Add APIs for performing WebAuthn origin security checks
This is the first of three patches to allow Web Authentication in Clank
to perform origin checks in the browser process.
This CL refactors the security checks into a separate class, and
adds content APIs that allow them to be invoked by WebAuthn request
handlers outside content. The refactor also adds a central place that
hopefully makes it easier to make changes to the security policies in
specific situations, in future.
The second CL will have the WebAuthn request handler code in Clank
internal to call these APIs.
The third will remove the security checks currently performed in the
renderer process.
Bug: 827542
Change-Id: Icf5cc4df2e02c5dee8c2211adac34e90832cae90
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2031548
Commit-Queue: Ken Buchanan <[email protected]>
Reviewed-by: Martin Kreichgauer <[email protected]>
Reviewed-by: Nasko Oskov <[email protected]>
Cr-Commit-Position: refs/heads/master@{#740183}
diff --git a/content/browser/BUILD.gn b/content/browser/BUILD.gn
index 2789ed8..dcbdd2e 100644
--- a/content/browser/BUILD.gn
+++ b/content/browser/BUILD.gn
@@ -1904,6 +1904,8 @@
"web_package/web_bundle_url_loader_factory.h",
"web_package/web_bundle_utils.cc",
"web_package/web_bundle_utils.h",
+ "webauth/webauth_request_security_checker.cc",
+ "webauth/webauth_request_security_checker.h",
"webrtc/webrtc_internals.cc",
"webrtc/webrtc_internals.h",
"webrtc/webrtc_internals_connections_observer.h",
