Commit fbfd83be authored by Yifan Luo's avatar Yifan Luo Committed by Commit Bot

expose `destination` value on `Request` objects.

Currently, frame is detected as iframe in `destination` which will be fixed in https://bugs.chromium.org/p/chromium/issues/detail?id=1019716.

Bug: 1011724
Change-Id: I722bcbccac3bfc914844711fb6feb1e21f859a6f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1886863Reviewed-by: default avatarKinuko Yasuda <kinuko@chromium.org>
Reviewed-by: default avatarMike West <mkwst@chromium.org>
Commit-Queue: Yifan Luo <lyf@google.com>
Cr-Commit-Position: refs/heads/master@{#712500}
parent c2ef32b4
...@@ -1209,7 +1209,7 @@ IN_PROC_BROWSER_TEST_F(NavigationRequestBrowserTest, ...@@ -1209,7 +1209,7 @@ IN_PROC_BROWSER_TEST_F(NavigationRequestBrowserTest,
EXPECT_EQ(2, installer.install_count()); EXPECT_EQ(2, installer.install_count());
EXPECT_EQ(b_url, url_recorder.urls().back()); EXPECT_EQ(b_url, url_recorder.urls().back());
EXPECT_EQ(2ul, url_recorder.urls().size()); EXPECT_EQ(2ul, url_recorder.urls().size());
EXPECT_EQ(blink::mojom::RequestContextType::LOCATION, EXPECT_EQ(blink::mojom::RequestContextType::IFRAME,
installer.navigation_throttle()->request_context_type()); installer.navigation_throttle()->request_context_type());
// Ditto for frame c navigation. // Ditto for frame c navigation.
...@@ -1218,7 +1218,7 @@ IN_PROC_BROWSER_TEST_F(NavigationRequestBrowserTest, ...@@ -1218,7 +1218,7 @@ IN_PROC_BROWSER_TEST_F(NavigationRequestBrowserTest,
EXPECT_EQ(3, installer.install_count()); EXPECT_EQ(3, installer.install_count());
EXPECT_EQ(c_url, url_recorder.urls().back()); EXPECT_EQ(c_url, url_recorder.urls().back());
EXPECT_EQ(3ul, url_recorder.urls().size()); EXPECT_EQ(3ul, url_recorder.urls().size());
EXPECT_EQ(blink::mojom::RequestContextType::LOCATION, EXPECT_EQ(blink::mojom::RequestContextType::IFRAME,
installer.navigation_throttle()->request_context_type()); installer.navigation_throttle()->request_context_type());
// Lets the final navigation finish so that we conclude running the // Lets the final navigation finish so that we conclude running the
......
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
typedef (Request or USVString) RequestInfo; typedef (Request or USVString) RequestInfo;
enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "image", "manifest", "object", "paintworklet", "report", enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "frame", "iframe", "image", "manifest", "object", "paintworklet", "report",
"script", "sharedworker", "style", "track", "video", "worker", "xslt" }; "script", "sharedworker", "style", "track", "video", "worker", "xslt" };
enum RequestMode { "navigate", "same-origin", "no-cors", "cors" }; enum RequestMode { "navigate", "same-origin", "no-cors", "cors" };
enum RequestCredentials { "omit", "same-origin", "include" }; enum RequestCredentials { "omit", "same-origin", "include" };
......
...@@ -662,8 +662,15 @@ void FrameLoader::StartNavigation(const FrameLoadRequest& passed_request, ...@@ -662,8 +662,15 @@ void FrameLoader::StartNavigation(const FrameLoadRequest& passed_request,
WebNavigationType navigation_type = DetermineNavigationType( WebNavigationType navigation_type = DetermineNavigationType(
frame_load_type, resource_request.HttpBody() || request.Form(), frame_load_type, resource_request.HttpBody() || request.Form(),
request.GetTriggeringEventInfo() != TriggeringEventInfo::kNotFromEvent); request.GetTriggeringEventInfo() != TriggeringEventInfo::kNotFromEvent);
resource_request.SetRequestContext( mojom::RequestContextType request_context_type =
DetermineRequestContextFromNavigationType(navigation_type)); DetermineRequestContextFromNavigationType(navigation_type);
// TODO(lyf): handle `frame` context type. https://crbug.com/1019716
if (mojom::RequestContextType::LOCATION == request_context_type &&
!frame_->IsMainFrame()) {
request_context_type = mojom::RequestContextType::IFRAME;
}
resource_request.SetRequestContext(request_context_type);
request.SetFrameType(frame_->IsMainFrame() request.SetFrameType(frame_->IsMainFrame()
? network::mojom::RequestContextFrameType::kTopLevel ? network::mojom::RequestContextFrameType::kTopLevel
: network::mojom::RequestContextFrameType::kNested); : network::mojom::RequestContextFrameType::kNested);
......
This is a testharness.js-based test.
PASS Initialize global state
FAIL frame fetches with a "frame" Request.destination assert_unreached: Wrong destination. Reached unreachable code
Harness: the test ran to completion.
<!DOCTYPE html>
<title>Fetch destination tests for resources with no load event</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
<script>
let frame;
const kScope = 'resources/dummy.html?dest=frame';
// Set up the service worker and the frame.
promise_test(t => {
const kScript = 'resources/fetch-destination-worker-frame.js';
return service_worker_unregister_and_register(t, kScript, kScope)
.then(registration => {
add_completion_callback(() => {
registration.unregister();
});
return wait_for_state(t, registration.installing, 'activated');
});
}, 'Initialize global state');
var waitOnMessageFromSW = async t => {
await new Promise((resolve, reject) => {
navigator.serviceWorker.onmessage = t.step_func(event => {
if (event.data == "PASS") {
resolve();
} else {
reject();
}
});
}).catch(() => {;
assert_unreached("Wrong destination.");
});
t.add_cleanup(() => { frame.contentWindow.navigator.serviceWorker.onmessage = null; });
}
// Document destination
///////////////////////
promise_test(async t => {
var f = document.createElement('frame');
frame = f;
f.className = 'test-frame';
f.src = kScope;
document.body.appendChild(f);
await waitOnMessageFromSW(t);
add_completion_callback(() => { f.remove(); });
}, 'frame fetches with a "frame" Request.destination');
</script>
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script> <script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
<script> <script>
let frame; let frame;
const kScope = 'resources/dummy.html?dest=document'; const kScope = 'resources/dummy.html?dest=iframe';
// Set up the service worker and the frame. // Set up the service worker and the frame.
promise_test(t => { promise_test(t => {
...@@ -46,6 +46,6 @@ promise_test(async t => { ...@@ -46,6 +46,6 @@ promise_test(async t => {
document.body.appendChild(f); document.body.appendChild(f);
await waitOnMessageFromSW(t); await waitOnMessageFromSW(t);
add_completion_callback(() => { f.remove(); }); add_completion_callback(() => { f.remove(); });
}, 'iframe fetches with a "document" Request.destination'); }, 'iframe fetches with a "iframe" Request.destination');
</script> </script>
self.addEventListener('fetch', function(event) {
if (event.request.url.includes('dummy')) {
event.waitUntil(async function() {
let destination = new URL(event.request.url).searchParams.get("dest");
let clients = await self.clients.matchAll({"includeUncontrolled": true});
clients.forEach(function(client) {
if (client.url.includes("fetch-destination-frame")) {
if (event.request.destination == destination) {
client.postMessage("PASS");
} else {
client.postMessage("FAIL");
}
}
})
}());
}
event.respondWith(fetch(event.request));
});
...@@ -70,7 +70,7 @@ dictionary RequestInit { ...@@ -70,7 +70,7 @@ dictionary RequestInit {
any window; // can only be set to null any window; // can only be set to null
}; };
enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "image", "manifest", "object", "paintworklet", "report", "script", "sharedworker", "style", "track", "video", "worker", "xslt" }; enum RequestDestination { "", "audio", "audioworklet", "document", "embed", "font", "frame", "iframe", "image", "manifest", "object", "paintworklet", "report", "script", "sharedworker", "style", "track", "video", "worker", "xslt" };
enum RequestMode { "navigate", "same-origin", "no-cors", "cors" }; enum RequestMode { "navigate", "same-origin", "no-cors", "cors" };
enum RequestCredentials { "omit", "same-origin", "include" }; enum RequestCredentials { "omit", "same-origin", "include" };
enum RequestCache { "default", "no-store", "reload", "no-cache", "force-cache", "only-if-cached" }; enum RequestCache { "default", "no-store", "reload", "no-cache", "force-cache", "only-if-cached" };
......
CONSOLE ERROR: line 1: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-data-url-frame-with-frame.html' was loaded over HTTPS, but requested an insecure resource 'http://example.test:8080/security/mixedContent/resources/boring.html'. This request has been blocked; the content must be served over HTTPS. CONSOLE ERROR: line 1: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-data-url-frame-with-frame.html' was loaded over HTTPS, but requested an insecure frame 'http://example.test:8080/security/mixedContent/resources/boring.html'. This request has been blocked; the content must be served over HTTPS.
This test opens a window that loads a data: iframe that loads an insecure frame, and that the frame is still blocked. This test opens a window that loads a data: iframe that loads an insecure frame, and that the frame is still blocked.
CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-frame.html' was loaded over HTTPS, but requested an insecure resource 'http://example.test:8080/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS. CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-frame.html' was loaded over HTTPS, but requested an insecure frame 'http://example.test:8080/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS.
This test loads a secure iframe that loads an insecure iframe. We should get a mixed content callback becase the child frame is HTTPS. This test loads a secure iframe that loads an insecure iframe. We should get a mixed content callback becase the child frame is HTTPS.
CONSOLE WARNING: line 9: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-iframe.html' was loaded over HTTPS, but requested an insecure resource 'http://example.test:8080/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS. CONSOLE WARNING: line 9: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-iframe.html' was loaded over HTTPS, but requested an insecure frame 'http://example.test:8080/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS.
This test opens a window that loads an insecure iframe. We should trigger a mixed content callback even though we've set the preference to block this, because we've overriden the preference via a web permission client callback. This test opens a window that loads an insecure iframe. We should trigger a mixed content callback even though we've set the preference to block this, because we've overriden the preference via a web permission client callback.
CONSOLE ERROR: line 9: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-iframe.html' was loaded over HTTPS, but requested an insecure resource 'http://example.test:8080/security/mixedContent/resources/boring.html'. This request has been blocked; the content must be served over HTTPS. CONSOLE ERROR: line 9: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-iframe.html' was loaded over HTTPS, but requested an insecure frame 'http://example.test:8080/security/mixedContent/resources/boring.html'. This request has been blocked; the content must be served over HTTPS.
This test opens a window that loads an insecure iframe. We should not trigger a mixed content callback even though the main frame in the window is HTTPS and is displaying insecure content, because we've set the preference to block this. This test opens a window that loads an insecure iframe. We should not trigger a mixed content callback even though the main frame in the window is HTTPS and is displaying insecure content, because we've set the preference to block this.
CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-frame.html' was loaded over HTTPS, but requested an insecure resource 'http://example.test:8080/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS. CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-frame.html' was loaded over HTTPS, but requested an insecure frame 'http://example.test:8080/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS.
This test opens a window that loads an insecure iframe. We should trigger a mixed content callback because the main frame in the window is HTTPS but is running insecure content. This test opens a window that loads an insecure iframe. We should trigger a mixed content callback because the main frame in the window is HTTPS but is running insecure content.
============== Back Forward List ============== ============== Back Forward List ==============
......
...@@ -5,7 +5,7 @@ main frame - didFinishLoadForFrame ...@@ -5,7 +5,7 @@ main frame - didFinishLoadForFrame
frame "<!--framePath //<!--frame0-->-->" - didReceiveTitle: frame "<!--framePath //<!--frame0-->-->" - didReceiveTitle:
frame "<!--framePath //<!--frame0-->-->" - BeginNavigation request to 'http://hsts-example.test:8443/security/resources/hsts.php', http method GET frame "<!--framePath //<!--frame0-->-->" - BeginNavigation request to 'http://hsts-example.test:8443/security/resources/hsts.php', http method GET
frame "<!--framePath //<!--frame0-->-->" - DidStartNavigation frame "<!--framePath //<!--frame0-->-->" - DidStartNavigation
CONSOLE ERROR: line 18: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/insecure-iframe-with-hsts.https.html' was loaded over HTTPS, but requested an insecure resource 'http://hsts-example.test:8443/security/resources/hsts.php'. This request has been blocked; the content must be served over HTTPS. CONSOLE ERROR: line 18: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/insecure-iframe-with-hsts.https.html' was loaded over HTTPS, but requested an insecure frame 'http://hsts-example.test:8443/security/resources/hsts.php'. This request has been blocked; the content must be served over HTTPS.
frame "<!--framePath //<!--frame0-->-->" - didFailProvisionalLoadWithError frame "<!--framePath //<!--frame0-->-->" - didFailProvisionalLoadWithError
This is a testharness.js-based test. This is a testharness.js-based test.
PASS HSTS does not bypass MIX. PASS HSTS does not bypass MIX.
......
CONSOLE WARNING: line 16: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/nonwebby-scheme-in-iframe-allowed.https.html' was loaded over HTTPS, but requested an insecure resource 'nonwebbyscheme://this-will-fail-but-no-mixed-content-error-should-appear'. This content should also be served over HTTPS. CONSOLE WARNING: line 16: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/nonwebby-scheme-in-iframe-allowed.https.html' was loaded over HTTPS, but requested an insecure frame 'nonwebbyscheme://this-will-fail-but-no-mixed-content-error-should-appear'. This content should also be served over HTTPS.
This tests that non-webby URLs are not blocked as mixed content. The test passes if a mixed content warning is displayed and the load proceeds. The test fails if a mixed content error is displayed, and the load is blocked. This tests that non-webby URLs are not blocked as mixed content. The test passes if a mixed content warning is displayed and the load proceeds. The test fails if a mixed content error is displayed, and the load is blocked.
-------- --------
......
CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-frame.html' was loaded over HTTPS, but requested an insecure resource 'http://example.test:8080/security/resources/redir.php?url=https://127.0.0.1:8443/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS. CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-frame.html' was loaded over HTTPS, but requested an insecure frame 'http://example.test:8080/security/resources/redir.php?url=https://127.0.0.1:8443/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS.
This test opens a window that loads an insecure iframe (via a tricky redirect). We should trigger a mixed content callback because the main frame in the window is HTTPS but is running content that can be controlled by an active network attacker. This test opens a window that loads an insecure iframe (via a tricky redirect). We should trigger a mixed content callback because the main frame in the window is HTTPS but is running content that can be controlled by an active network attacker.
CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-frame.html' was loaded over HTTPS, but requested an insecure resource 'http://example.test:8080/security/resources/redir.php?url=https://127.0.0.1:8443/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS. CONSOLE WARNING: line 8: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-http-to-https-frame.html' was loaded over HTTPS, but requested an insecure frame 'http://example.test:8080/security/resources/redir.php?url=https://127.0.0.1:8443/security/mixedContent/resources/boring.html'. This content should also be served over HTTPS.
This test opens a window that loads an insecure iframe (via a tricky redirect). We should trigger a mixed content callback because the main frame in the window is HTTPS but is running content that can be controlled by an active network attacker. This test opens a window that loads an insecure iframe (via a tricky redirect). We should trigger a mixed content callback because the main frame in the window is HTTPS but is running content that can be controlled by an active network attacker.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment