From b2e9e2a49c8aed59b23e0f341e932a49faf67cd5 Mon Sep 17 00:00:00 2001 From: deepak1556 Date: Thu, 15 Nov 2018 21:41:29 +0530 Subject: [PATCH] fix: extend content layer hook to bypass corb when web security is disabled. --- atom/browser/atom_browser_client.cc | 15 +++++++++++++++ atom/browser/atom_browser_client.h | 7 ++++++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/atom/browser/atom_browser_client.cc b/atom/browser/atom_browser_client.cc index 0b2f30ae26731..ac2d384206664 100644 --- a/atom/browser/atom_browser_client.cc +++ b/atom/browser/atom_browser_client.cc @@ -223,28 +223,34 @@ bool AtomBrowserClient::ShouldCreateNewSiteInstance( void AtomBrowserClient::AddProcessPreferences( int process_id, AtomBrowserClient::ProcessPreferences prefs) { + base::AutoLock auto_lock(process_preferences_lock_); process_preferences_[process_id] = prefs; } void AtomBrowserClient::RemoveProcessPreferences(int process_id) { + base::AutoLock auto_lock(process_preferences_lock_); process_preferences_.erase(process_id); } bool AtomBrowserClient::IsProcessObserved(int process_id) { + base::AutoLock auto_lock(process_preferences_lock_); return process_preferences_.find(process_id) != process_preferences_.end(); } bool AtomBrowserClient::IsRendererSandboxed(int process_id) { + base::AutoLock auto_lock(process_preferences_lock_); auto it = process_preferences_.find(process_id); return it != process_preferences_.end() && it->second.sandbox; } bool AtomBrowserClient::RendererUsesNativeWindowOpen(int process_id) { + base::AutoLock auto_lock(process_preferences_lock_); auto it = process_preferences_.find(process_id); return it != process_preferences_.end() && it->second.native_window_open; } bool AtomBrowserClient::RendererDisablesPopups(int process_id) { + base::AutoLock auto_lock(process_preferences_lock_); auto it = process_preferences_.find(process_id); return it != process_preferences_.end() && it->second.disable_popups; } @@ -274,6 +280,8 @@ void AtomBrowserClient::RenderProcessWillLaunch( prefs.native_window_open = web_preferences->IsEnabled(options::kNativeWindowOpen); prefs.disable_popups = web_preferences->IsEnabled("disablePopups"); + prefs.web_security = web_preferences->IsEnabled(options::kWebSecurity, + true /* default value */); } AddProcessPreferences(host->GetID(), prefs); // ensure the ProcessPreferences is removed later @@ -778,6 +786,13 @@ void AtomBrowserClient::OnNetworkServiceCreated( network_service); } +bool AtomBrowserClient::ShouldBypassCORB(int render_process_id) { + // This is called on the network thread. + base::AutoLock auto_lock(process_preferences_lock_); + auto it = process_preferences_.find(render_process_id); + return it != process_preferences_.end() && !it->second.web_security; +} + std::string AtomBrowserClient::GetApplicationLocale() { if (BrowserThread::CurrentlyOn(BrowserThread::IO)) return g_io_thread_application_locale.Get(); diff --git a/atom/browser/atom_browser_client.h b/atom/browser/atom_browser_client.h index e3cd4aa247c85..e70ba5986fbf8 100644 --- a/atom/browser/atom_browser_client.h +++ b/atom/browser/atom_browser_client.h @@ -11,6 +11,7 @@ #include #include +#include "base/synchronization/lock.h" #include "content/public/browser/content_browser_client.h" #include "content/public/browser/render_process_host_observer.h" #include "net/ssl/client_cert_identity.h" @@ -143,6 +144,7 @@ class AtomBrowserClient : public content::ContentBrowserClient, GetSystemSharedURLLoaderFactory() override; void OnNetworkServiceCreated( network::mojom::NetworkService* network_service) override; + bool ShouldBypassCORB(int render_process_id) override; // content::RenderProcessHostObserver: void RenderProcessHostDestroyed(content::RenderProcessHost* host) override; @@ -164,6 +166,7 @@ class AtomBrowserClient : public content::ContentBrowserClient, bool sandbox = false; bool native_window_open = false; bool disable_popups = false; + bool web_security = true; }; bool ShouldCreateNewSiteInstance(content::RenderFrameHost* render_frame_host, @@ -180,7 +183,6 @@ class AtomBrowserClient : public content::ContentBrowserClient, // pending_render_process => web contents. std::map pending_processes_; - std::map process_preferences_; std::map render_process_host_pids_; // list of site per affinity. weak_ptr to prevent instance locking @@ -194,6 +196,9 @@ class AtomBrowserClient : public content::ContentBrowserClient, Delegate* delegate_ = nullptr; + base::Lock process_preferences_lock_; + std::map process_preferences_; + DISALLOW_COPY_AND_ASSIGN(AtomBrowserClient); };