From 4c4e9325460f277a8db45b8b12d48efaddbdb841 Mon Sep 17 00:00:00 2001 From: Tsuyoshi Horo Date: Fri, 19 May 2017 13:31:16 +0900 Subject: [PATCH] Set the requester context info to the requests for off-main-thread-fetch. This CL pipes the IsOriginSecure state to WorkerFetchContext and set it to the RequestExtraData at WorkerFetchContextImpl::WillSendRequest(). And WorkerFetchContext::PrepareRequest() sets the RequestorOrigin of requests. After this cl, foreign fetch tests will pass. BUG=443374 R=falken@chromium.org, kinuko@chromium.org Review-Url: https://codereview.chromium.org/2890723002 . Cr-Commit-Position: refs/heads/master@{#473086} --- content/renderer/render_frame_impl.cc | 2 ++ .../service_worker/worker_fetch_context_impl.cc | 5 +++++ .../service_worker/worker_fetch_context_impl.h | 12 +++++++++++- .../shared_worker/embedded_shared_worker_stub.cc | 6 ++++++ third_party/WebKit/LayoutTests/TestExpectations | 1 - .../foreign-fetch-workers.https-expected.txt | 8 -------- 6 files changed, 24 insertions(+), 10 deletions(-) delete mode 100644 third_party/WebKit/LayoutTests/virtual/off-main-thread-fetch/external/wpt/service-workers/service-worker/foreign-fetch-workers.https-expected.txt diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc index 9243e310abdb4b..d9ec3fcd0ddc2b 100644 --- a/content/renderer/render_frame_impl.cc +++ b/content/renderer/render_frame_impl.cc @@ -3037,6 +3037,8 @@ RenderFrameImpl::CreateWorkerFetchContext() { worker_fetch_context->set_parent_frame_id(routing_id_); worker_fetch_context->set_first_party_for_cookies( frame_->GetDocument().FirstPartyForCookies()); + worker_fetch_context->set_is_secure_context( + frame_->GetDocument().IsSecureContext()); blink::WebServiceWorkerNetworkProvider* web_provider = frame_->DataSource()->GetServiceWorkerNetworkProvider(); if (web_provider) { diff --git a/content/renderer/service_worker/worker_fetch_context_impl.cc b/content/renderer/service_worker/worker_fetch_context_impl.cc index e8180176d55fc9..8f136b98960ae1 100644 --- a/content/renderer/service_worker/worker_fetch_context_impl.cc +++ b/content/renderer/service_worker/worker_fetch_context_impl.cc @@ -44,6 +44,7 @@ void WorkerFetchContextImpl::WillSendRequest(blink::WebURLRequest& request) { RequestExtraData* extra_data = new RequestExtraData(); extra_data->set_service_worker_provider_id(service_worker_provider_id_); extra_data->set_render_frame_id(parent_frame_id_); + extra_data->set_initiated_in_secure_context(is_secure_context_); request.SetExtraData(extra_data); if (!IsControlledByServiceWorker() && @@ -88,6 +89,10 @@ void WorkerFetchContextImpl::set_first_party_for_cookies( first_party_for_cookies_ = first_party_for_cookies; } +void WorkerFetchContextImpl::set_is_secure_context(bool flag) { + is_secure_context_ = flag; +} + void WorkerFetchContextImpl::SetControllerServiceWorker( int64_t controller_version_id) { controller_version_id_ = controller_version_id; diff --git a/content/renderer/service_worker/worker_fetch_context_impl.h b/content/renderer/service_worker/worker_fetch_context_impl.h index a99823f7bc7da2..175ead6553e1b6 100644 --- a/content/renderer/service_worker/worker_fetch_context_impl.h +++ b/content/renderer/service_worker/worker_fetch_context_impl.h @@ -20,6 +20,11 @@ namespace content { class ResourceDispatcher; +// This class is used while fetching resource requests on workers (dedicated +// worker and shared worker) when off-main-thread-fetch is enabled. This class +// is created on the main thread and passed to the worker thread. +// This class is not used for service workers. For service workers, +// ServiceWorkerFetchContextImpl class is used instead. class WorkerFetchContextImpl : public blink::WebWorkerFetchContext, public mojom::ServiceWorkerWorkerClient { public: @@ -39,12 +44,16 @@ class WorkerFetchContextImpl : public blink::WebWorkerFetchContext, // mojom::ServiceWorkerWorkerClient implementation: void SetControllerServiceWorker(int64_t controller_version_id) override; - // Sets the fetch context status of the parent frame. + // Sets the fetch context status copied from the frame; the parent frame for a + // dedicated worker, the main frame of the shadow page for a shared worker. void set_service_worker_provider_id(int id); void set_is_controlled_by_service_worker(bool flag); void set_parent_frame_id(int id); void set_first_party_for_cookies( const blink::WebURL& first_party_for_cookies); + // Sets whether the worker context is a secure context. + // https://w3c.github.io/webappsec-secure-contexts/ + void set_is_secure_context(bool flag); private: mojom::WorkerURLLoaderFactoryProviderPtrInfo provider_info_; @@ -65,6 +74,7 @@ class WorkerFetchContextImpl : public blink::WebWorkerFetchContext, bool is_data_saver_enabled_ = false; int parent_frame_id_ = MSG_ROUTING_NONE; GURL first_party_for_cookies_; + bool is_secure_context_ = false; }; } // namespace content diff --git a/content/renderer/shared_worker/embedded_shared_worker_stub.cc b/content/renderer/shared_worker/embedded_shared_worker_stub.cc index 778cd36c454a13..3c2d602b033cdd 100644 --- a/content/renderer/shared_worker/embedded_shared_worker_stub.cc +++ b/content/renderer/shared_worker/embedded_shared_worker_stub.cc @@ -277,6 +277,12 @@ EmbeddedSharedWorkerStub::CreateWorkerFetchContext( // (crbug.com/723553) // https://tools.ietf.org/html/draft-west-first-party-cookies-07#section-2.1.2 worker_fetch_context->set_first_party_for_cookies(url_); + // TODO(horo): Currently we treat the worker context as secure if the origin + // of the shared worker script url is secure. But according to the spec, if + // the creation context is not secure, we should treat the worker as + // non-secure. crbug.com/723575 + // https://w3c.github.io/webappsec-secure-contexts/#examples-shared-workers + worker_fetch_context->set_is_secure_context(IsOriginSecure(url_)); if (web_network_provider) { ServiceWorkerNetworkProvider* network_provider = ServiceWorkerNetworkProvider::FromWebServiceWorkerNetworkProvider( diff --git a/third_party/WebKit/LayoutTests/TestExpectations b/third_party/WebKit/LayoutTests/TestExpectations index c7cfb31665e6b7..0dfbb81bfccb41 100644 --- a/third_party/WebKit/LayoutTests/TestExpectations +++ b/third_party/WebKit/LayoutTests/TestExpectations @@ -2870,7 +2870,6 @@ crbug.com/664873 http/tests/xmlhttprequest/small-chunks-response-text.html [ Fai crbug.com/664873 virtual/mojo-loading/http/tests/xmlhttprequest/small-chunks-response-text.html [ Failure Pass ] # off-main-thread-fetch: This is an experimental feature. -crbug.com/443374 virtual/off-main-thread-fetch/external/wpt/service-workers/service-worker/foreign-fetch-basics.https.html [ Skip ] crbug.com/443374 virtual/off-main-thread-fetch/http/tests/inspector/service-workers/user-agent-override.html [ Failure ] crbug.com/660295 inspector/elements/elements-panel-restore-selection-when-node-comes-later.html [ Pass Failure ] diff --git a/third_party/WebKit/LayoutTests/virtual/off-main-thread-fetch/external/wpt/service-workers/service-worker/foreign-fetch-workers.https-expected.txt b/third_party/WebKit/LayoutTests/virtual/off-main-thread-fetch/external/wpt/service-workers/service-worker/foreign-fetch-workers.https-expected.txt deleted file mode 100644 index a973e179d574df..00000000000000 --- a/third_party/WebKit/LayoutTests/virtual/off-main-thread-fetch/external/wpt/service-workers/service-worker/foreign-fetch-workers.https-expected.txt +++ /dev/null @@ -1,8 +0,0 @@ -This is a testharness.js-based test. -PASS Foreign fetch can intercept fetches made from a service worker -FAIL Foreign fetch can intercept fetches made from a dedicated worker assert_equals: expected "Success: Foreign Fetch" but got "Error: TypeError: Failed to fetch" -FAIL Foreign fetch can intercept fetches made from a shared worker assert_equals: expected "Success: Foreign Fetch" but got "Error: TypeError: Failed to fetch" -FAIL Fetches from an insecure dedicated worker aren't intercepted. assert_equals: expected "Success: Foreign Fetch" but got "Error: TypeError: Failed to fetch" -FAIL Fetches from an insecure shared worker aren't intercepted. assert_equals: expected "Success: Foreign Fetch" but got "Error: TypeError: Failed to fetch" -Harness: the test ran to completion. -