diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2021-03-12 09:13:00 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2021-03-16 09:58:26 +0000 |
commit | 03561cae90f1d99b5c54b1ef3be69f10e882b25e (patch) | |
tree | cc5f0958e823c044e7ae51cc0117fe51432abe5e /chromium/net/url_request | |
parent | fa98118a45f7e169f8846086dc2c22c49a8ba310 (diff) | |
download | qtwebengine-chromium-03561cae90f1d99b5c54b1ef3be69f10e882b25e.tar.gz |
BASELINE: Update Chromium to 88.0.4324.208
Change-Id: I3ae87d23e4eff4b4a469685658740a213600c667
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'chromium/net/url_request')
-rw-r--r-- | chromium/net/url_request/report_sender.cc | 5 | ||||
-rw-r--r-- | chromium/net/url_request/report_sender.h | 5 | ||||
-rw-r--r-- | chromium/net/url_request/report_sender_unittest.cc | 26 | ||||
-rw-r--r-- | chromium/net/url_request/url_fetcher_core.cc | 2 | ||||
-rw-r--r-- | chromium/net/url_request/url_request.cc | 2 | ||||
-rw-r--r-- | chromium/net/url_request/url_request.h | 7 | ||||
-rw-r--r-- | chromium/net/url_request/url_request_context_builder_unittest.cc | 2 | ||||
-rw-r--r-- | chromium/net/url_request/url_request_http_job.cc | 45 | ||||
-rw-r--r-- | chromium/net/url_request/url_request_http_job_unittest.cc | 18 | ||||
-rw-r--r-- | chromium/net/url_request/url_request_quic_unittest.cc | 8 | ||||
-rw-r--r-- | chromium/net/url_request/url_request_unittest.cc | 178 |
11 files changed, 226 insertions, 72 deletions
diff --git a/chromium/net/url_request/report_sender.cc b/chromium/net/url_request/report_sender.cc index 1a040063acb..269658b6314 100644 --- a/chromium/net/url_request/report_sender.cc +++ b/chromium/net/url_request/report_sender.cc @@ -7,6 +7,7 @@ #include <utility> #include "net/base/elements_upload_data_stream.h" +#include "net/base/isolation_info.h" #include "net/base/load_flags.h" #include "net/base/request_priority.h" #include "net/base/upload_bytes_element_reader.h" @@ -58,6 +59,7 @@ ReportSender::~ReportSender() = default; void ReportSender::Send(const GURL& report_uri, base::StringPiece content_type, base::StringPiece report, + const NetworkIsolationKey& network_isolation_key, SuccessCallback success_callback, ErrorCallback error_callback) { DCHECK(!content_type.empty()); @@ -66,9 +68,10 @@ void ReportSender::Send(const GURL& report_uri, url_request->SetUserData( &kUserDataKey, std::make_unique<CallbackInfo>(std::move(success_callback), std::move(error_callback))); - url_request->SetLoadFlags(kLoadFlags); url_request->set_allow_credentials(false); + url_request->set_isolation_info(IsolationInfo::CreatePartial( + IsolationInfo::RequestType::kOther, network_isolation_key)); HttpRequestHeaders extra_headers; extra_headers.SetHeader(HttpRequestHeaders::kContentType, content_type); diff --git a/chromium/net/url_request/report_sender.h b/chromium/net/url_request/report_sender.h index 1e4023640ad..7e2f57c9b88 100644 --- a/chromium/net/url_request/report_sender.h +++ b/chromium/net/url_request/report_sender.h @@ -20,6 +20,7 @@ class GURL; namespace net { +class NetworkIsolationKey; class URLRequestContext; // ReportSender asynchronously sends serialized reports to a URI. @@ -27,6 +28,9 @@ class URLRequestContext; // the format of the report being sent (JSON, protobuf, etc.) and the particular // data that it contains. Multiple reports can be in-flight at once. This class // owns inflight requests and cleans them up when necessary. +// +// Despite this class's name, it has nothing to do with the Reporting API, +// which is implemented in net/reporting. class NET_EXPORT ReportSender : public URLRequest::Delegate, public TransportSecurityState::ReportSenderInterface { @@ -49,6 +53,7 @@ class NET_EXPORT ReportSender void Send(const GURL& report_uri, base::StringPiece content_type, base::StringPiece report, + const NetworkIsolationKey& network_isolation_key, SuccessCallback success_callback, ErrorCallback error_callback) override; diff --git a/chromium/net/url_request/report_sender_unittest.cc b/chromium/net/url_request/report_sender_unittest.cc index c921c6cc72d..4dee747342d 100644 --- a/chromium/net/url_request/report_sender_unittest.cc +++ b/chromium/net/url_request/report_sender_unittest.cc @@ -5,7 +5,7 @@ #include "net/url_request/report_sender.h" #include "base/bind.h" -#include "base/bind_helpers.h" +#include "base/callback_helpers.h" #include "base/macros.h" #include "base/run_loop.h" #include "base/threading/thread_task_runner_handle.h" @@ -143,6 +143,11 @@ class TestReportSenderNetworkDelegate : public NetworkDelegateImpl { expected_content_type_ = content_type; } + void set_expected_network_isolation_key( + const NetworkIsolationKey& expected_network_isolation_key) { + expected_network_isolation_key_ = expected_network_isolation_key; + } + // NetworkDelegateImpl implementation. int OnBeforeURLRequest(URLRequest* request, CompletionOnceCallback callback, @@ -153,6 +158,12 @@ class TestReportSenderNetworkDelegate : public NetworkDelegateImpl { EXPECT_FALSE(request->allow_credentials()); EXPECT_TRUE(request->load_flags() & LOAD_DO_NOT_SAVE_COOKIES); + EXPECT_EQ(expected_network_isolation_key_, + request->isolation_info().network_isolation_key()); + EXPECT_EQ(IsolationInfo::RequestType::kOther, + request->isolation_info().request_type()); + EXPECT_TRUE(request->site_for_cookies().IsNull()); + const HttpRequestHeaders& extra_headers = request->extra_request_headers(); std::string content_type; EXPECT_TRUE(extra_headers.GetHeader(HttpRequestHeaders::kContentType, @@ -179,6 +190,7 @@ class TestReportSenderNetworkDelegate : public NetworkDelegateImpl { GURL expect_url_; std::set<std::string> expect_reports_; std::string expected_content_type_; + NetworkIsolationKey expected_network_isolation_key_; DISALLOW_COPY_AND_ASSIGN(TestReportSenderNetworkDelegate); }; @@ -211,6 +223,9 @@ class ReportSenderTest : public TestWithTaskEnvironment { size_t request_sequence_number, base::OnceCallback<void()> success_callback, base::OnceCallback<void(const GURL&, int, int)> error_callback) { + NetworkIsolationKey network_isolation_key = + NetworkIsolationKey::CreateTransient(); + base::RunLoop run_loop; network_delegate_.set_url_request_destroyed_callback( run_loop.QuitClosure()); @@ -218,10 +233,11 @@ class ReportSenderTest : public TestWithTaskEnvironment { network_delegate_.set_expect_url(url); network_delegate_.ExpectReport(report); network_delegate_.set_expected_content_type("application/foobar"); + network_delegate_.set_expected_network_isolation_key(network_isolation_key); EXPECT_EQ(request_sequence_number, network_delegate_.num_requests()); - reporter->Send(url, "application/foobar", report, + reporter->Send(url, "application/foobar", report, network_isolation_key, std::move(success_callback), std::move(error_callback)); // The report is sent asynchronously, so wait for the report's @@ -277,11 +293,11 @@ TEST_F(ReportSenderTest, SendMultipleReportsSimultaneously) { EXPECT_EQ(0u, network_delegate_.num_requests()); - reporter.Send(url, "application/foobar", kDummyReport, + reporter.Send(url, "application/foobar", kDummyReport, NetworkIsolationKey(), base::OnceCallback<void()>(), base::OnceCallback<void(const GURL&, int, int)>()); reporter.Send(url, "application/foobar", kSecondDummyReport, - base::OnceCallback<void()>(), + NetworkIsolationKey(), base::OnceCallback<void()>(), base::OnceCallback<void(const GURL&, int, int)>()); run_loop.Run(); @@ -306,7 +322,7 @@ TEST_F(ReportSenderTest, PendingRequestGetsDeleted) { std::unique_ptr<ReportSender> reporter( new ReportSender(context(), TRAFFIC_ANNOTATION_FOR_TESTS)); - reporter->Send(url, "application/foobar", kDummyReport, + reporter->Send(url, "application/foobar", kDummyReport, NetworkIsolationKey(), base::OnceCallback<void()>(), base::OnceCallback<void(const GURL&, int, int)>()); reporter.reset(); diff --git a/chromium/net/url_request/url_fetcher_core.cc b/chromium/net/url_request/url_fetcher_core.cc index 4a933d1b7e1..754dd86d1d9 100644 --- a/chromium/net/url_request/url_fetcher_core.cc +++ b/chromium/net/url_request/url_fetcher_core.cc @@ -8,7 +8,7 @@ #include <utility> #include "base/bind.h" -#include "base/bind_helpers.h" +#include "base/callback_helpers.h" #include "base/check_op.h" #include "base/notreached.h" #include "base/sequenced_task_runner.h" diff --git a/chromium/net/url_request/url_request.cc b/chromium/net/url_request/url_request.cc index 9138aae0196..b8409e80748 100644 --- a/chromium/net/url_request/url_request.cc +++ b/chromium/net/url_request/url_request.cc @@ -7,8 +7,8 @@ #include <utility> #include "base/bind.h" -#include "base/bind_helpers.h" #include "base/callback.h" +#include "base/callback_helpers.h" #include "base/compiler_specific.h" #include "base/metrics/histogram_macros.h" #include "base/rand_util.h" diff --git a/chromium/net/url_request/url_request.h b/chromium/net/url_request/url_request.h index adeb342deba..eed0ae918a0 100644 --- a/chromium/net/url_request/url_request.h +++ b/chromium/net/url_request/url_request.h @@ -19,6 +19,7 @@ #include "base/threading/thread_checker.h" #include "base/time/time.h" #include "net/base/auth.h" +#include "net/base/idempotency.h" #include "net/base/ip_endpoint.h" #include "net/base/isolation_info.h" #include "net/base/load_states.h" @@ -711,6 +712,9 @@ class NET_EXPORT URLRequest : public base::SupportsUserData { send_client_certs_ = send_client_certs; } + void SetIdempotency(Idempotency idempotency) { idempotency_ = idempotency; } + Idempotency GetIdempotency() const { return idempotency_; } + base::WeakPtr<URLRequest> GetWeakPtr(); protected: @@ -948,6 +952,9 @@ class NET_EXPORT URLRequest : public base::SupportsUserData { bool send_client_certs_ = true; + // Idempotency of the request. + Idempotency idempotency_ = DEFAULT_IDEMPOTENCY; + THREAD_CHECKER(thread_checker_); base::WeakPtrFactory<URLRequest> weak_factory_{this}; diff --git a/chromium/net/url_request/url_request_context_builder_unittest.cc b/chromium/net/url_request/url_request_context_builder_unittest.cc index 7266f85a38d..585f4865546 100644 --- a/chromium/net/url_request/url_request_context_builder_unittest.cc +++ b/chromium/net/url_request/url_request_context_builder_unittest.cc @@ -4,7 +4,7 @@ #include "net/url_request/url_request_context_builder.h" -#include "base/bind_helpers.h" +#include "base/callback_helpers.h" #include "base/run_loop.h" #include "base/task/thread_pool.h" #include "build/build_config.h" diff --git a/chromium/net/url_request/url_request_http_job.cc b/chromium/net/url_request/url_request_http_job.cc index f5e754f4ea0..dd533f15e3d 100644 --- a/chromium/net/url_request/url_request_http_job.cc +++ b/chromium/net/url_request/url_request_http_job.cc @@ -10,12 +10,13 @@ #include "base/base_switches.h" #include "base/bind.h" -#include "base/bind_helpers.h" +#include "base/callback_helpers.h" #include "base/command_line.h" #include "base/compiler_specific.h" #include "base/file_version_info.h" #include "base/location.h" #include "base/macros.h" +#include "base/memory/ptr_util.h" #include "base/metrics/field_trial.h" #include "base/metrics/histogram_functions.h" #include "base/metrics/histogram_macros.h" @@ -149,15 +150,6 @@ void RecordCTHistograms(const net::SSLInfo& ssl_info) { "Net.CertificateTransparency.RequestComplianceStatus", ssl_info.ct_policy_compliance, net::ct::CTPolicyCompliance::CT_POLICY_COUNT); - // Record the CT compliance of each request which was required to be CT - // compliant. This gives a picture of the sites that are supposed to be - // compliant and how well they do at actually being compliant. - if (ssl_info.ct_policy_compliance_required) { - UMA_HISTOGRAM_ENUMERATION( - "Net.CertificateTransparency.CTRequiredRequestComplianceStatus", - ssl_info.ct_policy_compliance, - net::ct::CTPolicyCompliance::CT_POLICY_COUNT); - } } template <typename CookieWithMetadata> @@ -212,6 +204,15 @@ void MarkSameSiteCompatPairs( } } +net::CookieOptions CreateCookieOptions( + net::CookieOptions::SameSiteCookieContext cookie_context) { + net::CookieOptions options; + options.set_return_excluded_cookies(); + options.set_include_httponly(); + options.set_same_site_cookie_context(cookie_context); + return options; +} + } // namespace namespace net { @@ -301,11 +302,17 @@ void URLRequestHttpJob::Start() { request_info_.network_isolation_key = request_->isolation_info().network_isolation_key(); + request_info_.possibly_top_frame_origin = + request_->isolation_info().top_frame_origin(); + request_info_.is_subframe_document_resource = + request_->isolation_info().request_type() == + net::IsolationInfo::RequestType::kSubFrame; request_info_.load_flags = request_->load_flags(); request_info_.disable_secure_dns = request_->disable_secure_dns(); request_info_.traffic_annotation = net::MutableNetworkTrafficAnnotationTag(request_->traffic_annotation()); request_info_.socket_tag = request_->socket_tag(); + request_info_.idempotency = request_->GetIdempotency(); #if BUILDFLAG(ENABLE_REPORTING) request_info_.reporting_upload_depth = request_->reporting_upload_depth(); #endif @@ -568,9 +575,6 @@ void URLRequestHttpJob::AddCookieHeaderAndStart() { // is being overridden by NetworkDelegate and will eventually block them, as // blocked cookies still need to be logged in that case. if (cookie_store && request_->allow_credentials()) { - CookieOptions options; - options.set_return_excluded_cookies(); - options.set_include_httponly(); bool force_ignore_site_for_cookies = request_->force_ignore_site_for_cookies(); if (cookie_store->cookie_access_delegate() && @@ -579,10 +583,13 @@ void URLRequestHttpJob::AddCookieHeaderAndStart() { request_->site_for_cookies())) { force_ignore_site_for_cookies = true; } - options.set_same_site_cookie_context( + CookieOptions::SameSiteCookieContext same_site_context = net::cookie_util::ComputeSameSiteContextForRequest( request_->method(), request_->url(), request_->site_for_cookies(), - request_->initiator(), force_ignore_site_for_cookies)); + request_->initiator(), force_ignore_site_for_cookies); + + CookieOptions options = CreateCookieOptions(same_site_context); + cookie_store->GetCookieListWithOptionsAsync( request_->url(), options, base::BindOnce(&URLRequestHttpJob::SetCookieHeaderAndStart, @@ -713,8 +720,6 @@ void URLRequestHttpJob::SaveCookiesAndNotifyHeadersComplete(int result) { if (GetResponseHeaders()->GetDateValue(&response_date)) server_time = base::make_optional(response_date); - CookieOptions options; - options.set_include_httponly(); bool force_ignore_site_for_cookies = request_->force_ignore_site_for_cookies(); if (cookie_store->cookie_access_delegate() && @@ -722,12 +727,12 @@ void URLRequestHttpJob::SaveCookiesAndNotifyHeadersComplete(int result) { request_->url(), request_->site_for_cookies())) { force_ignore_site_for_cookies = true; } - options.set_same_site_cookie_context( + CookieOptions::SameSiteCookieContext same_site_context = net::cookie_util::ComputeSameSiteContextForResponse( request_->url(), request_->site_for_cookies(), request_->initiator(), - force_ignore_site_for_cookies)); + force_ignore_site_for_cookies); - options.set_return_excluded_cookies(); + CookieOptions options = CreateCookieOptions(same_site_context); // Set all cookies, without waiting for them to be set. Any subsequent read // will see the combined result of all cookie operation. diff --git a/chromium/net/url_request/url_request_http_job_unittest.cc b/chromium/net/url_request/url_request_http_job_unittest.cc index 723a911eba1..5de6c860a6b 100644 --- a/chromium/net/url_request/url_request_http_job_unittest.cc +++ b/chromium/net/url_request/url_request_http_job_unittest.cc @@ -18,7 +18,7 @@ #include "base/run_loop.h" #include "base/strings/string_number_conversions.h" #include "base/strings/string_split.h" -#include "base/test/bind_test_util.h" +#include "base/test/bind.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/task_environment.h" #include "net/base/auth.h" @@ -88,8 +88,6 @@ const char kTrustAnchorRequestHistogram[] = const char kCTComplianceHistogramName[] = "Net.CertificateTransparency.RequestComplianceStatus"; -const char kCTRequiredHistogramName[] = - "Net.CertificateTransparency.CTRequiredRequestComplianceStatus"; // Inherit from URLRequestHttpJob to expose the priority and some // other hidden functions. @@ -1040,7 +1038,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"); ssl_socket_data.ssl_info.is_issued_by_known_root = true; - ssl_socket_data.ssl_info.ct_policy_compliance_required = false; ssl_socket_data.ssl_info.ct_policy_compliance = ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS; @@ -1086,7 +1083,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"); ssl_socket_data.ssl_info.is_issued_by_known_root = true; - ssl_socket_data.ssl_info.ct_policy_compliance_required = false; ssl_socket_data.ssl_info.ct_policy_compliance = ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS; @@ -1113,9 +1109,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, kCTComplianceHistogramName, static_cast<int32_t>(ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS), 1); - // CTRequiredRequestComplianceStatus should *not* have been recorded because - // it is only recorded for requests which are required to be compliant. - histograms.ExpectTotalCount(kCTRequiredHistogramName, 0); } // Tests that the CT compliance histograms are not recorded for @@ -1126,7 +1119,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"); ssl_socket_data.ssl_info.is_issued_by_known_root = false; - ssl_socket_data.ssl_info.ct_policy_compliance_required = false; ssl_socket_data.ssl_info.ct_policy_compliance = ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS; @@ -1150,7 +1142,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, EXPECT_THAT(delegate.request_status(), IsOk()); histograms.ExpectTotalCount(kCTComplianceHistogramName, 0); - histograms.ExpectTotalCount(kCTRequiredHistogramName, 0); } // Tests that the CT compliance histogram is recorded when CT is required but @@ -1161,7 +1152,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"); ssl_socket_data.ssl_info.is_issued_by_known_root = true; - ssl_socket_data.ssl_info.ct_policy_compliance_required = true; ssl_socket_data.ssl_info.ct_policy_compliance = ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS; @@ -1188,10 +1178,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, kCTComplianceHistogramName, static_cast<int32_t>(ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS), 1); - histograms.ExpectUniqueSample( - kCTRequiredHistogramName, - static_cast<int32_t>(ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS), - 1); } // Tests that the CT compliance histograms are not recorded when there is an @@ -1202,7 +1188,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, ssl_socket_data.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"); ssl_socket_data.ssl_info.is_issued_by_known_root = true; - ssl_socket_data.ssl_info.ct_policy_compliance_required = true; ssl_socket_data.ssl_info.ct_policy_compliance = ct::CTPolicyCompliance::CT_POLICY_NOT_DIVERSE_SCTS; ssl_socket_data.ssl_info.cert_status = net::CERT_STATUS_DATE_INVALID; @@ -1227,7 +1212,6 @@ TEST_F(URLRequestHttpJobWithMockSocketsTest, EXPECT_THAT(delegate.request_status(), IsOk()); histograms.ExpectTotalCount(kCTComplianceHistogramName, 0); - histograms.ExpectTotalCount(kCTRequiredHistogramName, 0); } TEST_F(URLRequestHttpJobWithMockSocketsTest, EncodingAdvertisementOnRange) { diff --git a/chromium/net/url_request/url_request_quic_unittest.cc b/chromium/net/url_request/url_request_quic_unittest.cc index daa4dd25d93..27fca18dc55 100644 --- a/chromium/net/url_request/url_request_quic_unittest.cc +++ b/chromium/net/url_request/url_request_quic_unittest.cc @@ -3,14 +3,14 @@ // found in the LICENSE file. #include "base/bind.h" -#include "base/bind_helpers.h" +#include "base/callback_helpers.h" #include "base/feature_list.h" #include "base/files/file_path.h" #include "base/macros.h" #include "base/run_loop.h" #include "base/strings/string_number_conversions.h" #include "base/strings/stringprintf.h" -#include "base/test/bind_test_util.h" +#include "base/test/bind.h" #include "base/test/scoped_feature_list.h" #include "build/build_config.h" #include "net/base/features.h" @@ -236,10 +236,10 @@ class URLRequestQuicTest // Now set up index so that it pushes kitten and favicon. quic::QuicBackendResponse::ServerPushInfo push_info1( - quic::QuicUrl(UrlFromPath(kKittenPath)), spdy::SpdyHeaderBlock(), + quic::QuicUrl(UrlFromPath(kKittenPath)), spdy::Http2HeaderBlock(), spdy::kV3LowestPriority, kKittenBodyValue); quic::QuicBackendResponse::ServerPushInfo push_info2( - quic::QuicUrl(UrlFromPath(kFaviconPath)), spdy::SpdyHeaderBlock(), + quic::QuicUrl(UrlFromPath(kFaviconPath)), spdy::Http2HeaderBlock(), spdy::kV3LowestPriority, kFaviconBodyValue); memory_cache_backend_.AddSimpleResponseWithServerPushResources( kTestServerHost, kIndexPath, kIndexStatus, kIndexBodyValue, diff --git a/chromium/net/url_request/url_request_unittest.cc b/chromium/net/url_request/url_request_unittest.cc index a0c62ccd48b..e06b380e25c 100644 --- a/chromium/net/url_request/url_request_unittest.cc +++ b/chromium/net/url_request/url_request_unittest.cc @@ -6,7 +6,7 @@ #include <utility> // This must be before Windows headers -#include "base/bind_helpers.h" +#include "base/callback_helpers.h" #include "base/memory/ptr_util.h" #include "build/build_config.h" @@ -44,7 +44,7 @@ #include "base/strings/string_util.h" #include "base/strings/stringprintf.h" #include "base/strings/utf_string_conversions.h" -#include "base/test/bind_test_util.h" +#include "base/test/bind.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/scoped_feature_list.h" #include "base/threading/thread_task_runner_handle.h" @@ -640,20 +640,26 @@ class MockCertificateReportSender const GURL& report_uri, base::StringPiece content_type, base::StringPiece report, + const NetworkIsolationKey& network_isolation_key, base::OnceCallback<void()> success_callback, base::OnceCallback<void(const GURL&, int, int)> error_callback) override { latest_report_uri_ = report_uri; latest_report_.assign(report.data(), report.size()); latest_content_type_.assign(content_type.data(), content_type.size()); + latest_network_isolation_key_ = network_isolation_key; } const GURL& latest_report_uri() { return latest_report_uri_; } const std::string& latest_report() { return latest_report_; } const std::string& latest_content_type() { return latest_content_type_; } + const NetworkIsolationKey& latest_network_isolation_key() { + return latest_network_isolation_key_; + } private: GURL latest_report_uri_; std::string latest_report_; std::string latest_content_type_; + NetworkIsolationKey latest_network_isolation_key_; }; // OCSPErrorTestDelegate caches the SSLInfo passed to OnSSLCertificateError. @@ -2474,8 +2480,8 @@ TEST_F(URLRequestTest, SameSiteCookiesSpecialScheme) { ASSERT_TRUE(https_test_server.Start()); EmbeddedTestServer http_test_server(EmbeddedTestServer::TYPE_HTTP); RegisterDefaultHandlers(&http_test_server); - // Ensure they are on different ports. - ASSERT_TRUE(http_test_server.Start(https_test_server.port() + 1)); + ASSERT_TRUE(http_test_server.Start()); + ASSERT_NE(https_test_server.port(), http_test_server.port()); // Both hostnames should be 127.0.0.1 (so that we can use the same set of // cookies on both, for convenience). ASSERT_EQ(https_test_server.host_port_pair().host(), @@ -2873,7 +2879,12 @@ class URLRequestTestHTTP : public URLRequestTest { origin2_(url::Origin::Create(GURL("https://bar.test/"))), isolation_info1_(IsolationInfo::CreateForInternalRequest(origin1_)), isolation_info2_(IsolationInfo::CreateForInternalRequest(origin2_)), - test_server_(base::FilePath(kTestFilePath)) {} + test_server_(base::FilePath(kTestFilePath)) { + // Needed for NetworkIsolationKey to make it down to the socket layer, for + // the PKP violation report test. + feature_list_.InitAndEnableFeature( + net::features::kPartitionConnectionsByNetworkIsolationKey); + } protected: // ProtocolHandler for the scheme that's unsafe to redirect to. @@ -3036,6 +3047,8 @@ class URLRequestTestHTTP : public URLRequestTest { HttpTestServer* http_test_server() { return &test_server_; } private: + base::test::ScopedFeatureList feature_list_; + HttpTestServer test_server_; }; @@ -4442,14 +4455,9 @@ TEST_F(URLRequestTestHTTP, NetworkDelegateInfoRedirect) { NetLogEventType::DELEGATE_INFO)); } -// TODO(svaldez): Update tests to use EmbeddedTestServer. -#if !defined(OS_IOS) // Tests handling of delegate info from a URLRequest::Delegate. TEST_F(URLRequestTestHTTP, URLRequestDelegateInfo) { - SpawnedTestServer test_server(SpawnedTestServer::TYPE_HTTP, - base::FilePath(kTestFilePath)); - - ASSERT_TRUE(test_server.Start()); + ASSERT_TRUE(http_test_server()->Start()); AsyncLoggingUrlRequestDelegate request_delegate( AsyncLoggingUrlRequestDelegate::NO_CANCEL); @@ -4465,8 +4473,8 @@ TEST_F(URLRequestTestHTTP, URLRequestDelegateInfo) { // the possibility of multiple reads being combined in the unlikely event // that it occurs. std::unique_ptr<URLRequest> r(context.CreateRequest( - test_server.GetURL("/chunked?waitBetweenChunks=20"), DEFAULT_PRIORITY, - &request_delegate, TRAFFIC_ANNOTATION_FOR_TESTS)); + http_test_server()->GetURL("/chunked?waitBetweenChunks=20"), + DEFAULT_PRIORITY, &request_delegate, TRAFFIC_ANNOTATION_FOR_TESTS)); LoadStateWithParam load_state = r->GetLoadState(); r->Start(); request_delegate.RunUntilComplete(); @@ -4502,7 +4510,6 @@ TEST_F(URLRequestTestHTTP, URLRequestDelegateInfo) { entries, log_position + 1, NetLogEventType::URL_REQUEST_DELEGATE_RESPONSE_STARTED)); } -#endif // !defined(OS_IOS) // Tests handling of delegate info from a URLRequest::Delegate in the case of // an HTTP redirect. @@ -5202,11 +5209,14 @@ TEST_F(URLRequestTestHTTP, ProcessPKPAndSendReport) { context.set_cert_verifier(&cert_verifier); context.Init(); + IsolationInfo isolation_info = IsolationInfo::CreateTransient(); + // Now send a request to trigger the violation. TestDelegate d; std::unique_ptr<URLRequest> violating_request(context.CreateRequest( https_test_server.GetURL(test_server_hostname, "/simple.html"), DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); + violating_request->set_isolation_info(isolation_info); violating_request->Start(); d.RunUntilComplete(); @@ -5224,6 +5234,8 @@ TEST_F(URLRequestTestHTTP, ProcessPKPAndSendReport) { std::string report_hostname; EXPECT_TRUE(report_dict->GetString("hostname", &report_hostname)); EXPECT_EQ(test_server_hostname, report_hostname); + EXPECT_EQ(isolation_info.network_isolation_key(), + mock_report_sender.latest_network_isolation_key()); } // Tests that reports do not get sent on requests to static pkp hosts that @@ -5269,6 +5281,7 @@ TEST_F(URLRequestTestHTTP, ProcessPKPWithNoViolation) { std::unique_ptr<URLRequest> request(context.CreateRequest( https_test_server.GetURL(test_server_hostname, "/simple.html"), DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); + request->set_isolation_info(IsolationInfo::CreateTransient()); request->Start(); d.RunUntilComplete(); @@ -5277,6 +5290,8 @@ TEST_F(URLRequestTestHTTP, ProcessPKPWithNoViolation) { EXPECT_EQ(OK, d.request_status()); EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri()); EXPECT_EQ(std::string(), mock_report_sender.latest_report()); + EXPECT_EQ(NetworkIsolationKey(), + mock_report_sender.latest_network_isolation_key()); TransportSecurityState::STSState sts_state; TransportSecurityState::PKPState pkp_state; EXPECT_TRUE(security_state.GetStaticDomainState(test_server_hostname, @@ -5327,6 +5342,7 @@ TEST_F(URLRequestTestHTTP, PKPBypassRecorded) { std::unique_ptr<URLRequest> request(context.CreateRequest( https_test_server.GetURL(test_server_hostname, "/simple.html"), DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); + request->set_isolation_info(IsolationInfo::CreateTransient()); request->Start(); d.RunUntilComplete(); @@ -5335,6 +5351,8 @@ TEST_F(URLRequestTestHTTP, PKPBypassRecorded) { EXPECT_EQ(OK, d.request_status()); EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri()); EXPECT_EQ(std::string(), mock_report_sender.latest_report()); + EXPECT_EQ(NetworkIsolationKey(), + mock_report_sender.latest_network_isolation_key()); TransportSecurityState::STSState sts_state; TransportSecurityState::PKPState pkp_state; EXPECT_TRUE(security_state.GetStaticDomainState(test_server_hostname, @@ -6695,22 +6713,22 @@ TEST_F(URLRequestTestHTTP, IsolationInfoUpdatedOnRedirect) { IsolationInfo expected_info_after_redirect; } kTestCases[] = { {IsolationInfo(), IsolationInfo()}, - {IsolationInfo::Create(IsolationInfo::RedirectMode::kUpdateTopFrame, + {IsolationInfo::Create(IsolationInfo::RequestType::kMainFrame, original_origin, original_origin, SiteForCookies()), - IsolationInfo::Create(IsolationInfo::RedirectMode::kUpdateTopFrame, + IsolationInfo::Create(IsolationInfo::RequestType::kMainFrame, redirect_origin, redirect_origin, SiteForCookies::FromOrigin(redirect_origin))}, - {IsolationInfo::Create(IsolationInfo::RedirectMode::kUpdateFrameOnly, + {IsolationInfo::Create(IsolationInfo::RequestType::kSubFrame, original_origin, original_origin, SiteForCookies::FromOrigin(original_origin)), - IsolationInfo::Create(IsolationInfo::RedirectMode::kUpdateFrameOnly, + IsolationInfo::Create(IsolationInfo::RequestType::kSubFrame, original_origin, redirect_origin, SiteForCookies::FromOrigin(original_origin))}, - {IsolationInfo::Create(IsolationInfo::RedirectMode::kUpdateNothing, + {IsolationInfo::Create(IsolationInfo::RequestType::kOther, original_origin, original_origin, SiteForCookies()), - IsolationInfo::Create(IsolationInfo::RedirectMode::kUpdateNothing, + IsolationInfo::Create(IsolationInfo::RequestType::kOther, original_origin, original_origin, SiteForCookies())}, {transient_isolation_info, transient_isolation_info}, @@ -6746,8 +6764,8 @@ TEST_F(URLRequestTestHTTP, IsolationInfoUpdatedOnRedirect) { EXPECT_EQ(!test_case.expected_info_after_redirect.network_isolation_key() .IsTransient(), r->was_cached()); - EXPECT_EQ(test_case.expected_info_after_redirect.redirect_mode(), - r->isolation_info().redirect_mode()); + EXPECT_EQ(test_case.expected_info_after_redirect.request_type(), + r->isolation_info().request_type()); EXPECT_EQ(test_case.expected_info_after_redirect.top_frame_origin(), r->isolation_info().top_frame_origin()); EXPECT_EQ(test_case.expected_info_after_redirect.frame_origin(), @@ -12213,6 +12231,122 @@ TEST_F(HTTPSEarlyDataTest, TLSEarlyDataPOSTTest) { } } +// TLSEarlyDataTest tests that the 0-RTT is enabled for idempotent POST request. +TEST_F(HTTPSEarlyDataTest, TLSEarlyDataIdempotentPOSTTest) { + ASSERT_TRUE(test_server_.Start()); + context_.http_transaction_factory()->GetSession()->ClearSSLSessionCache(); + const int kParamSize = 4 * 1024; + const GURL kUrl = + test_server_.GetURL("/zerortt?" + std::string(kParamSize, 'a')); + + { + TestDelegate d; + std::unique_ptr<URLRequest> r(context_.CreateRequest( + kUrl, DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); + r->Start(); + EXPECT_TRUE(r->is_pending()); + + base::RunLoop().Run(); + + EXPECT_EQ(1, d.response_started_count()); + + EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1_3, + SSLConnectionStatusToVersion(r->ssl_info().connection_status)); + EXPECT_TRUE(r->ssl_info().unverified_cert.get()); + EXPECT_TRUE(test_server_.GetCertificate()->EqualsIncludingChain( + r->ssl_info().cert.get())); + + // The Early-Data header should be omitted in the initial request, and the + // handler should return "0". + EXPECT_EQ("0", d.data_received()); + } + + context_.http_transaction_factory()->GetSession()->CloseAllConnections( + ERR_FAILED, "Very good reason"); + listener_.BufferNextConnection(kParamSize); + + { + TestDelegate d; + std::unique_ptr<URLRequest> r(context_.CreateRequest( + kUrl, DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); + r->set_method("POST"); + r->SetIdempotency(net::IDEMPOTENT); + r->Start(); + EXPECT_TRUE(r->is_pending()); + + base::RunLoop().Run(); + + EXPECT_EQ(1, d.response_started_count()); + + EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1_3, + SSLConnectionStatusToVersion(r->ssl_info().connection_status)); + EXPECT_TRUE(r->ssl_info().unverified_cert.get()); + EXPECT_TRUE(test_server_.GetCertificate()->EqualsIncludingChain( + r->ssl_info().cert.get())); + + // The Early-Data header should be set since the request is set as an + // idempotent POST request. + EXPECT_EQ("1", d.data_received()); + } +} + +// TLSEarlyDataTest tests that the 0-RTT is disabled for non-idempotent request. +TEST_F(HTTPSEarlyDataTest, TLSEarlyDataNonIdempotentRequestTest) { + ASSERT_TRUE(test_server_.Start()); + context_.http_transaction_factory()->GetSession()->ClearSSLSessionCache(); + + { + TestDelegate d; + std::unique_ptr<URLRequest> r(context_.CreateRequest( + test_server_.GetURL("/zerortt"), DEFAULT_PRIORITY, &d, + TRAFFIC_ANNOTATION_FOR_TESTS)); + r->Start(); + EXPECT_TRUE(r->is_pending()); + + base::RunLoop().Run(); + + EXPECT_EQ(1, d.response_started_count()); + + EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1_3, + SSLConnectionStatusToVersion(r->ssl_info().connection_status)); + EXPECT_TRUE(r->ssl_info().unverified_cert.get()); + EXPECT_TRUE(test_server_.GetCertificate()->EqualsIncludingChain( + r->ssl_info().cert.get())); + + // The Early-Data header should be omitted in the initial request, and the + // handler should return "0". + EXPECT_EQ("0", d.data_received()); + } + + context_.http_transaction_factory()->GetSession()->CloseAllConnections( + ERR_FAILED, "Very good reason"); + + { + TestDelegate d; + std::unique_ptr<URLRequest> r(context_.CreateRequest( + test_server_.GetURL("/zerortt"), DEFAULT_PRIORITY, &d, + TRAFFIC_ANNOTATION_FOR_TESTS)); + // Sets the GET request as not idempotent. + r->SetIdempotency(net::NOT_IDEMPOTENT); + r->Start(); + EXPECT_TRUE(r->is_pending()); + + base::RunLoop().Run(); + + EXPECT_EQ(1, d.response_started_count()); + + EXPECT_EQ(SSL_CONNECTION_VERSION_TLS1_3, + SSLConnectionStatusToVersion(r->ssl_info().connection_status)); + EXPECT_TRUE(r->ssl_info().unverified_cert.get()); + EXPECT_TRUE(test_server_.GetCertificate()->EqualsIncludingChain( + r->ssl_info().cert.get())); + + // The Early-Data header should be omitted in the initial request even + // though it is a GET request, since the request is set as not idempotent. + EXPECT_EQ("0", d.data_received()); + } +} + std::unique_ptr<test_server::HttpResponse> HandleTooEarly( bool* sent_425, const test_server::HttpRequest& request) { |