Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: ensure history navigations are sandboxed-iframe-aware #35420

Merged
merged 1 commit into from Sep 9, 2022
Merged

fix: ensure history navigations are sandboxed-iframe-aware #35420

merged 1 commit into from Sep 9, 2022

Conversation

jeremyspiegel
Copy link
Contributor

Description of Change

This fixes #35391

When a sandboxed iframe calls history.go(), the renderer calls into the browser at RenderFrameHostImpl::GoToEntryAtOffset:

  if (delegate_->IsAllowedToGoToEntryAtOffset(offset)) {
    if (IsSandboxed(network::mojom::WebSandboxFlags::kTopNavigation)) {
      // Keep track of whether this is a session history from a sandboxed iframe
      // with top level navigation disallowed.
      frame_tree_->controller().GoToOffsetInSandboxedFrame(
          offset, GetFrameTreeNodeId());
    } else {
      frame_tree_->controller().GoToOffsetFromRenderer(offset);
    }
  }

The call to delegate_->IsAllowedToGoToEntryAtOffset(offset) goes to WebContentsImpl::IsAllowedToGoToEntryAtOffset:

bool WebContentsImpl::IsAllowedToGoToEntryAtOffset(int32_t offset) {
  // TODO(https://crbug.com/1170277): This should probably be renamed to
  // WebContentsDelegate::IsAllowedToGoToEntryAtOffset or
  // ShouldGoToEntryAtOffset
  return !delegate_ || delegate_->OnGoToEntryOffset(offset);
}

And Electron's implementation of delegate_->OnGoToEntryOffset(offset) in electron::api::WebContents::OnGoToEntryOffset handles the navigation itself, rather than allowing RenderFrameHostImpl::GoToEntryAtOffset's default behavior of navigating in the frame instead of the parent context:

bool WebContents::OnGoToEntryOffset(int offset) {
  GoToOffset(offset);
  return false;
}

This change removes the override of OnGoToEntryOffset in electron::api::WebContents (the default implementation of WebContentsDelegate::OnGoToEntryOffset is just return true).

The override was added by @deepak1556 in #3875 to fix #3734. I think that the calling Chrome code may have changed since then, since it was so long ago (2015) and because of the comment in WebContentsImpl::IsAllowedToGoToEntryAtOffset about needing to rename WebContentsDelegate::OnGoToEntryOffset to WebContentsDelegate::IsAllowedToGoToEntryAtOffset or ShouldGoToEntryAtOffset.

Checklist

Release Notes

Notes: Fixed issue with history.back() in sandboxed iframes affecting parent browsing context.

@electron-cation electron-cation bot added the new-pr 🌱 PR opened in the last 24 hours label Aug 24, 2022
deepak1556
deepak1556 approved these changes Aug 24, 2022
View reviewed changes
Copy link
Member

@deepak1556 deepak1556 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for working on this issue!

Electron had the override before for an older process architecture where Renderer process would always restart expect for history navigations. But we have since then aligned our process architecture to that of Chromium and this hack is not required.

@deepak1556 deepak1556 added target/19-x-y target/21-x-y PR should also be added to the "21-x-y" branch. semver/patch backwards-compatible bug fixes labels Aug 24, 2022
@jeremyspiegel
Copy link
Contributor Author

Great, thank you for the reviews @deepak1556 and @codebytere!

@electron-cation electron-cation bot removed the new-pr 🌱 PR opened in the last 24 hours label Aug 25, 2022
@zcbenz
Copy link
Member

zcbenz commented Aug 29, 2022

@jeremyspiegel Can you rebase this PR on latest main? It should be able to fix the CI failure.

@zcbenz zcbenz force-pushed the sandboxed-iframe branch 2 times, most recently from ba36670 to f7fa823 Compare September 1, 2022 07:58
@jeremyspiegel
Copy link
Contributor Author

@zcbenz I've rebased on latest main and the checks are passing now.

@zcbenz zcbenz merged commit 730d918 into electron:main Sep 9, 2022
@release-clerk
Copy link

release-clerk bot commented Sep 9, 2022

Release Notes Persisted

Fixed issue with history.back() in sandboxed iframes affecting parent browsing context.

This was referenced Sep 9, 2022
Merged
Merged
Merged
@trop
Copy link
Contributor

trop bot commented Sep 9, 2022

I have automatically backported this PR to "19-x-y", please check out #35621

@trop trop bot added the in-flight/19-x-y label Sep 9, 2022
@trop
Copy link
Contributor

trop bot commented Sep 9, 2022

I have automatically backported this PR to "20-x-y", please check out #35622

@trop
Copy link
Contributor

trop bot commented Sep 9, 2022

I have automatically backported this PR to "21-x-y", please check out #35623

@trop trop bot added merged/19-x-y merged/21-x-y PR was merged to the "21-x-y" branch. and removed target/21-x-y PR should also be added to the "21-x-y" branch. in-flight/19-x-y labels Sep 9, 2022
@jeremyspiegel jeremyspiegel deleted the sandboxed-iframe branch October 12, 2022 00:08
@commit-lint commit-lint bot mentioned this pull request Dec 14, 2022
Open
khalwa pushed a commit to solarwindscloud/electron that referenced this pull request Feb 22, 2023
@jeremyspiegel @khalwa
fix: ensure history navigations are sandboxed-iframe-aware (electron#…
afd209d 
…35420)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zcbenz zcbenz zcbenz approved these changes

@deepak1556 deepak1556 deepak1556 approved these changes

@codebytere codebytere codebytere approved these changes

Assignees
No one assigned
Labels
merged/21-x-y PR was merged to the "21-x-y" branch. semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
4 participants
@jeremyspiegel @zcbenz @deepak1556 @codebytere