JoJo
/
LeOSium_webview
1
0
Fork 0
Code Pull Requests Packages Projects Releases 2 Wiki Activity
LeOSium_webview/LeOS/patches/Disable-third-party-origin-...

253 lines
12 KiB
Diff
Raw Blame History

From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Thu, 4 Nov 2021 09:19:24 +0100
Subject: Disable third-party origin trials
License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html
---
.../origin_trials/origin_trial_policy_impl.cc | 7 ++++---
.../origin_trials/origin_trial_policy_impl.h | 2 +-
.../browser/renderer_host/navigation_request.cc | 1 -
content/renderer/render_frame_impl.cc | 17 +----------------
.../shell/common/shell_origin_trial_policy.cc | 10 ++++------
.../origin_trials/trial_token_validator.cc | 1 +
.../renderer/core/loader/document_loader.cc | 17 -----------------
.../blink/renderer/core/loader/http_equiv.cc | 2 +-
.../core/origin_trials/origin_trial_context.cc | 6 ++++--
9 files changed, 16 insertions(+), 47 deletions(-)
diff --git a/components/embedder_support/origin_trials/origin_trial_policy_impl.cc b/components/embedder_support/origin_trials/origin_trial_policy_impl.cc
--- a/components/embedder_support/origin_trials/origin_trial_policy_impl.cc
+++ b/components/embedder_support/origin_trials/origin_trial_policy_impl.cc
@@ -24,10 +24,10 @@
namespace embedder_support {
-// This is the default public key used for validating signatures.
+// This is an invalid public key that will match no origin trial signature
static const blink::OriginTrialPublicKey kDefaultPublicKey = {
0x7c, 0xc4, 0xb8, 0x9a, 0x93, 0xba, 0x6e, 0xe2, 0xd0, 0xfd, 0x03,
- 0x1d, 0xfb, 0x32, 0x66, 0xc7, 0x3b, 0x72, 0xfd, 0x54, 0x3a, 0x07,
+ 0x1d, 0xfb, 0x32, 0x66, 0x00, 0x01, 0x02, 0xfd, 0x54, 0x3a, 0x07,
0x51, 0x14, 0x66, 0xaa, 0x02, 0x53, 0x4e, 0x33, 0xa1, 0x15,
};
@@ -61,7 +61,8 @@ OriginTrialPolicyImpl::OriginTrialPolicyImpl() {
OriginTrialPolicyImpl::~OriginTrialPolicyImpl() = default;
bool OriginTrialPolicyImpl::IsOriginTrialsSupported() const {
- return true;
+ // third-party origin trials are always disabled
+ return false;
}
const std::vector<blink::OriginTrialPublicKey>&
diff --git a/components/embedder_support/origin_trials/origin_trial_policy_impl.h b/components/embedder_support/origin_trials/origin_trial_policy_impl.h
--- a/components/embedder_support/origin_trials/origin_trial_policy_impl.h
+++ b/components/embedder_support/origin_trials/origin_trial_policy_impl.h
@@ -34,6 +34,7 @@ class OriginTrialPolicyImpl : public blink::OriginTrialPolicy {
bool IsTokenDisabled(base::StringPiece token_signature) const override;
bool IsOriginSecure(const GURL& url) const override;
+ private:
bool SetPublicKeysFromASCIIString(const std::string& ascii_public_key);
bool SetDisabledFeatures(const std::string& disabled_feature_list);
bool SetDisabledTokens(const std::vector<std::string>& tokens);
@@ -44,7 +45,6 @@ class OriginTrialPolicyImpl : public blink::OriginTrialPolicy {
bool GetAllowOnlyDeprecationTrials() const;
const std::set<std::string>* GetDisabledTokensForTesting() const override;
- private:
std::vector<blink::OriginTrialPublicKey> public_keys_;
std::set<std::string> disabled_features_;
std::set<std::string> disabled_tokens_;
diff --git a/content/browser/renderer_host/navigation_request.cc b/content/browser/renderer_host/navigation_request.cc
--- a/content/browser/renderer_host/navigation_request.cc
+++ b/content/browser/renderer_host/navigation_request.cc
@@ -8350,7 +8350,6 @@ void NavigationRequest::SetSourceSiteInstanceToInitiatorIfNeeded() {
void NavigationRequest::ForceEnableOriginTrials(
const std::vector<std::string>& trials) {
DCHECK(!HasCommitted());
- commit_params_->force_enabled_origin_trials = trials;
}
network::CrossOriginEmbedderPolicy
diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc
--- a/content/renderer/render_frame_impl.cc
+++ b/content/renderer/render_frame_impl.cc
@@ -477,10 +477,6 @@ void FillNavigationParamsRequest(
common_params.initiator_origin.value();
}
- navigation_params->initiator_origin_trial_features = {
- common_params.initiator_origin_trial_features.begin(),
- common_params.initiator_origin_trial_features.end()};
-
navigation_params->was_discarded = commit_params.was_discarded;
navigation_params->document_ukm_source_id =
commit_params.document_ukm_source_id;
@@ -508,12 +504,6 @@ void FillNavigationParamsRequest(
navigation_params->had_transient_user_activation =
common_params.has_user_gesture;
- WebVector<WebString> web_origin_trials;
- web_origin_trials.reserve(commit_params.force_enabled_origin_trials.size());
- for (const auto& trial : commit_params.force_enabled_origin_trials)
- web_origin_trials.emplace_back(WebString::FromASCII(trial));
- navigation_params->force_enabled_origin_trials = web_origin_trials;
-
if (!commit_params.early_hints_preloaded_resources.empty()) {
navigation_params->early_hints_preloaded_resources = WebVector<WebURL>();
for (const auto& resource : commit_params.early_hints_preloaded_resources) {
@@ -575,11 +565,6 @@ blink::mojom::CommonNavigationParamsPtr MakeCommonNavigationParams(
info->url_request.GetURLRequestExtraData().get());
DCHECK(url_request_extra_data);
- // Convert from WebVector<int> to std::vector<int>.
- std::vector<int> initiator_origin_trial_features(
- info->initiator_origin_trial_features.begin(),
- info->initiator_origin_trial_features.end());
-
blink::NavigationDownloadPolicy download_policy;
download_policy.ApplyDownloadFramePolicy(
info->is_opener_navigation, info->url_request.HasUserGesture(),
@@ -602,7 +587,7 @@ blink::mojom::CommonNavigationParamsPtr MakeCommonNavigationParams(
info->url_request.HasUserGesture(),
info->url_request.HasTextFragmentToken(),
info->should_check_main_world_content_security_policy,
- initiator_origin_trial_features, info->href_translate.Latin1(),
+ /*initiator_origin_trial_features*/std::vector<int>(), info->href_translate.Latin1(),
is_history_navigation_in_new_child_frame, info->input_start,
request_destination);
}
diff --git a/content/shell/common/shell_origin_trial_policy.cc b/content/shell/common/shell_origin_trial_policy.cc
--- a/content/shell/common/shell_origin_trial_policy.cc
+++ b/content/shell/common/shell_origin_trial_policy.cc
@@ -14,13 +14,10 @@ namespace content {
namespace {
-// This is the public key which the content shell will use to enable origin
-// trial features. Trial tokens for use in web tests can be created with the
-// tool in /tools/origin_trials/generate_token.py, using the private key
-// contained in /tools/origin_trials/eftest.key.
+// This is an invalid public key that does not allow any origin trial verification
static const blink::OriginTrialPublicKey kOriginTrialPublicKey = {
0x75, 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2,
- 0x9a, 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f,
+ 0x9a, 0xd0, 0x00, 0x01, 0x02, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f,
0x64, 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0,
};
@@ -33,7 +30,8 @@ ShellOriginTrialPolicy::ShellOriginTrialPolicy() {
ShellOriginTrialPolicy::~ShellOriginTrialPolicy() {}
bool ShellOriginTrialPolicy::IsOriginTrialsSupported() const {
- return true;
+ // third-party origin trials are always disabled
+ return false;
}
const std::vector<blink::OriginTrialPublicKey>&
diff --git a/third_party/blink/common/origin_trials/trial_token_validator.cc b/third_party/blink/common/origin_trials/trial_token_validator.cc
--- a/third_party/blink/common/origin_trials/trial_token_validator.cc
+++ b/third_party/blink/common/origin_trials/trial_token_validator.cc
@@ -425,6 +425,7 @@ TrialTokenValidator::GetValidTokens(const url::Origin& origin,
// static
bool TrialTokenValidator::IsTrialPossibleOnOrigin(const GURL& url) {
+ if ((true)) return false;
OriginTrialPolicy* policy = PolicyGetter().Run();
return policy && policy->IsOriginTrialsSupported() &&
policy->IsOriginSecure(url);
diff --git a/third_party/blink/renderer/core/loader/document_loader.cc b/third_party/blink/renderer/core/loader/document_loader.cc
--- a/third_party/blink/renderer/core/loader/document_loader.cc
+++ b/third_party/blink/renderer/core/loader/document_loader.cc
@@ -174,13 +174,6 @@ namespace {
Vector<OriginTrialFeature> CopyInitiatorOriginTrials(
const WebVector<int>& initiator_origin_trial_features) {
Vector<OriginTrialFeature> result;
- for (auto feature : initiator_origin_trial_features) {
- // Convert from int to OriginTrialFeature. These values are passed between
- // blink navigations. OriginTrialFeature isn't visible outside of blink (and
- // doesn't need to be) so the values are transferred outside of blink as
- // ints and casted to OriginTrialFeature once being processed in blink.
- result.push_back(static_cast<OriginTrialFeature>(feature));
- }
return result;
}
@@ -193,18 +186,12 @@ WebVector<int> CopyInitiatorOriginTrials(
Vector<String> CopyForceEnabledOriginTrials(
const WebVector<WebString>& force_enabled_origin_trials) {
Vector<String> result;
- result.ReserveInitialCapacity(
- base::checked_cast<wtf_size_t>(force_enabled_origin_trials.size()));
- for (const auto& trial : force_enabled_origin_trials)
- result.push_back(trial);
return result;
}
WebVector<WebString> CopyForceEnabledOriginTrials(
const Vector<String>& force_enabled_origin_trials) {
WebVector<String> result;
- for (const auto& trial : force_enabled_origin_trials)
- result.emplace_back(trial);
return result;
}
@@ -2859,10 +2846,6 @@ void DocumentLoader::CreateParserPostCommit() {
OriginTrialFeature::kTouchEventFeatureDetection);
}
- // Enable any origin trials that have been force enabled for this commit.
- window->GetOriginTrialContext()->AddForceEnabledTrials(
- force_enabled_origin_trials_);
-
OriginTrialContext::ActivateNavigationFeaturesFromInitiator(
window, &initiator_origin_trial_features_);
}
diff --git a/third_party/blink/renderer/core/loader/http_equiv.cc b/third_party/blink/renderer/core/loader/http_equiv.cc
--- a/third_party/blink/renderer/core/loader/http_equiv.cc
+++ b/third_party/blink/renderer/core/loader/http_equiv.cc
@@ -108,7 +108,7 @@ void HttpEquiv::ProcessHttpEquivDefaultStyle(Document& document,
void HttpEquiv::ProcessHttpEquivOriginTrial(LocalDOMWindow* window,
const AtomicString& content) {
- if (!window)
+ if ((true))
return;
// For meta tags injected by script, process the token with the origin of the
// external script, if available. Get the top 3 script urls from the stack, as
diff --git a/third_party/blink/renderer/core/origin_trials/origin_trial_context.cc b/third_party/blink/renderer/core/origin_trials/origin_trial_context.cc
--- a/third_party/blink/renderer/core/origin_trials/origin_trial_context.cc
+++ b/third_party/blink/renderer/core/origin_trials/origin_trial_context.cc
@@ -316,6 +316,9 @@ void OriginTrialContext::AddToken(const String& token) {
void OriginTrialContext::AddTokenFromExternalScript(
const String& token,
const Vector<scoped_refptr<SecurityOrigin>>& external_origins) {
+ if ((true)) {
+ return;
+ }
Vector<OriginInfo> script_origins;
for (const scoped_refptr<SecurityOrigin>& origin : external_origins) {
OriginInfo origin_info = {.origin = origin,
@@ -451,8 +454,6 @@ bool OriginTrialContext::InstallSettingFeature(
}
void OriginTrialContext::AddFeature(OriginTrialFeature feature) {
- enabled_features_.insert(feature);
- InitializePendingFeatures();
}
bool OriginTrialContext::IsFeatureEnabled(OriginTrialFeature feature) const {
@@ -494,6 +495,7 @@ void OriginTrialContext::AddForceEnabledTrials(
}
bool OriginTrialContext::CanEnableTrialFromName(const StringView& trial_name) {
+ if ((true)) return false;
if (trial_name == "Portals")
return base::FeatureList::IsEnabled(features::kPortals);
--
2.25.1
View Git Blame Copy Permalink