_initiator_site_lock| enforcement - attempt #1.

This CL starts treating |request_initiator| that doesn't match |request_initiator_site_lock| as a bad IPC message and ignoring such malformed resource requests. NetworkService.URLLoader.RequestInitiatorOriginLockCompatibility UMA is non-zero in recent Canary releases. We expect that this CL will get reverted after gathering sufficient number of DumpWithoutCrashing reports to understand why the lock doesn't match the initiator in some real world scenarios. Bug: 920634 Change-Id: I509ebade1d64e5c5243150df8c3f5184273cf8ac Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1661114 Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#717031}

|request_initiator_site_lock| enforcement - attempt #1.
This CL starts treating |request_initiator| that doesn't match |request_initiator_site_lock| as a bad IPC message and ignoring such malformed resource requests. NetworkService.URLLoader.RequestInitiatorOriginLockCompatibility UMA is non-zero in recent Canary releases. We expect that this CL will get reverted after gathering sufficient number of DumpWithoutCrashing reports to understand why the lock doesn't match the initiator in some real world scenarios. Bug: 920634 Change-Id: I509ebade1d64e5c5243150df8c3f5184273cf8ac Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1661114 Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> Cr-Commit-Position: refs/heads/master@{#717031}
f0f00c0c · Lukasz Anforowicz · Commit Bot · fdc3ad9d · f0f00c0c · f0f00c0c
Commit f0f00c0c authored Nov 20, 2019 by Lukasz Anforowicz Committed by Commit Bot Nov 20, 2019
3 changed files
--- a/services/network/cors/cors_url_loader_factory.cc
+++ b/services/network/cors/cors_url_loader_factory.cc
@@ -235,9 +235,12 @@ bool CorsURLLoaderFactory::IsSane(const NetworkContext* context,
    case InitiatorLockCompatibility::kIncorrectLock:
      // Requests from the renderer need to always specify a correct initiator.
      NOTREACHED();
-      // TODO(lukasza): https://crbug.com/920634: Report bad message and return
+      debug::ScopedOriginCrashKey initiator_lock_crash_key(
-      // false below.
+          debug::GetRequestInitiatorSiteLockCrashKey(),
-      break;
+          request_initiator_site_lock_);
+      mojo::ReportBadMessage(
+          "CorsURLLoaderFactory: lock VS initiator mismatch");
+      return false;
  }
  if (context) {

--- a/services/network/crash_keys.cc
+++ b/services/network/crash_keys.cc
@@ -28,6 +28,12 @@ base::debug::CrashKeyString* GetRequestInitiatorCrashKey() {
 }  // namespace
+base::debug::CrashKeyString* GetRequestInitiatorSiteLockCrashKey() {
+  static auto* crash_key = base::debug::AllocateCrashKeyString(
+      "request_initiator_site_lock", base::debug::CrashKeySize::Size64);
+  return crash_key;
+}
 ScopedOriginCrashKey::ScopedOriginCrashKey(
    base::debug::CrashKeyString* crash_key,
    const base::Optional<url::Origin>& value)

--- a/services/network/crash_keys.h
+++ b/services/network/crash_keys.h
@@ -15,6 +15,8 @@ struct ResourceRequest;
 namespace debug {
+base::debug::CrashKeyString* GetRequestInitiatorSiteLockCrashKey();
 class ScopedOriginCrashKey : public base::debug::ScopedCrashKeyString {
 public:
  ScopedOriginCrashKey(base::debug::CrashKeyString* crash_key,