[CORS-RFC1918] Use response URL to compute address space.

This aligns the code computing `document.addressSpace` with what I believe should be laid out in the spec (PR to come). https://wicg.github.io/cors-rfc1918/#address-space At a high level, we want the address space to reflect where the response data actually came from. Bug: chromium:1142505 Change-Id: Ib7ba5cdca407c3c86af5b58c7c9da982dc355c72 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2460824 Commit-Queue: Titouan Rigoudy <titouan@chromium.org> Commit-Queue: Matt Menke <mmenke@chromium.org> Reviewed-by: Matt Menke <mmenke@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Auto-Submit: Titouan Rigoudy <titouan@chromium.org> Cr-Commit-Position: refs/heads/master@{#822805}

[CORS-RFC1918] Use response URL to compute address space.
This aligns the code computing `document.addressSpace` with what I believe should be laid out in the spec (PR to come). https://wicg.github.io/cors-rfc1918/#address-space At a high level, we want the address space to reflect where the response data actually came from. Bug: chromium:1142505 Change-Id: Ib7ba5cdca407c3c86af5b58c7c9da982dc355c72 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2460824 Commit-Queue: Titouan Rigoudy <titouan@chromium.org> Commit-Queue: Matt Menke <mmenke@chromium.org> Reviewed-by: Matt Menke <mmenke@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Auto-Submit: Titouan Rigoudy <titouan@chromium.org> Cr-Commit-Position: refs/heads/master@{#822805}
f95d8483 · Titouan Rigoudy · Commit Bot · ae64a6d7 · f95d8483 · f95d8483
Commit f95d8483 authored Oct 30, 2020 by Titouan Rigoudy Committed by Commit Bot Oct 30, 2020
2 changed files
--- a/services/network/public/cpp/ip_address_space_util.cc
+++ b/services/network/public/cpp/ip_address_space_util.cc
@@ -44,10 +44,25 @@ bool IsLessPublicAddressSpace(IPAddressSpace lhs, IPAddressSpace rhs) {
  return CollapseUnknown(lhs) < CollapseUnknown(rhs);
 }
+// Helper for CalculateClientAddressSpace() with the same arguments.
+//
+// If the response was fetched via service workers, returns the last URL in the
+// list. Otherwise returns |request_url|.
+//
+// See: https://fetch.spec.whatwg.org/#concept-response-url-list
+const GURL& ResponseUrl(const GURL& request_url,
+                        const mojom::URLResponseHead* response_head) {
+  if (response_head && !response_head->url_list_via_service_worker.empty()) {
+    return response_head->url_list_via_service_worker.back();
+  }
+  return request_url;
+}
 IPAddressSpace CalculateClientAddressSpace(
    const GURL& url,
    const mojom::URLResponseHead* response_head) {
-  if (url.SchemeIsFile()) {
+  if (ResponseUrl(url, response_head).SchemeIsFile()) {
    // See: https://wicg.github.io/cors-rfc1918/#file-url.
    return IPAddressSpace::kLocal;
  }

--- a/services/network/public/cpp/ip_address_space_util_unittest.cc
+++ b/services/network/public/cpp/ip_address_space_util_unittest.cc
@@ -113,6 +113,40 @@ TEST(IPAddressSpaceTest, CalculateClientAddressSpaceFileURL) {
            CalculateClientAddressSpace(GURL("file:///foo"), nullptr));
 }
+TEST(IPAddressSpaceTest,
+     CalculateIPAddressSpaceFetchedViaServiceWorkerFromFile) {
+  URLResponseHead response_head;
+  response_head.url_list_via_service_worker.emplace_back("http://bar.test");
+  response_head.url_list_via_service_worker.emplace_back("file:///foo");
+  response_head.parsed_headers = ParsedHeaders::New();
+  EXPECT_EQ(
+      IPAddressSpace::kLocal,
+      CalculateClientAddressSpace(GURL("http://foo.test"), &response_head));
+}
+TEST(IPAddressSpaceTest,
+     CalculateIPAddressSpaceFetchedViaServiceWorkerFromHttp) {
+  URLResponseHead response_head;
+  response_head.url_list_via_service_worker.emplace_back("file:///foo");
+  response_head.url_list_via_service_worker.emplace_back("http://bar.test");
+  response_head.parsed_headers = ParsedHeaders::New();
+  EXPECT_EQ(
+      IPAddressSpace::kUnknown,
+      CalculateClientAddressSpace(GURL("http://foo.test"), &response_head));
+}
+TEST(IPAddressSpaceTest,
+     CalculateIPAddressSpaceFetchedViaServiceWorkerFromHttpInsteadOfFile) {
+  URLResponseHead response_head;
+  response_head.url_list_via_service_worker.emplace_back("http://bar.test");
+  response_head.parsed_headers = ParsedHeaders::New();
+  EXPECT_EQ(IPAddressSpace::kUnknown,
+            CalculateClientAddressSpace(GURL("file:///foo"), &response_head));
+}
 TEST(IPAddressSpaceTest, CalculateClientAddressSpaceNullResponseHead) {
  EXPECT_EQ(IPAddressSpace::kUnknown,
            CalculateClientAddressSpace(GURL("http://foo.test"), nullptr));