diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2020-10-29 10:46:47 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2020-11-02 12:02:10 +0000 |
commit | 99677208ff3b216fdfec551fbe548da5520cd6fb (patch) | |
tree | 476a4865c10320249360e859d8fdd3e01833b03a /chromium/third_party/blink/renderer/platform/network | |
parent | c30a6232df03e1efbd9f3b226777b07e087a1122 (diff) | |
download | qtwebengine-chromium-99677208ff3b216fdfec551fbe548da5520cd6fb.tar.gz |
BASELINE: Update Chromium to 86.0.4240.124
Change-Id: Ide0ff151e94cd665ae6521a446995d34a9d1d644
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'chromium/third_party/blink/renderer/platform/network')
5 files changed, 93 insertions, 49 deletions
diff --git a/chromium/third_party/blink/renderer/platform/network/BUILD.gn b/chromium/third_party/blink/renderer/platform/network/BUILD.gn index c36f20ba4ed..d443bfdd01f 100644 --- a/chromium/third_party/blink/renderer/platform/network/BUILD.gn +++ b/chromium/third_party/blink/renderer/platform/network/BUILD.gn @@ -2,7 +2,6 @@ # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. -import("//build/config/jumbo.gni") import("//third_party/blink/renderer/build/scripts/scripts.gni") import("//third_party/blink/renderer/platform/platform.gni") import("//third_party/blink/renderer/platform/platform_generated.gni") @@ -67,7 +66,7 @@ blink_platform_sources("network") { deps = [ "//media" ] } -jumbo_source_set("unit_tests") { +source_set("unit_tests") { visibility = [ "//third_party/blink/renderer/platform:*" ] testonly = true @@ -88,7 +87,7 @@ jumbo_source_set("unit_tests") { public_deps = [ "//third_party/blink/renderer/platform:platform" ] } -jumbo_source_set("test_support") { +source_set("test_support") { visibility = [ "//third_party/blink/renderer/platform:test_support" ] testonly = true diff --git a/chromium/third_party/blink/renderer/platform/network/http_names.json5 b/chromium/third_party/blink/renderer/platform/network/http_names.json5 index fa2fda6cc0d..345bf464553 100644 --- a/chromium/third_party/blink/renderer/platform/network/http_names.json5 +++ b/chromium/third_party/blink/renderer/platform/network/http_names.json5 @@ -49,6 +49,8 @@ "Location", "Origin", "Origin-Trial", + "Permissions-Policy", + "Permissions-Policy-Report-Only", "Ping-From", "Ping-To", "Pragma", diff --git a/chromium/third_party/blink/renderer/platform/network/http_parsers.cc b/chromium/third_party/blink/renderer/platform/network/http_parsers.cc index 4c1eea52ce5..af9d9ff48f2 100644 --- a/chromium/third_party/blink/renderer/platform/network/http_parsers.cc +++ b/chromium/third_party/blink/renderer/platform/network/http_parsers.cc @@ -65,14 +65,31 @@ blink::CSPSourcePtr ConvertToBlink(CSPSourcePtr source) { source->is_port_wildcard); } +blink::CSPHashSourcePtr ConvertToBlink(CSPHashSourcePtr hash) { + return blink::CSPHashSource::New(hash->algorithm, + String::FromUTF8(hash->value)); +} + blink::CSPSourceListPtr ConvertToBlink(CSPSourceListPtr source_list) { WTF::Vector<blink::CSPSourcePtr> sources; for (auto& it : source_list->sources) sources.push_back(ConvertToBlink(std::move(it))); - return blink::CSPSourceList::New(std::move(sources), source_list->allow_self, - source_list->allow_star, - source_list->allow_response_redirects); + WTF::Vector<String> nonces; + for (const auto& nonce : source_list->nonces) + nonces.push_back(String::FromUTF8(std::move(nonce))); + + WTF::Vector<blink::CSPHashSourcePtr> hashes; + for (auto& it : source_list->hashes) + hashes.push_back(ConvertToBlink(std::move(it))); + + return blink::CSPSourceList::New( + std::move(sources), std::move(nonces), std::move(hashes), + source_list->allow_self, source_list->allow_star, + source_list->allow_response_redirects, source_list->allow_inline, + source_list->allow_eval, source_list->allow_wasm_eval, + source_list->allow_dynamic, source_list->allow_unsafe_hashes, + source_list->report_sample); } blink::CSPDirectiveName ConvertToBlink(CSPDirectiveName name) { @@ -85,25 +102,34 @@ blink::ContentSecurityPolicyHeaderPtr ConvertToBlink( String::FromUTF8(header->header_value), header->type, header->source); } -blink::ContentSecurityPolicyPtr ConvertToBlink( - ContentSecurityPolicyPtr policy_in) { - auto policy = blink::ContentSecurityPolicy::New(); +WTF::HashMap<blink::CSPDirectiveName, blink::CSPSourceListPtr> ConvertToBlink( + base::flat_map<CSPDirectiveName, CSPSourceListPtr> directives) { + WTF::HashMap<blink::CSPDirectiveName, blink::CSPSourceListPtr> out; - policy->header = ConvertToBlink(std::move(policy_in->header)); - policy->use_reporting_api = policy_in->use_reporting_api; - - for (auto& list : policy_in->directives) { - policy->directives.insert(ConvertToBlink(list.first), - ConvertToBlink(std::move(list.second))); + for (auto& list : directives) { + out.insert(ConvertToBlink(list.first), + ConvertToBlink(std::move(list.second))); } - policy->upgrade_insecure_requests = policy_in->upgrade_insecure_requests; - policy->sandbox = policy_in->sandbox; - policy->treat_as_public_address = policy_in->treat_as_public_address; - for (auto& endpoint : policy_in->report_endpoints) - policy->report_endpoints.push_back(String::FromUTF8(endpoint)); + return out; +} - return policy; +WTF::Vector<WTF::String> ConvertToBlink(std::vector<std::string> in) { + WTF::Vector<WTF::String> out; + for (auto& el : in) + out.push_back(String::FromUTF8(el)); + return out; +} + +blink::ContentSecurityPolicyPtr ConvertToBlink( + ContentSecurityPolicyPtr policy_in) { + return blink::ContentSecurityPolicy::New( + ConvertToBlink(std::move(policy_in->directives)), + policy_in->upgrade_insecure_requests, policy_in->treat_as_public_address, + policy_in->sandbox, ConvertToBlink(std::move(policy_in->header)), + policy_in->use_reporting_api, + ConvertToBlink(std::move(policy_in->report_endpoints)), + ConvertToBlink(std::move(policy_in->parsing_errors))); } WTF::Vector<blink::ContentSecurityPolicyPtr> ConvertToBlink( @@ -115,6 +141,24 @@ WTF::Vector<blink::ContentSecurityPolicyPtr> ConvertToBlink( return blink_policies; } +blink::AllowCSPFromHeaderValuePtr ConvertToBlink( + AllowCSPFromHeaderValuePtr allow_csp_from) { + if (!allow_csp_from) + return nullptr; + switch (allow_csp_from->which()) { + case AllowCSPFromHeaderValue::Tag::ALLOW_STAR: + return blink::AllowCSPFromHeaderValue::NewAllowStar( + allow_csp_from->get_allow_star()); + case AllowCSPFromHeaderValue::Tag::ORIGIN: + return blink::AllowCSPFromHeaderValue::NewOrigin( + ::blink::SecurityOrigin::CreateFromUrlOrigin( + allow_csp_from->get_origin())); + case AllowCSPFromHeaderValue::Tag::ERROR_MESSAGE: + return blink::AllowCSPFromHeaderValue::NewErrorMessage( + String::FromUTF8(allow_csp_from->get_error_message())); + } +} + WTF::Vector<network::mojom::blink::WebClientHintsType> ConvertToBlink( const std::vector<network::mojom::WebClientHintsType>& accept_ch) { WTF::Vector<network::mojom::blink::WebClientHintsType> blink_accept_ch; @@ -125,13 +169,15 @@ WTF::Vector<network::mojom::blink::WebClientHintsType> ConvertToBlink( blink::ParsedHeadersPtr ConvertToBlink(ParsedHeadersPtr parsed_headers) { return blink::ParsedHeaders::New( ConvertToBlink(std::move(parsed_headers->content_security_policy)), + ConvertToBlink(std::move(parsed_headers->allow_csp_from)), std::move(parsed_headers->cross_origin_embedder_policy), std::move(parsed_headers->cross_origin_opener_policy), parsed_headers->origin_isolation, parsed_headers->accept_ch.has_value() ? base::make_optional( ConvertToBlink(parsed_headers->accept_ch.value())) - : base::nullopt); + : base::nullopt, + parsed_headers->accept_ch_lifetime); } } // namespace mojom diff --git a/chromium/third_party/blink/renderer/platform/network/http_parsers_test.cc b/chromium/third_party/blink/renderer/platform/network/http_parsers_test.cc index c26749a3b54..de5a21c3aff 100644 --- a/chromium/third_party/blink/renderer/platform/network/http_parsers_test.cc +++ b/chromium/third_party/blink/renderer/platform/network/http_parsers_test.cc @@ -683,7 +683,7 @@ TEST(HTTPParsersTest, ParseContentSecurityPolicyDirectiveName) { "Content-Security-Policy: frame-ancestors 'none'\r\n" "Content-Security-Policy: sandbox allow-script\r\n" "Content-Security-Policy: form-action 'none'\r\n" - "Content-Security-Policy: navigate-to'none'\r\n" + "Content-Security-Policy: navigate-to 'none'\r\n" "Content-Security-Policy: frame-src 'none'\r\n" "Content-Security-Policy: child-src 'none'\r\n" "Content-Security-Policy: script-src 'none'\r\n" @@ -694,18 +694,18 @@ TEST(HTTPParsersTest, ParseContentSecurityPolicyDirectiveName) { EXPECT_EQ(1u, policies[0]->directives.size()); // sandbox. TODO(https://crbug.com/1041376) Implement this. EXPECT_EQ(0u, policies[1]->directives.size()); - // form-action. Not parsed. - EXPECT_EQ(0u, policies[2]->directives.size()); - // navigate-to. Not parsed. - EXPECT_EQ(0u, policies[3]->directives.size()); - // frame-src. Not parsed. - EXPECT_EQ(0u, policies[4]->directives.size()); - // child-src. Not parsed. - EXPECT_EQ(0u, policies[5]->directives.size()); - // script-src. Not parsed. - EXPECT_EQ(0u, policies[6]->directives.size()); - // default-src. Not parsed. - EXPECT_EQ(0u, policies[7]->directives.size()); + // form-action. + EXPECT_EQ(1u, policies[2]->directives.size()); + // navigate-to. + EXPECT_EQ(1u, policies[3]->directives.size()); + // frame-src. + EXPECT_EQ(1u, policies[4]->directives.size()); + // child-src. + EXPECT_EQ(1u, policies[5]->directives.size()); + // script-src. + EXPECT_EQ(1u, policies[6]->directives.size()); + // default-src. + EXPECT_EQ(1u, policies[7]->directives.size()); // upgrade-insecure-policies. EXPECT_EQ(true, policies[8]->upgrade_insecure_requests); } diff --git a/chromium/third_party/blink/renderer/platform/network/network_state_notifier.cc b/chromium/third_party/blink/renderer/platform/network/network_state_notifier.cc index dbc9d03a813..32328e88187 100644 --- a/chromium/third_party/blink/renderer/platform/network/network_state_notifier.cc +++ b/chromium/third_party/blink/renderer/platform/network/network_state_notifier.cc @@ -26,6 +26,7 @@ #include "third_party/blink/renderer/platform/network/network_state_notifier.h" #include <memory> + #include "net/nqe/effective_connection_type.h" #include "net/nqe/network_quality_estimator_params.h" #include "third_party/blink/public/common/client_hints/client_hints.h" @@ -430,25 +431,21 @@ double NetworkStateNotifier::GetRandomMultiplier(const String& host) const { uint32_t NetworkStateNotifier::RoundRtt( const String& host, const base::Optional<base::TimeDelta>& rtt) const { - // Limit the size of the buckets and the maximum reported value to reduce - // fingerprinting. - static const size_t kBucketSize = 50; - static const double kMaxRttMsec = 3.0 * 1000; - if (!rtt.has_value()) { // RTT is unavailable. So, return the fastest value. return 0; } - double rtt_msec = static_cast<double>(rtt.value().InMilliseconds()); - rtt_msec *= GetRandomMultiplier(host); - rtt_msec = std::min(rtt_msec, kMaxRttMsec); - - DCHECK_LE(0, rtt_msec); - DCHECK_GE(kMaxRttMsec, rtt_msec); - - // Round down to the nearest kBucketSize msec value. - return std::round(rtt_msec / kBucketSize) * kBucketSize; + // Limit the maximum reported value and the granularity to reduce + // fingerprinting. + constexpr auto kMaxRtt = base::TimeDelta::FromSeconds(3); + constexpr auto kGranularity = base::TimeDelta::FromMilliseconds(50); + + const base::TimeDelta modified_rtt = + std::min(rtt.value() * GetRandomMultiplier(host), kMaxRtt); + DCHECK_GE(modified_rtt, base::TimeDelta()); + return static_cast<uint32_t>( + modified_rtt.RoundToMultiple(kGranularity).InMilliseconds()); } double NetworkStateNotifier::RoundMbps( |