Update to Chromium version 105.0.5176.0 (#1023155)

2025-06-05 21:39:12 +02:00 · 2022-07-21 13:26:10 -04:00
parent 5e753d211f
commit e9f29ab3d6
92 changed files with 615 additions and 700 deletions
--- a/patch/patches/browser_security_policy_1081397.patch
+++ b/patch/patches/browser_security_policy_1081397.patch
@@ -1,5 +1,5 @@
 diff --git content/browser/child_process_security_policy_impl.cc content/browser/child_process_security_policy_impl.cc
-index 3a619b38da0c7..8bdf8ad9b1c18 100644
+index d254be9911f39..76e28fe22d988 100644
 --- content/browser/child_process_security_policy_impl.cc
 +++ content/browser/child_process_security_policy_impl.cc
@@ -1751,6 +1751,16 @@ bool ChildProcessSecurityPolicyImpl::CanAccessDataForMaybeOpaqueOrigin(
@@ -20,35 +20,37 @@ index 3a619b38da0c7..8bdf8ad9b1c18 100644
 
           // TODO(wjmaclean): We should update the ProcessLock comparison API
 diff --git content/browser/renderer_host/navigation_request.cc content/browser/renderer_host/navigation_request.cc
-index e3e73a2353312..4f2d190c000b2 100644
+index 8afc757188c41..d43e81d736fc4 100644
 --- content/browser/renderer_host/navigation_request.cc
 +++ content/browser/renderer_host/navigation_request.cc
-@@ -6312,6 +6312,12 @@ NavigationRequest::GetOriginForURLLoaderFactoryWithoutFinalFrameHost(
-     network::mojom::WebSandboxFlags sandbox_flags) {
-   // Calculate an approximation of the origin. The sandbox/csp are ignored.
-   url::Origin origin = GetOriginForURLLoaderFactoryUnchecked(this);
-+  if (!origin.GetURL().IsStandard()) {
-+    // Always return an opaque origin for non-standard URLs. Otherwise, the
-+    // below CanAccessDataForOrigin() check may fail for unregistered custom
-+    // scheme requests in CEF.
-+    return origin.DeriveNewOpaqueOrigin();
-+  }
+@@ -6373,6 +6373,14 @@ std::pair<url::Origin, std::string> NavigationRequest::
+     origin_and_debug_info.second += ", error";
+   }
 
-   // Apply sandbox flags.
-   // See https://html.spec.whatwg.org/#sandboxed-origin-browsing-context-flag
-@@ -6345,6 +6351,15 @@ NavigationRequest::GetOriginForURLLoaderFactoryWithFinalFrameHost() {
-   if (IsSameDocument() || IsPageActivation())
-     return GetRenderFrameHost()->GetLastCommittedOrigin();
- 
-+  // Calculate an approximation of the origin. The sandbox/csp are ignored.
-+  url::Origin unchecked_origin = GetOriginForURLLoaderFactoryUnchecked(this);
-+  if (!unchecked_origin.GetURL().IsStandard()) {
+  if (!origin_and_debug_info.first.GetURL().IsStandard()) {
 +    // Always return an opaque origin for non-standard URLs. Otherwise, the
-+    // below CanAccessDataForOrigin() check may fail for unregistered custom
-+    // scheme requests in CEF.
-+    return unchecked_origin.DeriveNewOpaqueOrigin();
+    // CanAccessDataForOrigin() check may fail for unregistered custom scheme
+    // requests in CEF.
+    use_opaque_origin = true;
+    origin_and_debug_info.second += ", cef_nonstandard";
 +  }
 +
-   url::Origin origin =
-       GetOriginForURLLoaderFactoryWithoutFinalFrameHost(SandboxFlagsToCommit());
+   if (use_opaque_origin) {
+     origin_and_debug_info =
+         std::make_pair(origin_and_debug_info.first.DeriveNewOpaqueOrigin(),
+@@ -6400,6 +6408,15 @@ std::pair<url::Origin, std::string> NavigationRequest::
+       GetOriginForURLLoaderFactoryWithoutFinalFrameHostWithDebugInfo(
+           SandboxFlagsToCommit());
 
+  if (origin_with_debug_info.first.opaque() &&
+      origin_with_debug_info.second.find("cef_nonstandard") !=
+          std::string::npos) {
+    // Always return an opaque origin for non-standard URLs. Otherwise, the
+    // below CanAccessDataForOrigin() check may fail for unregistered custom
+    // scheme requests in CEF.
+    return origin_with_debug_info;
+  }
+
+   // MHTML documents should commit as an opaque origin. They should not be able
+   // to make network request on behalf of the real origin.
+   DCHECK(!IsMhtmlOrSubframe() || origin_with_debug_info.first.opaque());