Commit Graph

100 Commits

Author SHA1 Message Date
Dmitry Azaraev
be6af15754 Add SameSite (same_site) and Priority attributes to CefCookie (fixes issue #2524)
This change also restores the Chromium default values for the
SameSiteByDefaultCookies and CookiesWithoutSameSiteMustBeSecure features. See
https://www.chromium.org/updates/same-site for feature details and rollout
timeline.
2020-04-24 17:48:26 -04:00
Jengerer
87a7c4f94b Fix handling of partial range request (fixes issue #2873) 2020-04-20 13:19:42 -04:00
Marshall Greenblatt
27257d0288 Remove DCHECK in InterceptedRequest::OnReceiveRedirect (fixes issue #2917) 2020-04-20 12:38:31 -04:00
Cristian Amarie
1c14900093 Remove unexpected content headers when converting from POST to GET request on 302 redirect response (fixes issue #2883) 2020-04-02 21:05:07 +00:00
Marshall Greenblatt
047e8f9349 Update to Chromium version 82.0.4085.0 (#749737)
- Building on macOS now requires the 10.15 SDK. Xcode 11.3 is recommended as
  Xcode 11.4 is not currently supported (see https://crbug.com/1065146).
- Jumbo build configuration is no longer supported.

Chromium is skipping the M82 release and consequently no CEF 4085 branch will
be created. For details on the Chromium decision see
https://groups.google.com/a/chromium.org/d/msg/chromium-dev/Vn7uzglqLz0/JItlSrZxBAAJ
2020-04-02 13:20:25 -04:00
Marshall Greenblatt
869ae21c9f Convert CefCookieManagerImpl to use CefBrowserContext::Getter.
With this change CefCookieManagerImpl no longer keeps a reference to the
originating CefRequestContextImpl. This means that the CefRequestContextImpl
can be destroyed if all other references are released while the
CefCookieManagerImpl exists. If CefRequestContextImpl destruction results in
the underlying CefBrowserContext being destroyed then the CefCookieManagerImpl's
reference to that CefBrowserContext will be invalidated.

This is the same ownership model introduced with CefMediaRouterImpl in the
previous commit.
2020-03-27 16:22:34 -04:00
Marshall Greenblatt
9d9ee8b45f Update to Chromium version 81.0.4044.0 (#737173) 2020-03-04 19:31:54 -05:00
Alexander Guettler
71768ea6c3 Update to Chromium version 80.0.3987.0 (#722274) 2020-02-17 13:19:09 -05:00
Marshall Greenblatt
1da3f71357 Fix race between OpenInputStreamWrapper Open and Cancel (fixes issue #2843) 2020-01-29 17:14:29 -05:00
Marshall Greenblatt
c90b65a72c Fix potential crash in OpenInputStreamWrapper::Open (fixes issue #2808) 2020-01-15 16:46:18 +01:00
Marshall Greenblatt
ea63799c3e libcef: Convert NULL to nullptr (see issue #2861) 2020-01-15 14:49:22 +01:00
Yong Li
8d0ae1f894 Remove possibly incorrect CHECK in ProxyURLLoaderFactory::MaybeDestroySelf()
See also commit #81064faa.
2020-01-08 15:09:57 +00:00
Marshall Greenblatt
0d4879763a Fix crash when loading a file URL if using CefCookieAccessFilter (fixes issue #2818) 2020-01-06 14:47:18 +02:00
Daniel Nitsche
115f760821 Update to Chromium version 79.0.3945.1 (#706915) 2019-11-19 13:22:13 -05:00
Marshall Greenblatt
c8d0813669 Restore expected Accept-Language request header order (fixes issue #2796) 2019-11-05 15:29:32 -05:00
Marshall Greenblatt
01e75761d3 Remove incorrect DCHECK
There are valid cases where |frame_tree_node_id| may not match the node ID
reported by the selected RenderFrameHost.
2019-10-18 15:08:16 +02:00
Marshall Greenblatt
f8e0797773 Update to Chromium version 78.0.3904.0 (#693954) 2019-10-01 13:55:16 +00:00
Alexander Guettler
46d3a81ba0 Update to Chromium version 77.0.3865.0 (#681094)
- Windows: SDK version 10.0.18362.0 is now required.
2019-09-04 15:13:32 +00:00
Marshall Greenblatt
67b61c4af9 Remove the old network implementation (see issue #2622)
The `--disable-features=NetworkService` flag is no longer supported.
2019-07-29 17:41:45 -04:00
Marshall Greenblatt
2d8d064ce8 Fix missing cookie after redirect response with filter (fixes issue #2689, see issue #2622) 2019-07-25 16:50:30 -04:00
Marshall Greenblatt
e57acace0b Fix crash on shutdown with PDF viewer and multi-threaded message loop (fixes issue #2709, see issue #2622)
Requests from the PDF viewer are not associated with a CefBrowser. Consequently,
the InterceptedRequestHandler for those requests will register as an observer of
CefContext destruction. When the browser is closed the InterceptedRequestHandler
is destroyed and an async task is posted to remove/delete the observer on the UI
thread. If CefShutdown is then called the task may execute after shutdown has
started, in which case CONTEXT_STATE_VALID() will return false. We still need to
remove the observer in this case to avoid a use-after-free in
FinishShutdownOnUIThread.
2019-07-23 15:27:38 -04:00
Masako Toda
99c27f57b1 Fix redirect of requests with credentials mode 'include' (fixes issue #2699, see issue #2622).
Modifying the URL in OnBeforeResourceLoad causes an internal redirect response.
In cases where the request is cross-origin and credentials mode is 'include'
the redirect response must include the "Access-Control-Allow-Credentials"
header, otherwise the request will be blocked.
2019-07-16 17:43:44 -04:00
Marshall Greenblatt
3f1ebebde5 Add support for GetAuthCredentials (fixes issue #2718, see issue #2622).
When NetworkService is enabled requests created using CefFrame::CreateURLRequest
will call CefRequestHandler::GetAuthCredentials for the associated browser after
calling CefURLRequestClient::GetAuthCredentials if that call returns false.
2019-07-16 16:33:08 -04:00
Petra Öhlin
cc0db5f166 Update to Chromium version 76.0.3809.0 (#665002)
OSR tests will be fixed by a follow-up merge of Viz support (see issue #2575).
2019-07-16 15:34:16 -04:00
Marshall Greenblatt
5892ffc382 Remove POST data after redirect to GET (see issue #2707, see issue #2622).
For 303 redirects all request methods except HEAD are converted to GET as per
the latest http draft. For historical reasons the draft also allows POST
requests to be converted to GETs when following 301/302 redirects. Most major
browsers do this and so shall we. When a request is converted to GET any POST
data should also be removed.

Use 307 redirects instead if you want the request to be repeated using the same
method and POST data.
2019-07-11 16:56:51 -04:00
Marshall Greenblatt
45329d05a5 Fix cross-origin redirect from OnBeforeResourceLoad (fixes issue #2695, see issue #2622).
Modifying the URL in OnBeforeResourceLoad causes an internal redirect response.
In cases where the request is cross-origin (containing a non-null "Origin"
header) the redirect response must include the "Access-Control-Allow-Origin"
header, otherwise the request will be blocked.

This change also fixes a problem where existing request headers would be
discarded if the request was modified in OnBeforeResourceLoad.
2019-06-25 16:54:42 -04:00
Marshall Greenblatt
02a6b3bb38 Fix loading of http(s) sub-resources from custom scheme initiator (fixes issue #2685, see issue #2622).
Determine external request status based on the current URL instead of the
request initiator.
2019-06-25 10:50:33 -04:00
Marshall Greenblatt
b03a419c6b Fix crash if a pending request is continued after deletion (see issue #2622).
This is a speculative fix for a crash where the pending ResourceRequest appears
to be invalid after the request is continued from SetInitialized.
2019-06-19 15:49:08 +02:00
Marshall Greenblatt
ba08c21517 Fix crashes when a request is aborted during initialization (see issue #2622).
Initialization of request objects requires asynchronous hops between the UI and
IO threads. In some cases the browser may be destroyed, the mojo connection may
be aborted, or the ProxyURLLoaderFactory object may be deleted while
initialization is still in progress. This change fixes crashes and adds unit
tests that try to reproduce these conditions.

To test: Run `ceftests --gtest_repeat=50
              --gtest_filter=ResourceRequestHandlerTest.Basic*Abort*`
2019-06-18 16:21:04 +02:00
Marshall Greenblatt
81064faac3 Fix crash in ProxyURLLoaderFactory::MaybeDestroySelf (see issue #2622).
This is a speculative fix for a crash where |on_disconnect_| appears to be null
in ProxyURLLoaderFactory::MaybeDestroySelf. The hypothesis here is that
OnURLLoaderClientError is being called while the proxy object is still in-flight
to ResourceContextData::AddProxy (e.g. before SetDisconnectCallback has been
called for the proxy object). Additonally, this change protects against
MaybeDestroySelf attempting to execute |on_disconnect_| multiple times.
2019-06-14 18:52:31 +02:00
Marshall Greenblatt
c3c3af34fd Fix inclusion of cookies with restarted requests (fixes issue #2672, see issue #2622) 2019-06-12 17:19:09 +02:00
Marshall Greenblatt
6193d8c554 Update to Chromium version 75.0.3770.0 (#652427) 2019-06-06 18:37:45 +02:00
Marshall Greenblatt
ab6fd322d1 Fix crash when loading a file:// URL (fixes issue #2670) 2019-06-05 16:32:24 +02:00
Marshall Greenblatt
fa5268fa2d Fix issues with request callbacks during browser shutdown (see issue #2622).
The behavior has changed as follows with NetworkService enabled:
- All pending and in-progress requests will now be aborted when the CEF context
  or associated browser is destroyed. The OnResourceLoadComplete callback will
  now also be called in this case for in-progress requests that have a handler.
- The CefResourceHandler::Cancel method will now always be called when resource
  handling is complete, irrespective of whether handling completed successfully.
- Request callbacks that arrive after the OnBeforeClose callback for the
  associated browser (which may happen for in-progress requests that are aborted
  on browser destruction) will now always have a non-nullptr CefBrowser
  parameter.
- Allow empty parameters to CefRequest and CefResponse methods where it makes
  sense (e.g. resetting default response state, or clearing a referrer value).
- Fixed a reference loop that was keeping CefResourceHandler objects from being
  destroyed if they were holding a callback reference (from ProcessRequest,
  ReadResponse, etc.) during CEF context or associated browser destruction.
- Fixed an issue where the main frame was not detached on browser destruction
  which could cause a crash due to RFH use-after-free (see issue #2498).

To test: All unit tests pass as expected.
2019-06-01 15:51:33 +03:00
Marshall Greenblatt
fd80e5c653 Fix assertions when shutting down with pending requests (see issue #2622).
This change avoids the starting of new requests during shutdown.
2019-05-29 20:01:12 +03:00
Marshall Greenblatt
2814054863 Linux: Fix crash when closing a browser with pending requests (see issue #2622).
This change fixes an issue where the cancel_callback for a pending request
might already have been executed when the OnBrowserDestroyed notification is
received.
2019-05-29 09:43:29 -07:00
Marshall Greenblatt
241941a44a Move message routing from CefBrowser to CefFrame (see issue #2498).
This change moves the SendProcessMessage method from CefBrowser to CefFrame and
adds CefBrowser parameters to OnProcessMessageReceived and
OnDraggableRegionsChanged.

The internal implementation has changed as follows:
- Frame IDs are now a 64-bit combination of the 32-bit render_process_id and
  render_routing_id values that uniquely identify a RenderFrameHost (RFH).
- CefFrameHostImpl objects are now managed by CefBrowserInfo with life span tied
  to RFH expectations. Specifically, a CefFrameHostImpl object representing a
  sub-frame will be created when a RenderFrame is created in the renderer
  process and detached when the associated RenderFrame is deleted or the
  renderer process in which it runs has died.
- The CefFrameHostImpl object representing the main frame will always be valid
  but the underlying RFH (and associated frame ID) may change over time as a
  result of cross-origin navigations. Despite these changes calling LoadURL on
  the main frame object in the browser process will always navigate as expected.
- Speculative RFHs, which may be created as a result of a cross-origin
  navigation and discarded if that navigation is not committed, are now handled
  correctly (e.g. ignored in most cases until they're committed).
- It is less likely, but still possible, to receive a CefFrame object with an
  invalid frame ID (ID < 0). This can happen in cases where a RFH has not yet
  been created for a sub-frame. For example, when OnBeforeBrowse is called
  before initiating navigation in a previously nonexisting sub-frame.

To test: All tests pass with NetworkService enabled and disabled.
2019-05-29 17:44:56 +03:00
Marshall Greenblatt
9ddb013875 Add NetworkService support for response filtering (see issue #2622).
To test: ResourceRequestHandlerTest.Filter* tests pass with NetworkService
enabled.
2019-05-20 14:39:37 +03:00
Marshall Greenblatt
bddf2a311b Fix NetworkService ServerTest.* failures and test name typo (see issue #2622).
Always return ERR_NONE and the response body if a CefURLRequest completes
successfully, including for non-2xx status codes. This matches the behavior of
the old network stack.

To test: ServerTest.* tests pass with NetworkService enabled.
2019-05-18 17:54:02 +03:00
Marshall Greenblatt
2ea173a254 Cancel NetworkService requests when the browser is destroyed (see issue #2622).
Pending requests that are associated with a browser will be canceled when that
browser is destroyed. Pending requests that are not associated with a browser
(e.g. created using CefURLRequest::Create), and that use the global context, may
still be pending when CefShutdown is called. For this reason the
no_debugct_check attribute has been added for CefResourceRequestHandler and
CefCookieAccessFilter interfaces.

To test: Load a YouTube video or other long-loading content in cefclient and
close the application. No assertions trigger for leaked CefFrame objects.
2019-05-18 12:40:45 +03:00
Marshall Greenblatt
ba0e1b5719 Add NetworkService support for CefURLRequest (see issue #2622).
Requests created using CefURLRequest::Create are not associated with a
browser/frame. When originating from the render process these requests cannot be
intercepted and consequently only http(s) and blob requests are supported. To
work around this limitation a new CefFrame::CreateURLRequest method has been
added that allows the request to be associated with that browser/frame for
interception purposes.

This change also fixes an issue with the NetworkService implementation where
redirected requests could result in two parallel requests being sent to the
target server.

To test: URLRequestTest.* tests pass with NetworkService enabled.
2019-05-17 21:42:25 +03:00
Andrei Kurushin
03c1c21fd3 Fix crash when setting an invalid cookie (fixes issue #2657) 2019-05-08 18:12:21 +00:00
Marshall Greenblatt
8b400331c7 Support disabling of cookie load/save via SetSupportedSchemes (see issue #2622).
With this change the CefCookieManager::SetSupportedSchemes method can be used
to disable all loading and saving of cookies for the associated request context.
This matches functionality that was previously available via GetBlockingManager.

This change also fixes a bug where Set-Cookie headers returned for a request
handled via CefSchemeHandlerFactory would be ignored if there was not also a
CefResourceRequestHandler returned for the request.

To test: All CookieTest.* tests pass.
2019-05-02 18:33:10 -04:00
Marshall Greenblatt
5ce52bd775 Add NetworkService support for extensions and downloads (see issue #2622).
To test:
- All tests pass with NetworkService disabled. DownloadTest.*, ExtensionTest.*
  and PluginTest.* tests pass with NetworkService enabled.
- The PDF extension displays a file, and the download and print buttons work.
2019-05-01 17:10:52 -04:00
Marshall Greenblatt
8a4f4bff9b Fix NetworkService load hang with default request handling (see issue #2622).
This change fixes a load hang when no custom handlers (CefResourceRequestHandler
or registered scheme handler) are found for a request.

To test: Run `cefsimple --enable-network-service` and all requests load. Test
expectations are unchanged.
2019-04-26 14:22:44 -04:00
Marshall Greenblatt
2ace33f8b7 Move cookie load/save callbacks to CefCookieAccessFilter (see issue #2622).
This change allows the NetworkService to handle cookie load/save in cases where
cookies will not be filtered (CefResourceRequestHandler::GetCookieAccessFilter
returns null) and the request will be handled by the default network loader.
This represents a minor performance improvement by reducing the volume of cross-
process messaging in the default (no filtering or custom handing) case. Cookie
load/save still needs to be routed through the browser process if a filter is
returned, or if a CefResourceHandler is used for the request.

To test: Test expectations are unchanged.
2019-04-26 13:02:58 -04:00
Marshall Greenblatt
8f240861e3 Implement NetworkService request interception/handling (see issue #2622).
Implementation notes:
- Chromium change: CookieMonster::SetCookieableSchemes needs to be called
  immediately after the CookieMonster is created in NetworkContext::
  ApplyContextParamsToBuilder. Add a Profile::GetCookieableSchemes method and
  NetworkContextParams.cookieable_schemes member (set from
  ProfileNetworkContextService::CreateNetworkContextParams) to support that.
- Chromium change: Add a ContentBrowserClient::HandleExternalProtocol variant
  that exposes additional NetworkService request information.
- GetResourceResponseFilter is not yet implemented.

API changes:
- Resource-related callbacks have been moved from CefRequestHandler to a new
  CefResourceRequestHandler interface which is returned via the
  GetResourceRequestHandler method. If the CefRequestHandler declines to handle
  a resource it can optionally be handled by the CefRequestContextHandler, if
  any, associated with the loading context.
- The OnProtocolExecution callback has been moved from CefRequestHandler to
  CefResourceRequestHandler and will be called if a custom scheme request is
  unhandled.
- Cookie send/save permission callbacks have been moved from CefRequestHandler
  and CefResourceHandler to CefResourceRequestHandler.
- New methods added to CefResourceHandler that better match NetworkService
  execution sequence expectations. The old methods are now deprecated.
- New methods added to CefRequest and CefResponse.

Known behavior changes with the NetworkService implementation:
- Modifying the |new_url| parameter in OnResourceRedirect will no longer result
  in the method being called an additional time (likely a bug in the old
  implementation).
- Modifying the request URL in OnResourceResponse would previously cause a
  redirect. This behavior is now deprecated because the NetworkService does not
  support this functionality when using default network loaders. Temporary
  support has been added in combination with CefResourceHandler usage only.
- Other changes to the request object in OnResourceResponse will now cause the
  request to be restarted. This means that OnBeforeResourceLoad, etc, will be
  called an additional time with the new request information.
- CefResponse::GetMimeType will now be empty for non-200 responses.
- Requests using custom schemes can now be handled via CefResourceRequestHandler
  with the same callback behavior as builtin schemes.
- Redirects of custom scheme requests will now be followed as expected.
- Default handling of builtin schemes can now be disabled by setting
  |disable_default_handling| to true in GetResourceRequestHandler.
- Unhandled requests (custom scheme or builtin scheme with default handling
  disabled) will fail with an CefResponse::GetError value of
  ERR_UNKNOWN_URL_SCHEME.
- The CefSchemeHandlerFactory::Create callback will now include cookie headers.

To test:
- Run `cefclient --enable-network-service`. All resources should load
  successfully (this tests the transparent proxy capability).
- All tests pass with NetworkService disabled.
- The following tests pass with NetworkService enabled:
  - CookieTest.*
  - FrameTest.* (excluding .*Nav)
  - NavigationTest.* (excluding .Redirect*)
  - RequestHandlerTest.*
  - RequestContextTest.Basic*
  - RequestContextTest.Popup*
  - RequestTest.*
  - ResourceManagerTest.*
  - ResourceRequestHandlerTest.* (excluding .Filter*)
  - SchemeHandlerTest.*
  - StreamResourceHandlerTest.*
2019-04-23 22:53:28 -04:00
Daniel Nitsche
879911b721 Update to Chromium version 75.0.3749.0 (#645082) 2019-04-16 14:38:48 +00:00
Marshall Greenblatt
b949d86c40 Move CookieManager callbacks to the UI thread (see issue #2622).
The Chromium content layer (which also exposes the NetworkService interface)
generally runs on the UI thread. Previous use of the IO thread for CookieManager
callbacks is an implementation detail of the old network stack that shouldn't be
exposed to clients.

To test: Run ceftests. They should pass as expected.
2019-03-25 15:36:08 -04:00
Marshall Greenblatt
85c34c4dcf Add CookieManagerImpl for NetworkService (see issue #2622).
To test: Run `ceftests --gtest_filter=CookieTest.*:-CookieTest.GetCookieManager*
                       --enable-network-service`

There should be no functional change when running without the NetworkService
enabled.

Known issues:
- CefCookieManager::SetSupportedSchemes is not yet implemented.
2019-03-25 15:35:59 -04:00