diff options
author | Jack Hsieh <chengweih@chromium.org> | 2023-03-15 01:03:48 +0000 |
---|---|---|
committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2023-05-15 11:36:43 +0000 |
commit | 34482ee5da826627131767d907800f6f4a2f0a36 (patch) | |
tree | 170c6b6ccef36c4b29942be9fc3b7569e427b572 | |
parent | 80a4577e2a50dbc181204a4352a2488a9d1ec657 (diff) | |
download | qtwebengine-chromium-34482ee5da826627131767d907800f6f4a2f0a36.tar.gz |
[Backport] CVE-2023-2462: Inappropriate implementation in Prompts (10/10)108-based
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4337726:
hid: Handle opaque top level origin in addedEventListener
In navigator.hid.addEventListener, throw an exception if the request
is coming from a context whose top level frame has an opaque origin.
Bug: 1375133
Change-Id: I43d3c59eb4715d5c1b970d6f466a256c580582d6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4337726
Commit-Queue: Jack Hsieh <chengweih@chromium.org>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1117306}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/476784
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
-rw-r--r-- | chromium/third_party/blink/renderer/modules/hid/hid.cc | 43 |
1 files changed, 25 insertions, 18 deletions
diff --git a/chromium/third_party/blink/renderer/modules/hid/hid.cc b/chromium/third_party/blink/renderer/modules/hid/hid.cc index 92543c029fd..47a00ea42c5 100644 --- a/chromium/third_party/blink/renderer/modules/hid/hid.cc +++ b/chromium/third_party/blink/renderer/modules/hid/hid.cc @@ -37,10 +37,12 @@ const char kFeaturePolicyBlocked[] = // returns false to indicate the call should be allowed. bool ShouldBlockHidServiceCall(LocalDOMWindow* window, ExecutionContext* context, - ExceptionState& exception_state) { + ExceptionState* exception_state) { if (!context) { - exception_state.ThrowDOMException(DOMExceptionCode::kNotSupportedError, - kContextGone); + if (exception_state) { + exception_state->ThrowDOMException(DOMExceptionCode::kNotSupportedError, + kContextGone); + } return true; } @@ -52,18 +54,25 @@ bool ShouldBlockHidServiceCall(LocalDOMWindow* window, window ? window->GetFrame()->Top()->GetSecurityContext()->GetSecurityOrigin() : context->GetSecurityOrigin(); - if (security_origin->IsOpaque()) { - exception_state.ThrowSecurityError( - "Access to the WebHID API is denied from contexts where the top-level " - "document has an opaque origin."); - } else if (!context->IsFeatureEnabled( - mojom::blink::PermissionsPolicyFeature::kHid, - ReportOptions::kReportOnFailure)) { - exception_state.ThrowSecurityError(kFeaturePolicyBlocked); + if (exception_state) { + exception_state->ThrowSecurityError( + "Access to the WebHID API is denied from contexts where the " + "top-level " + "document has an opaque origin."); + } + return true; } - return exception_state.HadException(); + if (!context->IsFeatureEnabled(mojom::blink::PermissionsPolicyFeature::kHid, + ReportOptions::kReportOnFailure)) { + if (exception_state) { + exception_state->ThrowSecurityError(kFeaturePolicyBlocked); + } + return true; + } + + return false; } void RejectWithTypeError(const String& message, @@ -124,10 +133,8 @@ void HID::AddedEventListener(const AtomicString& event_type, return; } - auto* context = GetExecutionContext(); - if (!context || - !context->IsFeatureEnabled(mojom::blink::PermissionsPolicyFeature::kHid, - ReportOptions::kDoNotReport)) { + if (ShouldBlockHidServiceCall(GetSupplementable()->DomWindow(), + GetExecutionContext(), nullptr)) { return; } @@ -163,7 +170,7 @@ void HID::DeviceChanged(device::mojom::blink::HidDeviceInfoPtr device_info) { ScriptPromise HID::getDevices(ScriptState* script_state, ExceptionState& exception_state) { if (ShouldBlockHidServiceCall(GetSupplementable()->DomWindow(), - GetExecutionContext(), exception_state)) { + GetExecutionContext(), &exception_state)) { return ScriptPromise(); } @@ -189,7 +196,7 @@ ScriptPromise HID::requestDevice(ScriptState* script_state, } if (ShouldBlockHidServiceCall(window, GetExecutionContext(), - exception_state)) { + &exception_state)) { return ScriptPromise(); } |