From e610c879b8cb7fcc60d2d6774cf779e6d816cfd7 Mon Sep 17 00:00:00 2001 From: Milan Burda Date: Wed, 5 Jun 2019 13:40:47 +0200 Subject: [PATCH] feat: sandbox renderer processes for cross-origin frames --- atom/browser/atom_browser_client.cc | 10 +++++++++- atom/browser/atom_browser_client.h | 4 +++- atom/browser/web_contents_preferences.cc | 10 +++++++--- atom/browser/web_contents_preferences.h | 3 ++- 4 files changed, 21 insertions(+), 6 deletions(-) diff --git a/atom/browser/atom_browser_client.cc b/atom/browser/atom_browser_client.cc index 787c428826593..ba7a7bf01cc7a 100644 --- a/atom/browser/atom_browser_client.cc +++ b/atom/browser/atom_browser_client.cc @@ -325,6 +325,11 @@ void AtomBrowserClient::ConsiderSiteInstanceForAffinity( } } +bool AtomBrowserClient::isRendererSubFrame(int process_id) const { + auto it = renderer_is_subframe_.find(process_id); + return it != renderer_is_subframe_.end() && it->second; +} + void AtomBrowserClient::RenderProcessWillLaunch( content::RenderProcessHost* host, service_manager::mojom::ServiceRequest* service_request) { @@ -461,6 +466,7 @@ void AtomBrowserClient::RegisterPendingSiteInstance( auto* web_contents = content::WebContents::FromRenderFrameHost(rfh); auto* pending_process = pending_site_instance->GetProcess(); pending_processes_[pending_process->GetID()] = web_contents; + renderer_is_subframe_[pending_process->GetID()] = rfh->GetParent() != nullptr; } void AtomBrowserClient::AppendExtraCommandLineSwitches( @@ -511,7 +517,8 @@ void AtomBrowserClient::AppendExtraCommandLineSwitches( } auto* web_preferences = WebContentsPreferences::From(web_contents); if (web_preferences) - web_preferences->AppendCommandLineSwitches(command_line); + web_preferences->AppendCommandLineSwitches( + command_line, isRendererSubFrame(process_id)); SessionPreferences::AppendExtraCommandLineSwitches( web_contents->GetBrowserContext(), command_line); if (CanUseCustomSiteInstance()) { @@ -757,6 +764,7 @@ void AtomBrowserClient::RenderProcessHostDestroyed( content::RenderProcessHost* host) { int process_id = host->GetID(); pending_processes_.erase(process_id); + renderer_is_subframe_.erase(process_id); RemoveProcessPreferences(process_id); } diff --git a/atom/browser/atom_browser_client.h b/atom/browser/atom_browser_client.h index 2dd3901cdcbc2..b1357043073f6 100644 --- a/atom/browser/atom_browser_client.h +++ b/atom/browser/atom_browser_client.h @@ -234,9 +234,11 @@ class AtomBrowserClient : public content::ContentBrowserClient, void ConsiderSiteInstanceForAffinity(content::RenderFrameHost* rfh, content::SiteInstance* site_instance); + bool isRendererSubFrame(int process_id) const; + // pending_render_process => web contents. std::map pending_processes_; - + std::map renderer_is_subframe_; std::map render_process_host_pids_; // list of site per affinity. weak_ptr to prevent instance locking diff --git a/atom/browser/web_contents_preferences.cc b/atom/browser/web_contents_preferences.cc index b7032f72b3694..e8cfd14277283 100644 --- a/atom/browser/web_contents_preferences.cc +++ b/atom/browser/web_contents_preferences.cc @@ -271,7 +271,8 @@ WebContentsPreferences* WebContentsPreferences::From( } void WebContentsPreferences::AppendCommandLineSwitches( - base::CommandLine* command_line) { + base::CommandLine* command_line, + bool is_subframe) { // Check if plugins are enabled. if (IsEnabled(options::kPlugins)) command_line->AppendSwitch(switches::kEnablePlugins); @@ -293,12 +294,15 @@ void WebContentsPreferences::AppendCommandLineSwitches( if (IsEnabled(options::kWebviewTag)) command_line->AppendSwitch(switches::kWebviewTag); + bool sandbox_subframes = is_subframe && !IsEnabled(options::kNodeIntegrationInSubFrames)); + // If the `sandbox` option was passed to the BrowserWindow's webPreferences, // pass `--enable-sandbox` to the renderer so it won't have any node.js // integration. - if (IsEnabled(options::kSandbox)) { + if (IsEnabled(options::kSandbox) || sandbox_subframes) { command_line->AppendSwitch(switches::kEnableSandbox); - } else if (!command_line->HasSwitch(switches::kEnableSandbox)) { + } else if (!command_line->HasSwitch(switches::kEnableSandbox) && + !sandbox_subframes) { command_line->AppendSwitch(service_manager::switches::kNoSandbox); command_line->AppendSwitch(::switches::kNoZygote); } diff --git a/atom/browser/web_contents_preferences.h b/atom/browser/web_contents_preferences.h index 465acf4a1569a..57c24a2827d35 100644 --- a/atom/browser/web_contents_preferences.h +++ b/atom/browser/web_contents_preferences.h @@ -47,7 +47,8 @@ class WebContentsPreferences void Merge(const base::DictionaryValue& new_web_preferences); // Append command paramters according to preferences. - void AppendCommandLineSwitches(base::CommandLine* command_line); + void AppendCommandLineSwitches(base::CommandLine* command_line, + bool is_subframe); // Modify the WebPreferences according to preferences. void OverrideWebkitPrefs(content::WebPreferences* prefs);