Fix cookie exclusion for fetch CORS pre-flight requests (fixes #3596)

Cookies (and other credentials) will be excluded when appropriate by
downgrading |credentials_mode| from kSameOrigin to kOmit.

Improve logic for Origin header inclusion, including a fix for
Referrer/Origin calculation in URLRequestJob::ComputeReferrerForPolicy
when used with custom standard schemes.

Specify correct CookiePartitionKeyCollection when loading cookies.

To test:
- Run tests from https://browseraudit.com/ with and without
  `--disable-request-handling-for-testing`. Results are the same.
- Run `ceftests --gtest_filter=CorsTest.*`.
This commit is contained in:
Marshall Greenblatt
2023-11-16 18:19:27 -05:00
parent a9f1ce090a
commit cf934a20a7
10 changed files with 166 additions and 32 deletions

View File

@ -678,5 +678,11 @@ patches = [
# https://chromium-review.googlesource.com/c/chromium/src/+/4829483
# https://bugs.chromium.org/p/chromium/issues/detail?id=1470837#c22
'name': 'rfh_navigation_4829483'
},
{
# Fix Referrer & Origin calculation for secure referrer (custom standard
# scheme) with insecure destination.
# https://github.com/chromiumembedded/cef/issues/3596
'name': 'net_url_request_3596'
}
]

View File

@ -0,0 +1,39 @@
diff --git net/url_request/url_request_job.cc net/url_request/url_request_job.cc
index 0e585570d3fa6..7158d4e8df44e 100644
--- net/url_request/url_request_job.cc
+++ net/url_request/url_request_job.cc
@@ -34,6 +34,7 @@
#include "net/ssl/ssl_private_key.h"
#include "net/url_request/redirect_util.h"
#include "net/url_request/url_request_context.h"
+#include "url/url_util.h"
namespace net {
@@ -46,6 +47,16 @@ base::Value::Dict SourceStreamSetParams(SourceStream* source_stream) {
return event_params;
}
+bool IsSecureScheme(const GURL& url) {
+ if (!url.has_scheme()) {
+ return false;
+ }
+ if (GURL::SchemeIsCryptographic(url.scheme_piece())) {
+ return true;
+ }
+ return base::Contains(url::GetSecureSchemes(), url.scheme_piece());
+}
+
} // namespace
// Each SourceStreams own the previous SourceStream in the chain, but the
@@ -334,8 +345,7 @@ GURL URLRequestJob::ComputeReferrerForPolicy(
}
bool secure_referrer_but_insecure_destination =
- original_referrer.SchemeIsCryptographic() &&
- !destination.SchemeIsCryptographic();
+ IsSecureScheme(original_referrer) && !IsSecureScheme(destination);
switch (policy) {
case ReferrerPolicy::CLEAR_ON_TRANSITION_FROM_SECURE_TO_INSECURE: