Validate sender in terminal private api browser code
See the bugs for why we are doing this. Notes: * `tab_id` is removed. `TerminalPrivateAckOutputFunction::Run()` used to use `tab_id` to figure out whether it should actually acknowledge the output on the process --- it should only do so if the sender owns the terminal id. Now that we store the terminal id in the web contents, we don't need it anymore. * We change the signature of api `ackOutput`. It is not going to break anything because only `.../externs/terminal_private.js`, which is also updated in this CL, but not "libapps" is supposed to call it. * Potentially, we should kill the renderer if the validation fails, but we cannot do it for now because libapps might send a invalid ID before it receives a valid one. * `SetLastActiveTerminal()` is used for setting the CWD for a new terminal, but due to a bug, it has been effectively disabled. We don't want this CL to change the CWD behavior so we explicitly disable it here. We will soon have a follow up CL to deal with the CWD feature. Also see https://crbug.com/1113207. Fixed: 1145053, 1144625 Test: new browser tests, and manual tests Change-Id: I0f39c544a28e23df3aeefe98b626c2b94b973af7 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2519182Reviewed-by:Ben Wells <benwells@chromium.org> Reviewed-by:
Joel Hockey <joelhockey@chromium.org> Reviewed-by:
Mike Frysinger <vapier@chromium.org> Commit-Queue: Jason Lin <lxj@google.com> Cr-Commit-Position: refs/heads/master@{#825779}
Showing
This diff is collapsed.
Please register or sign in to comment