Extend url library for WebEngine custom schemes

Adds (another) parallel scheme registry in url/url_util_qt, which is then used in Chromium and Blink to specialize URL handling for WebEngine custom schemes. The registry is transmitted from the main process to subprocesses in a new command line flag (--webengine-schemes), since the scheme lists in url/url_util are locked before IPC is initialized. Task-number: QTBUG-62536 Change-Id: Id26811a18d4c740cc4d281d2da5720304a235a41 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
author: Jüri Valdmann <juri.valdmann@qt.io> 2018-04-19 12:14:44 +0200
committer: Allan Sandfeld Jensen <allan.jensen@qt.io> 2020-12-03 17:28:50 +0100
commit: 51827f82d36fc711e7c2415202ba24616778a4b2 (patch)
tree: 53529860b6b9512be0b026a10297fb0f92b9e510 /chromium/third_party/blink
parent: 9da24b32d2f40fa46a3c7b6f5eded46e0c742d42 (diff)
download: qtwebengine-chromium-51827f82d36fc711e7c2415202ba24616778a4b2.tar.gz
6 files changed, 66 insertions, 3 deletions
diff --git a/chromium/third_party/blink/renderer/core/workers/dedicated_worker.cc b/chromium/third_party/blink/renderer/core/workers/dedicated_worker.cc
index 44bc1a1148f..9f00b290041 100644
--- a/chromium/third_party/blink/renderer/core/workers/dedicated_worker.cc
+++ b/chromium/third_party/blink/renderer/core/workers/dedicated_worker.cc
@@ -73,6 +73,14 @@ DedicatedWorker* DedicatedWorker::Create(ExecutionContext* context,
     return nullptr;
   }
 
+  auto origin = SecurityOrigin::Create(script_request_url);
+  if (origin->IsBroken()) {
+      exception_state.ThrowDOMException(
+          DOMExceptionCode::kNotSupportedError,
+          "Access to dedicated workers is denied to origin '" + origin->ToString() + "'.");
+      return nullptr;
+  }
+
   if (context->IsWorkerGlobalScope())
     UseCounter::Count(context, WebFeature::kNestedDedicatedWorker);
 
diff --git a/chromium/third_party/blink/renderer/modules/broadcastchannel/broadcast_channel.cc b/chromium/third_party/blink/renderer/modules/broadcastchannel/broadcast_channel.cc
index cf5510635a7..4f7b9b7274d 100644
--- a/chromium/third_party/blink/renderer/modules/broadcastchannel/broadcast_channel.cc
+++ b/chromium/third_party/blink/renderer/modules/broadcastchannel/broadcast_channel.cc
@@ -53,6 +53,12 @@ BroadcastChannel* BroadcastChannel::Create(ExecutionContext* execution_context,
         "Can't create BroadcastChannel in an opaque origin");
     return nullptr;
   }
+  if (execution_context->GetSecurityOrigin()->IsBroken()) {
+      exception_state.ThrowDOMException(
+          DOMExceptionCode::kNotSupportedError,
+          "Can't create BroadcastChannel");
+      return nullptr;
+  }
   return MakeGarbageCollected<BroadcastChannel>(execution_context, name);
 }
 
diff --git a/chromium/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc b/chromium/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc
index a04a76dab1e..df95b880c19 100644
--- a/chromium/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc
+++ b/chromium/third_party/blink/renderer/modules/websockets/websocket_channel_impl.cc
@@ -248,7 +248,8 @@ bool WebSocketChannelImpl::Connect(const KURL& url, const String& protocol) {
   // If the connection needs to be filtered, asynchronously fail. Synchronous
   // failure blocks the worker thread which should be avoided. Note that
   // returning "true" just indicates that this was not a mixed content error.
-  if (ShouldDisallowConnection(url)) {
+  if (ShouldDisallowConnection(url) ||
+      execution_context_->GetSecurityOrigin()->IsBroken()) {
     execution_context_->GetTaskRunner(TaskType::kNetworking)
         ->PostTask(FROM_HERE,
                    WTF::Bind(&WebSocketChannelImpl::TearDownFailedConnection,
diff --git a/chromium/third_party/blink/renderer/platform/weborigin/scheme_registry.cc b/chromium/third_party/blink/renderer/platform/weborigin/scheme_registry.cc
index 66634ce43ef..ce9fd5572fe 100644
--- a/chromium/third_party/blink/renderer/platform/weborigin/scheme_registry.cc
+++ b/chromium/third_party/blink/renderer/platform/weborigin/scheme_registry.cc
@@ -34,6 +34,7 @@
 #include "third_party/blink/renderer/platform/wtf/threading.h"
 #include "third_party/blink/renderer/platform/wtf/threading_primitives.h"
 #include "url/url_util.h"
+#include "url/url_util_qt.h"
 
 namespace blink {
 
@@ -83,6 +84,15 @@ class URLSchemesRegistry final {
     }
     for (auto& scheme : url::GetEmptyDocumentSchemes())
       empty_document_schemes.insert(scheme.c_str());
+
+    // NOTE(juvaldma)(Chromium 67.0.3396.47)
+    //
+    // Non-blink Chromium has it's own version of this list (see
+    // content::RegisterContentSchemes).
+    for (auto& cs : url::CustomScheme::GetSchemes()) {
+      if (cs.flags & url::CustomScheme::ServiceWorkersAllowed)
+        service_worker_schemes.insert(String(cs.name.c_str()));
+    }
   }
   ~URLSchemesRegistry() = default;
 
diff --git a/chromium/third_party/blink/renderer/platform/weborigin/security_origin.cc b/chromium/third_party/blink/renderer/platform/weborigin/security_origin.cc
index c448d326226..9183e5e39c4 100644
--- a/chromium/third_party/blink/renderer/platform/weborigin/security_origin.cc
+++ b/chromium/third_party/blink/renderer/platform/weborigin/security_origin.cc
@@ -51,6 +51,7 @@
 #include "url/url_canon.h"
 #include "url/url_canon_ip.h"
 #include "url/url_util.h"
+#include "url/url_util_qt.h"
 
 namespace blink {
 
@@ -64,6 +65,10 @@ const String& EnsureNonNull(const String& string) {
 
 }  // namespace
 
+bool SecurityOrigin::IsBroken() const {
+  return !IsOpaque() && ToUrlOrigin().opaque();
+}
+
 bool SecurityOrigin::ShouldUseInnerURL(const KURL& url) {
   // FIXME: Blob URLs don't have inner URLs. Their form is
   // "blob:<inner-origin>/<UUID>", so treating the part after "blob:" as a URL
@@ -140,6 +145,27 @@ SecurityOrigin::SecurityOrigin(const KURL& url)
                                                             : url.Port()),
       effective_port_(port_ ? port_ : DefaultPortForProtocol(protocol_)) {
   DCHECK(!ShouldTreatAsOpaqueOrigin(url));
+
+  // NOTE(juvaldma)(Chromium 67.0.3396.47)
+  //
+  // If DefaultPortForProtocol and IsDefaultPortForProtocol were appropriately
+  // extended, then SecurityOrigin would *almost* work without the following
+  // code. The only problem is that can_load_local_resources_ would be set for
+  // Local schemes and not LocalAccessAllowed schemes.
+  if (const url::CustomScheme* cs = url::CustomScheme::FindScheme(StringUTF8Adaptor(protocol_).AsStringPiece())) {
+    if (cs->has_port_component()) {
+      if (!effective_port_) // 0 is kInvalidPort
+        effective_port_ = cs->default_port;
+      if (port_ == cs->default_port)
+        port_ = kInvalidPort;
+    } else {
+      effective_port_ = kInvalidPort;
+      port_ = kInvalidPort;
+    }
+    can_load_local_resources_ = cs->flags & url::CustomScheme::LocalAccessAllowed;
+    return;
+  }
+
   // By default, only local SecurityOrigins can load local resources.
   can_load_local_resources_ = IsLocal();
 }
@@ -507,6 +533,17 @@ String SecurityOrigin::ToRawString() const {
 }
 
 void SecurityOrigin::BuildRawString(StringBuilder& builder) const {
+  // NOTE(juvaldma)(Chromium 69.0.3497.128)
+  //
+  // Should match url::SchemeHostPort::Serialize().
+  if (const url::CustomScheme* cs = url::CustomScheme::FindScheme(StringUTF8Adaptor(protocol_).AsStringPiece())) {
+    if (!cs->has_host_component()) {
+      builder.Append(protocol_);
+      builder.Append(":");
+      return;
+    }
+  }
+
   builder.Append(protocol_);
   builder.Append("://");
   builder.Append(host_);
diff --git a/chromium/third_party/blink/renderer/platform/weborigin/security_origin.h b/chromium/third_party/blink/renderer/platform/weborigin/security_origin.h
index f2ee4da33cf..9e950cf9e76 100644
--- a/chromium/third_party/blink/renderer/platform/weborigin/security_origin.h
+++ b/chromium/third_party/blink/renderer/platform/weborigin/security_origin.h
@@ -93,6 +93,7 @@ class PLATFORM_EXPORT SecurityOrigin : public RefCounted<SecurityOrigin> {
                                               uint16_t port);
   static scoped_refptr<SecurityOrigin> CreateFromUrlOrigin(const url::Origin&);
   url::Origin ToUrlOrigin() const;
+  bool IsBroken() const;
 
   // Some URL schemes use nested URLs for their security context. For example,
   // filesystem URLs look like the following:
@@ -405,8 +406,8 @@ class PLATFORM_EXPORT SecurityOrigin : public RefCounted<SecurityOrigin> {
   const String protocol_ = g_empty_string;
   const String host_ = g_empty_string;
   String domain_ = g_empty_string;
-  const uint16_t port_ = kInvalidPort;
-  const uint16_t effective_port_ = kInvalidPort;
+  uint16_t port_ = kInvalidPort;
+  uint16_t effective_port_ = kInvalidPort;
   const base::Optional<url::Origin::Nonce> nonce_if_opaque_;
   bool universal_access_ = false;
   bool domain_was_set_in_dom_ = false;
author	Jüri Valdmann <juri.valdmann@qt.io>	2018-04-19 12:14:44 +0200
committer	Allan Sandfeld Jensen <allan.jensen@qt.io>	2020-12-03 17:28:50 +0100
commit	51827f82d36fc711e7c2415202ba24616778a4b2 (patch)
tree	53529860b6b9512be0b026a10297fb0f92b9e510 /chromium/third_party/blink
parent	9da24b32d2f40fa46a3c7b6f5eded46e0c742d42 (diff)
download	qtwebengine-chromium-51827f82d36fc711e7c2415202ba24616778a4b2.tar.gz