Google Git
Sign in
chromium / chromium / src.git / e4986b2043eb1f7df28c8c94b1c76ffab2c3b85e
commite4986b2043eb1f7df28c8c94b1c76ffab2c3b85e[log] [tgz]
authorLukasz Anforowicz <[email protected]>Mon Aug 27 21:32:25 2018
committerCommit Bot <[email protected]>Mon Aug 27 21:32:25 2018
treed380b7d0aa9e59737e5e19762dcc9fe18ee4032b
parentf1543d070959e45d46554c8bb616ffb60cb04427 [diff]
[reland] No CORB exception for plugins, unless Flash actually runs.

This is a reland of r585124 with an extra null check in
AddCorbExceptionForPluginOnUIThread.  Original CL description
follows below.

Overview
========

Flash has its own CORS-like mechanism (crossdomain.xml-based) and
therefore CORB (Cross-Origin Read Blocking) cannot be enforced for
requests initiated by Flash.

This CL avoids making an exception for plugins, unless the given
renderer process is actually hosting a Flash plugin (and is therefore
capable of proxying network requests on behalf of Flash).  This
means that the exception won't take place unless the user has
approved running Flash (via click-to-play / content settings /
enterprise policy - see the bug for more details).

Details
=======

This CL introduces a global set that stores process IDs of renderers
that host Flash.  This set lives either in the NetworkService process or
(if NetworkService feature is disabled) in the IO thread of the browser
process.  In both cases the global set is implemented and exposed by new
static methods of network::CrossOriginReadBlocking class.

The CL populates the global set from
PluginServiceImpl::FindOrStartPpapiPluginProcess after all the security
checks have been done and the plugin process is ready to be used or
launched.

The CL consults the global set before deciding to make a CORB exception
for a plugin request.  This is done from network::URLLoader (used if
NetworkService feature is enabled) and from
CrossSiteDocumentResourceHandler (used otherwise).

The CL removes items from the global set when RenderProcessHostImpl is
destroyed.

Bug: 874515
Cq-Include-Trybots: luci.chromium.try:linux_mojo
Change-Id: I807e2d7f47f753c9a097d2bceed22e9eef1a88f9
Tbr: Nasko Oskov <[email protected]>
Tbr: John Abd-El-Malek <[email protected]>
Reviewed-on: https://chromium-review.googlesource.com/1191324
Reviewed-by: Łukasz Anforowicz <[email protected]>
Commit-Queue: Łukasz Anforowicz <[email protected]>
Cr-Commit-Position: refs/heads/master@{#586422}
15 files changed
tree: d380b7d0aa9e59737e5e19762dcc9fe18ee4032b
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. blink/
  6. build/
  7. build_overrides/
  8. cc/
  9. chrome/
  10. chrome_elf/
  11. chromecast/
  12. chromeos/
  13. cloud_print/
  14. components/
  15. content/
  16. courgette/
  17. crypto/
  18. dbus/
  19. device/
  20. docs/
  21. extensions/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. jingle/
  31. mash/
  32. media/
  33. mojo/
  34. native_client_sdk/
  35. net/
  36. pdf/
  37. ppapi/
  38. printing/
  39. remoting/
  40. rlz/
  41. sandbox/
  42. services/
  43. skia/
  44. sql/
  45. storage/
  46. styleguide/
  47. testing/
  48. third_party/
  49. tools/
  50. ui/
  51. url/
  52. webrunner/
  53. .clang-format
  54. .eslintrc.js
  55. .git-blame-ignore-revs
  56. .gitattributes
  57. .gitignore
  58. .gn
  59. .vpython
  60. AUTHORS
  61. BUILD.gn
  62. CODE_OF_CONDUCT.md
  63. codereview.settings
  64. DEPS
  65. ENG_REVIEW_OWNERS
  66. LICENSE
  67. LICENSE.chromium_os
  68. OWNERS
  69. PRESUBMIT.py
  70. PRESUBMIT_test.py
  71. PRESUBMIT_test_mocks.py
  72. README.md
  73. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .