Google Git
Sign in
chromium / chromium / src.git / 8e69047d067a317055ea88eba06271ce12bcfc6c^! / . / content / browser / BUILD.gn
commit8e69047d067a317055ea88eba06271ce12bcfc6c[log] [tgz]
authorTsuyoshi Horo <[email protected]>Wed May 29 07:43:38 2019
committerCommit Bot <[email protected]>Wed May 29 07:43:38 2019
tree509511ee04ed6ef7fa00ccf79f0b6b1643bdfc3d
parentf007b805d8e151c9ab271bd40febe44647275797 [diff] [blame]
CORB support for SXG subresource loading

This CL introduces CrossOriginReadBlockingChecker in InnerResponseURLLoader to
run the CORB check using CrossOriginReadBlocking::ResponseAnalyzer.
InnerResponseURLLoader is a URLLoader which returns a prefetched signed
exchange's inner response.

This CL also introduces the following changes in CORB related codes under
services/network/:
 - Stop using net::URLRequest in ResponseAnalyzer. Use GURL "request_url" and
   base::Optional<url::Origin> "request_initiator" instead. This is because
   InnerResponseURLLoader doesn't use net::URLRequest.
 - Stop passing ResourceResponse to SanitizeBlockedResponse(). Pass
   ResourceResponseInfo* instead. This is because InnerResponseURLLoader doesn't
   use ResourceResponse.
 - Add comments about SubresourceSignedExchangeURLLoaderFactory in
   GetTrustworthyInitiator()'s comment. This URLLoaderFactory is used to load
   prefetched subresource signed exchanges. This URLLoaderFactory is created in
   the browser process while processing the navigation to a prefetched main
   signed exchange, and is passed to the renderer process. So this
   URLLoaderFactory knows the actual initiator of the subresource requests.
   This URLLoaderFactory keeps the initiator as |request_initiator_site_lock|
   which is similar to URLLoaderFactoryParams's |request_initiator_site_lock|.

Bug: 935267,963752
Change-Id: I0f6d6ce50fb4a3436f3f3061b95151102859b9bd
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1623615
Reviewed-by: Kinuko Yasuda <[email protected]>
Reviewed-by: Kunihiko Sakamoto <[email protected]>
Reviewed-by: Ɓukasz Anforowicz <[email protected]>
Commit-Queue: Tsuyoshi Horo <[email protected]>
Cr-Commit-Position: refs/heads/master@{#664159}

diff --git a/content/browser/BUILD.gn b/content/browser/BUILD.gn
index 74760af..ce8477d 100644
--- a/content/browser/BUILD.gn
+++ b/content/browser/BUILD.gn

@@ -1123,6 +1123,8 @@
     "keyboard_lock/keyboard_lock_metrics.h",
     "keyboard_lock/keyboard_lock_service_impl.cc",
     "keyboard_lock/keyboard_lock_service_impl.h",
+    "loader/cross_origin_read_blocking_checker.cc",
+    "loader/cross_origin_read_blocking_checker.h",
     "loader/cross_site_document_resource_handler.cc",
     "loader/cross_site_document_resource_handler.h",
     "loader/data_pipe_to_source_stream.cc",