diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2023-02-13 14:51:50 +0100 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2023-02-14 11:16:32 +0000 |
| commit | 6f9ba85ba9e84eb225ab8d4a6f0cb99e5dc61563 (patch) | |
| tree | c2c5da74223f544b0e28d372138288b1bffc045d /chromium/content | |
| parent | 01e89433adf2d5575b2089716217299519a9ce15 (diff) | |
| download | qtwebengine-chromium-6f9ba85ba9e84eb225ab8d4a6f0cb99e5dc61563.tar.gz | |
BASELINE: Update Chromium to 108.0.5359.220
Change-Id: Ibfd5669271969a41c1e74a55be1ffcd5d32c8e98
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/460143
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
Diffstat (limited to 'chromium/content')
6 files changed, 95 insertions, 21 deletions
diff --git a/chromium/content/browser/BUILD.gn b/chromium/content/browser/BUILD.gn index 18328bedfdd..a73daeeb4b6 100644 --- a/chromium/content/browser/BUILD.gn +++ b/chromium/content/browser/BUILD.gn @@ -910,6 +910,8 @@ source_set("browser") { "file_system/file_system_manager_impl.h", "file_system/file_system_url_loader_factory.cc", "file_system/file_system_url_loader_factory.h", + "file_system_access/features.cc", + "file_system_access/features.h", "file_system_access/file_system_access_access_handle_host_impl.cc", "file_system_access/file_system_access_access_handle_host_impl.h", "file_system_access/file_system_access_capacity_allocation_host_impl.cc", diff --git a/chromium/content/browser/file_system_access/features.cc b/chromium/content/browser/file_system_access/features.cc new file mode 100644 index 00000000000..384a4ff49d1 --- /dev/null +++ b/chromium/content/browser/file_system_access/features.cc @@ -0,0 +1,19 @@ +// Copyright 2022 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "content/browser/file_system_access/features.h" + +#include "base/feature_list.h" + +namespace content::features { + +// TODO(crbug.com/1370433): Remove this flag eventually. +// When enabled, drag-and-dropped files and directories will be checked against +// the File System Access blocklist. This feature was disabled since it broke +// some applications. +BASE_FEATURE(kFileSystemAccessDragAndDropCheckBlocklist, + "FileSystemAccessDragAndDropCheckBlocklist", + base::FEATURE_DISABLED_BY_DEFAULT); + +} // namespace content::features diff --git a/chromium/content/browser/file_system_access/features.h b/chromium/content/browser/file_system_access/features.h new file mode 100644 index 00000000000..026f9492586 --- /dev/null +++ b/chromium/content/browser/file_system_access/features.h @@ -0,0 +1,21 @@ +// Copyright 2022 The Chromium Authors +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CONTENT_BROWSER_FILE_SYSTEM_ACCESS_FEATURES_H_ +#define CONTENT_BROWSER_FILE_SYSTEM_ACCESS_FEATURES_H_ + +#include "base/feature_list.h" +#include "content/common/content_export.h" + +namespace content::features { + +// All features in alphabetical order. The features should be documented +// alongside the definition of their values in the .cc file. + +// Alphabetical: +CONTENT_EXPORT BASE_DECLARE_FEATURE(kFileSystemAccessDragAndDropCheckBlocklist); + +} // namespace content::features + +#endif // CONTENT_BROWSER_FILE_SYSTEM_ACCESS_FEATURES_H_ diff --git a/chromium/content/browser/file_system_access/file_system_access_manager_impl.cc b/chromium/content/browser/file_system_access/file_system_access_manager_impl.cc index 7d22621483e..7e97507200d 100644 --- a/chromium/content/browser/file_system_access/file_system_access_manager_impl.cc +++ b/chromium/content/browser/file_system_access/file_system_access_manager_impl.cc @@ -26,6 +26,7 @@ #include "build/build_config.h" #include "components/services/storage/public/cpp/buckets/bucket_id.h" #include "components/services/storage/public/cpp/buckets/bucket_locator.h" +#include "content/browser/file_system_access/features.h" #include "content/browser/file_system_access/file_system_access.pb.h" #include "content/browser/file_system_access/file_system_access_access_handle_host_impl.h" #include "content/browser/file_system_access/file_system_access_data_transfer_token_impl.h" @@ -675,7 +676,9 @@ void FileSystemAccessManagerImpl::ResolveDataTransferTokenWithFileType( HandleType file_type) { DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); - if (!permission_context_) { + if (!permission_context_ || + !base::FeatureList::IsEnabled( + features::kFileSystemAccessDragAndDropCheckBlocklist)) { DidVerifySensitiveDirectoryAccessForDataTransfer( binding_context, file_path, url, file_type, std::move(token_resolved_callback), SensitiveEntryResult::kAllowed); diff --git a/chromium/content/browser/file_system_access/file_system_access_manager_impl_unittest.cc b/chromium/content/browser/file_system_access/file_system_access_manager_impl_unittest.cc index 3a637514c87..767307d3f18 100644 --- a/chromium/content/browser/file_system_access/file_system_access_manager_impl_unittest.cc +++ b/chromium/content/browser/file_system_access/file_system_access_manager_impl_unittest.cc @@ -9,6 +9,7 @@ #include <vector> #include "base/callback_helpers.h" +#include "base/feature_list.h" #include "base/files/file_util.h" #include "base/files/scoped_temp_dir.h" #include "base/guid.h" @@ -23,6 +24,7 @@ #include "components/services/storage/public/cpp/buckets/bucket_id.h" #include "components/services/storage/public/cpp/buckets/bucket_locator.h" #include "components/services/storage/public/cpp/buckets/constants.h" +#include "content/browser/file_system_access/features.h" #include "content/browser/file_system_access/file_system_access_data_transfer_token_impl.h" #include "content/browser/file_system_access/file_system_access_directory_handle_impl.h" #include "content/browser/file_system_access/file_system_access_file_handle_impl.h" @@ -247,16 +249,19 @@ class FileSystemAccessManagerImplTest : public testing::Test { path_type, file_path, kBindingContext.process_id(), token_remote.InitWithNewPipeAndPassReceiver()); - EXPECT_CALL( - permission_context_, - ConfirmSensitiveEntryAccess_( - kTestStorageKey.origin(), - FileSystemAccessPermissionContext::PathType::kLocal, file_path, - FileSystemAccessPermissionContext::HandleType::kFile, - FileSystemAccessPermissionContext::UserAction::kDragAndDrop, - kFrameId, testing::_)) - .WillOnce(RunOnceCallback<6>( - FileSystemAccessPermissionContext::SensitiveEntryResult::kAllowed)); + if (base::FeatureList::IsEnabled( + features::kFileSystemAccessDragAndDropCheckBlocklist)) { + EXPECT_CALL( + permission_context_, + ConfirmSensitiveEntryAccess_( + kTestStorageKey.origin(), + FileSystemAccessPermissionContext::PathType::kLocal, file_path, + FileSystemAccessPermissionContext::HandleType::kFile, + FileSystemAccessPermissionContext::UserAction::kDragAndDrop, + kFrameId, testing::_)) + .WillOnce(RunOnceCallback<6>(FileSystemAccessPermissionContext:: + SensitiveEntryResult::kAllowed)); + } // Expect permission requests when the token is sent to be redeemed. EXPECT_CALL( @@ -305,16 +310,19 @@ class FileSystemAccessManagerImplTest : public testing::Test { path_type, dir_path, kBindingContext.process_id(), token_remote.InitWithNewPipeAndPassReceiver()); - EXPECT_CALL( - permission_context_, - ConfirmSensitiveEntryAccess_( - kTestStorageKey.origin(), - FileSystemAccessPermissionContext::PathType::kLocal, dir_path, - FileSystemAccessPermissionContext::HandleType::kDirectory, - FileSystemAccessPermissionContext::UserAction::kDragAndDrop, - kFrameId, testing::_)) - .WillOnce(RunOnceCallback<6>( - FileSystemAccessPermissionContext::SensitiveEntryResult::kAllowed)); + if (base::FeatureList::IsEnabled( + features::kFileSystemAccessDragAndDropCheckBlocklist)) { + EXPECT_CALL( + permission_context_, + ConfirmSensitiveEntryAccess_( + kTestStorageKey.origin(), + FileSystemAccessPermissionContext::PathType::kLocal, dir_path, + FileSystemAccessPermissionContext::HandleType::kDirectory, + FileSystemAccessPermissionContext::UserAction::kDragAndDrop, + kFrameId, testing::_)) + .WillOnce(RunOnceCallback<6>(FileSystemAccessPermissionContext:: + SensitiveEntryResult::kAllowed)); + } // Expect permission requests when the token is sent to be redeemed. EXPECT_CALL( @@ -1285,6 +1293,11 @@ TEST_F(FileSystemAccessManagerImplTest, TEST_F(FileSystemAccessManagerImplTest, GetEntryFromDataTransferToken_File_SensitivePath) { + if (!base::FeatureList::IsEnabled( + features::kFileSystemAccessDragAndDropCheckBlocklist)) { + return; + } + base::FilePath file_path = dir_.GetPath().AppendASCII("mr_file"); ASSERT_TRUE(base::CreateTemporaryFile(&file_path)); @@ -1320,6 +1333,11 @@ TEST_F(FileSystemAccessManagerImplTest, TEST_F(FileSystemAccessManagerImplTest, GetEntryFromDataTransferToken_Directory_SensitivePath) { + if (!base::FeatureList::IsEnabled( + features::kFileSystemAccessDragAndDropCheckBlocklist)) { + return; + } + const base::FilePath& kDirPath = dir_.GetPath().AppendASCII("mr_directory"); ASSERT_TRUE(base::CreateDirectory(kDirPath)); diff --git a/chromium/content/browser/service_worker/service_worker_version_browsertest.cc b/chromium/content/browser/service_worker/service_worker_version_browsertest.cc index ffb2447e340..5e1aeaa11cc 100644 --- a/chromium/content/browser/service_worker/service_worker_version_browsertest.cc +++ b/chromium/content/browser/service_worker/service_worker_version_browsertest.cc @@ -965,6 +965,17 @@ IN_PROC_BROWSER_TEST_F(ServiceWorkerVersionBrowserTest, version_->fetch_handler_type()); } +IN_PROC_BROWSER_TEST_F(ServiceWorkerVersionBrowserTest, + NonFunctionFetchHandler) { + StartServerAndNavigateToSetup(); + ASSERT_EQ(Install("/service_worker/non_function_fetch_event.js"), + blink::ServiceWorkerStatusCode::kOk); + EXPECT_EQ(ServiceWorkerVersion::FetchHandlerExistence::EXISTS, + version_->fetch_handler_existence()); + EXPECT_EQ(ServiceWorkerVersion::FetchHandlerType::kNotSkippable, + version_->fetch_handler_type()); +} + // Check that fetch event handler added in the install event should result in a // service worker that doesn't count as having a fetch event handler. IN_PROC_BROWSER_TEST_F(ServiceWorkerVersionBrowserTest, |