Update to Chromium version 100.0.4896.0 (#972766)

2025-06-05 21:39:12 +02:00 · 2022-02-21 17:23:40 -05:00
parent a2c621bf8b
commit f97f0bbda6
120 changed files with 668 additions and 725 deletions
--- a/libcef/renderer/alloy/alloy_content_renderer_client.cc
+++ b/libcef/renderer/alloy/alloy_content_renderer_client.cc
@@ -7,7 +7,7 @@

 #include <utility>

-#include "base/compiler_specific.h"
+#include "build/build_config.h"

 // Enable deprecation warnings on Windows. See http://crbug.com/585142.
 #if BUILDFLAG(IS_WIN)
@@ -60,7 +60,6 @@
 #include "components/nacl/common/nacl_constants.h"
 #include "components/pdf/common/internal_plugin_helpers.h"
 #include "components/pdf/renderer/internal_plugin_renderer_helpers.h"
-#include "components/pdf/renderer/pdf_find_in_page.h"
 #include "components/printing/renderer/print_render_frame_helper.h"
 #include "components/spellcheck/renderer/spellcheck.h"
 #include "components/spellcheck/renderer/spellcheck_provider.h"
@@ -76,6 +75,7 @@
 #include "content/public/common/url_constants.h"
 #include "content/public/renderer/render_view.h"
 #include "content/public/renderer/render_view_visitor.h"
+#include "extensions/common/manifest_handlers/csp_info.h"
 #include "extensions/common/switches.h"
 #include "extensions/renderer/guest_view/mime_handler_view/mime_handler_view_container_manager.h"
 #include "extensions/renderer/renderer_extension_registry.h"
@@ -83,7 +83,6 @@
 #include "media/base/media.h"
 #include "mojo/public/cpp/bindings/binder_map.h"
 #include "mojo/public/cpp/bindings/generic_pending_receiver.h"
-#include "pdf/pdf_features.h"
 #include "printing/print_settings.h"
 #include "services/network/public/cpp/is_potentially_trustworthy.h"
 #include "services/service_manager/public/cpp/connector.h"
@@ -308,12 +307,6 @@ void AlloyContentRendererClient::RenderFrameCreated(
        base::WrapUnique(
            new extensions::CefPrintRenderFrameHelperDelegate(*is_windowless)));
  }
-
-  if (base::FeatureList::IsEnabled(chrome_pdf::features::kPdfUnseasoned)) {
-    render_frame_observer->associated_interfaces()->AddInterface(
-        base::BindRepeating(&pdf::PdfFindInPageFactory::BindReceiver,
-                            render_frame->GetRoutingID()));
-  }
 }

 void AlloyContentRendererClient::WebViewCreated(blink::WebView* web_view) {
@@ -343,9 +336,8 @@ bool AlloyContentRendererClient::IsPluginHandledExternally(
  // a more unified approach to avoid sending the IPC twice.
  chrome::mojom::PluginInfoPtr plugin_info = chrome::mojom::PluginInfo::New();
  ChromeContentRendererClient::GetPluginInfoHost()->GetPluginInfo(
-      render_frame->GetRoutingID(), original_url,
-      render_frame->GetWebFrame()->Top()->GetSecurityOrigin(), mime_type,
-      &plugin_info);
+      original_url, render_frame->GetWebFrame()->Top()->GetSecurityOrigin(),
+      mime_type, &plugin_info);
  // TODO(ekaramad): Not continuing here due to a disallowed status should take
  // us to CreatePlugin. See if more in depths investigation of |status| is
  // necessary here (see https://crbug.com/965747). For now, returning false
@@ -389,9 +381,8 @@ bool AlloyContentRendererClient::OverrideCreatePlugin(
  GURL url(params.url);
  chrome::mojom::PluginInfoPtr plugin_info = chrome::mojom::PluginInfo::New();
  ChromeContentRendererClient::GetPluginInfoHost()->GetPluginInfo(
-      render_frame->GetRoutingID(), url,
-      render_frame->GetWebFrame()->Top()->GetSecurityOrigin(), orig_mime_type,
-      &plugin_info);
+      url, render_frame->GetWebFrame()->Top()->GetSecurityOrigin(),
+      orig_mime_type, &plugin_info);
  *plugin = ChromeContentRendererClient::CreatePlugin(render_frame, params,
                                                      *plugin_info);
  return true;
@@ -428,9 +419,9 @@ bool AlloyContentRendererClient::IsOriginIsolatedPepperPlugin(
  return true;
 }

-void AlloyContentRendererClient::AddSupportedKeySystems(
-    std::vector<std::unique_ptr<::media::KeySystemProperties>>* key_systems) {
-  key_systems_provider_.AddSupportedKeySystems(key_systems);
+void AlloyContentRendererClient::GetSupportedKeySystems(
+    media::GetSupportedKeySystemsCB cb) {
+  key_systems_provider_.GetSupportedKeySystems(std::move(cb));
 }

 bool AlloyContentRendererClient::IsKeySystemsUpdateNeeded() {
@@ -487,6 +478,39 @@ AlloyContentRendererClient::CreateURLLoaderThrottleProvider(
  return std::make_unique<CefURLLoaderThrottleProviderImpl>(provider_type);
 }

+void AlloyContentRendererClient::AppendContentSecurityPolicy(
+    const blink::WebURL& url,
+    blink::WebVector<blink::WebContentSecurityPolicyHeader>* csp) {
+  if (!extensions::ExtensionsEnabled())
+    return;
+
+  // Don't apply default CSP to PDF renderers.
+  // TODO(crbug.com/1252096): Lock down the CSP once style and script are no
+  // longer injected inline by `pdf::PluginResponseWriter`. That class may be a
+  // better place to define such CSP, or we may continue doing so here.
+  if (pdf::IsPdfRenderer())
+    return;
+
+  DCHECK(csp);
+  GURL gurl(url);
+  const extensions::Extension* extension =
+      extensions::RendererExtensionRegistry::Get()->GetExtensionOrAppByURL(
+          gurl);
+  if (!extension)
+    return;
+
+  // Append a default CSP to ensure the extension can't relax the default
+  // applied CSP through means like Service Worker.
+  const std::string* default_csp =
+      extensions::CSPInfo::GetDefaultCSPToAppend(*extension, gurl.path());
+  if (!default_csp)
+    return;
+
+  csp->push_back({blink::WebString::FromUTF8(*default_csp),
+                  network::mojom::ContentSecurityPolicyType::kEnforce,
+                  network::mojom::ContentSecurityPolicySource::kHTTP});
+}
+
 void AlloyContentRendererClient::GetInterface(
    const std::string& interface_name,
    mojo::ScopedMessagePipeHandle interface_pipe) {
--- a/libcef/renderer/alloy/alloy_content_renderer_client.h
+++ b/libcef/renderer/alloy/alloy_content_renderer_client.h
@@ -15,7 +15,6 @@

 #include "libcef/renderer/browser_impl.h"

-#include "base/compiler_specific.h"
 #include "base/task/current_thread.h"
 #include "base/task/single_thread_task_runner.h"
 #include "chrome/common/plugin.mojom.h"
@@ -101,9 +100,7 @@ class AlloyContentRendererClient
  uint64_t VisitedLinkHash(const char* canonical_url, size_t length) override;
  bool IsLinkVisited(uint64_t link_hash) override;
  bool IsOriginIsolatedPepperPlugin(const base::FilePath& plugin_path) override;
-  void AddSupportedKeySystems(
-      std::vector<std::unique_ptr<::media::KeySystemProperties>>* key_systems)
-      override;
+  void GetSupportedKeySystems(media::GetSupportedKeySystemsCB cb) override;
  bool IsKeySystemsUpdateNeeded() override;
  void RunScriptsAtDocumentStart(content::RenderFrame* render_frame) override;
  void RunScriptsAtDocumentEnd(content::RenderFrame* render_frame) override;
@@ -113,6 +110,9 @@ class AlloyContentRendererClient
  std::unique_ptr<blink::URLLoaderThrottleProvider>
  CreateURLLoaderThrottleProvider(
      blink::URLLoaderThrottleProviderType provider_type) override;
+  void AppendContentSecurityPolicy(
+      const blink::WebURL& url,
+      blink::WebVector<blink::WebContentSecurityPolicyHeader>* csp) override;

  // service_manager::LocalInterfaceProvider implementation.
  void GetInterface(const std::string& name,
--- a/libcef/renderer/alloy/alloy_render_thread_observer.h
+++ b/libcef/renderer/alloy/alloy_render_thread_observer.h
@@ -8,7 +8,6 @@

 #include <memory>

-#include "base/compiler_specific.h"
 #include "chrome/common/renderer_configuration.mojom.h"
 #include "components/content_settings/core/common/content_settings.h"
 #include "content/public/renderer/render_thread_observer.h"