Commit Graph

72 Commits

Author SHA1 Message Date
Marshall Greenblatt
c04a578821 Avoid potential use-after-free of CefIOThreadState (see issue #2969)
The problem occured while executing multiple URLRequestTest with the Chrome
runtime.
2021-04-07 19:23:41 -04:00
Marshall Greenblatt
44829818b0 chrome: Support client-created request contexts (see issue #2969)
RequestContextTest and URLRequestTest suites now pass with the Chrome runtime
enabled.
2021-04-07 19:22:55 -04:00
Marshall Greenblatt
74db00fc89 Update to Chromium version 90.0.4430.0 (#857950)
- Linux ARM builds require use_vaapi=false (see https://crbug.com/1185348)
- Windows official builds require use_thin_lto=false (see https://crbug.com/1177001)
2021-03-18 11:23:00 -04:00
Marshall Greenblatt
ec7067c55e chrome: Fix callbacks for different Profile types (see issue #2969)
- Only install network intercepts for Profiles that have an associated
  CefBrowserContext. For incognito windows the CefBrowserContext is
  associated with the OffTheRecordProfileImpl's original Profile.
- cefsimple: Return the default CefClient instance for browser windows
  created via the Chrome UI, and allow Chrome to show error pages.
2021-02-15 16:50:04 -05:00
Marshall Greenblatt
5ef0fb8ac8 Update to Chromium version 89.0.4389.0 (#843830)
- SSE3 is now required on x86 processors (see https://crbug.com/1123353).
2021-02-08 14:15:38 -05:00
Marshall Greenblatt
a584bd187b Update to Chromium version 88.0.4324.0 (#827102)
- Mac: Xcode 12.2 and the MacOS 11.0 SDK are now required for building.
- MacOS 10.10 (Yosemite) is no longer supported (see https://crbug.com/1126056).
- Flash is no longer supported (see https://www.chromium.org/flash-roadmap).
2020-12-04 15:43:33 -05:00
Marshall Greenblatt
015e3621a3 Update to Chromium version 87.0.4280.0 (#812852)
- Windows: VS2015 Update 2 is now the minimum version requirement for linking
  cef_sandbox from official build binary distributions.
2020-10-15 14:21:06 -04:00
Marshall Greenblatt
4fbd247231 Add chrome runtime support for more callbacks and ceftests (see issue #2969)
This change adds support for:
- Protocol and request handling.
- Loading and navigation events.
- Display and focus events.
- Mouse/keyboard events.
- Popup browsers.
- Callbacks in the renderer process.
- Misc. functionality required for ceftests.

This change also adds a new CefBrowserProcessHandler::GetCookieableSchemes
callback for configuring global state that will be applied to all
CefCookieManagers by default. This global callback is currently required by the
chrome runtime because the primary ProfileImpl is created via
ChromeBrowserMainParts::PreMainMessageLoopRun (CreatePrimaryProfile) before
OnContextCreated can be called.

ProfileImpl will use the "C:\Users\[user]\AppData\Local\CEF\User Data\Default"
directory by default (on Windows). Cookies may persist in this directory when
running ceftests and may need to be manually deleted if those tests fail.

Remaining work includes:
- Support for client-created request contexts.
- Embedding the browser in a Views hierarchy (cefclient support).
- TryCloseBrowser and DoClose support.
- Most of the CefSettings configuration.
- DevTools protocol and window control (ShowDevTools, ExecuteDevToolsMethod).
- CEF-specific WebUI pages (about, license, webui-hosts).
- Context menu customization (CefContextMenuHandler).
- Auto resize (SetAutoResizeEnabled).
- Zoom settings (SetZoomLevel).
- File dialog runner (RunFileDialog).
- File and JS dialog handlers (CefDialogHandler, CefJSDialogHandler).
- Extension loading (LoadExtension, etc).
- Plugin loading (OnBeforePluginLoad).
- Widevine loading (CefRegisterWidevineCdm).
- PDF and print preview does not display.
- Crash reporting is untested.
- Mac: Web content loads but does not display.

The following ceftests are now passing when run with the
"--enable-chrome-runtime" command-line flag:

CorsTest.*
DisplayTest.*:-DisplayTest.AutoResize
DOMTest.*
DraggableRegionsTest.*
ImageTest.*
MessageRouterTest.*
NavigationTest.*
ParserTest.*
RequestContextTest.*Global*
RequestTest.*
ResourceManagerTest.*
ResourceRequestHandlerTest.*
ResponseTest.*
SchemeHandlerTest.*
ServerTest.*
StreamResourceHandlerTest.*
StreamTest.*
StringTest.*
TaskTest.*
TestServerTest.*
ThreadTest.*
URLRequestTest.*Global*
V8Test.*:-V8Test.OnUncaughtExceptionDevTools
ValuesTest.*
WaitableEventTest.*
XmlReaderTest.*
ZipReaderTest.*
2020-09-29 18:31:43 -04:00
Marshall Greenblatt
e94a261bf5 Rename CefBrowserHostImpl to AlloyBrowserHostImpl (see issue #2969)
After commit 38d8acfa18 this object is only used with the alloy runtime.
2020-09-22 17:36:06 -04:00
Marshall Greenblatt
38d8acfa18 Create a ChromeBrowserHostImpl for every Chrome tab (see issue #2969)
The Browser object represents the top-level Chrome browser window. One or more
tabs (WebContents) are then owned by the Browser object via TabStripModel. A
new Browser object can be created programmatically using "new Browser" or
Browser::Create, or as a result of user action such as dragging a tab out of an
existing window. New or existing tabs can also be added to an already existing
Browser object.

The Browser object acts as the WebContentsDelegate for all attached tabs. CEF
integration requires WebContentsDelegate callbacks and notification of tab
attach/detach. To support this integration we add a cef::BrowserDelegate
(ChromeBrowserDelegate) member that is created in the Browser constructor and
receives delegation for the Browser callbacks. ChromeBrowserDelegate creates a
new ChromeBrowserHostImpl when a tab is added to a Browser for the first time,
and that ChromeBrowserHostImpl continues to exist until the tab's WebContents
is destroyed. The associated WebContents object does not change, but the
Browser object will change when the tab is dragged between windows.

CEF callback logic is shared between the chrome and alloy runtimes where
possible. This shared logic has been extracted from CefBrowserHostImpl to
create new CefBrowserHostBase and CefBrowserContentsDelegate classes. The
CefBrowserHostImpl class is now only used with the alloy runtime and will be
renamed to AlloyBrowserHostImpl in a future commit.
2020-09-21 17:06:56 -04:00
Marshall Greenblatt
cc56720bd2 Support CORS preflight requests with OutOfBlinkCors (fixes issue #3006)
A CORS preflight request is an "OPTIONS" request sent to a server prior to a
cross-origin XMLHttpRequest or Fetch request. The server's response determines
which HTTP request methods are allowed and supported, and whether credentials
such as Cookies and HTTP Authentication should be sent with requests.

A CORS preflight request will only be sent if certain conditions are met. For
example, it will be sent for requests that have potentially unsafe HTTP
methods [1] or request headers [2]. See the NeedsPreflight function in
services/network/cors/cors_url_loader.cc for full details.

CORS preflight functionality is implemented in the network service and will not
be triggered if the client handles the request instead of allowing it to proceed
over the network. Since the preflight request itself also runs in the network
service it cannot be intercepted by the client.

[1] https://fetch.spec.whatwg.org/#cors-safelisted-method
[2] https://fetch.spec.whatwg.org/#cors-safelisted-request-header
2020-09-11 19:21:53 -04:00
Marshall Greenblatt
88faf1023a Fix incorrect Origin and Cookie headers for POST redirects (fixes issue #2806)
This change also adds unit test coverage for cross-origin POST redirects.
2020-09-09 18:30:12 -04:00
Marshall Greenblatt
42f517ec69 Fix DCHECK failure in the URLLoader constructor.
The request.trusted_params.isolation_info.site_for_cookies value must
match request.site_for_cookies.

This change also adds unit test coverage for cross-origin GET redirects.
2020-09-09 18:29:21 -04:00
Marshall Greenblatt
4791109a28 Don't save or load cookies for non-cookieable scheme requests.
This fixes an IsCanonical() DCHECK failure triggered by calling
CanonicalCookie::Create for a non-cookieable URL.

This change also adds unit test coverage for cross-origin cookie
behavior with sub-resource requests (iframe, XHR, Fetch).
2020-09-09 18:29:15 -04:00
Marshall Greenblatt
24c2f2fa38 Update to Chromium version 86.0.4240.0 (#800218)
- CefURLRequest::Create is no longer supported in the renderer process
  (see https://crbug.com/891872). Use CefFrame::CreateURLRequest instead.
- Mac platform definitions have been changed from `MACOSX` to `MAC`
  (see https://crbug.com/1105907) and related CMake macro names have
  been updated. The old `OS_MACOSX` define is still set in code and CMake
  for backwards compatibility.
- Linux ARM build is currently broken (see https://crbug.com/1123214).
2020-09-03 17:44:25 -04:00
Marshall Greenblatt
6b1e5335bc Add support and enable out-of-Blink CORS (fixes issue #2716)
It can still be disabled for a short time by passing
`--disable-features=OutOfBlinkCors` on the command-line.
2020-08-26 16:25:25 -04:00
Cristian Amarie
11f37bc6eb Add limit on request redirects (fixes issue #3001) 2020-08-13 18:45:26 +00:00
Marshall Greenblatt
6573df6cc3 Update to Chromium version 85.0.4183.0 (#782793)
- Windows: 10.0.19041 SDK is now required.
- macOS: 10.15.1 SDK (at least Xcode 11.2) is now required.
- Remove CefMediaSource::IsValid and CefMediaSink::IsValid which would
  always return true.
2020-07-16 19:11:12 -04:00
Marshall Greenblatt
48fc0bd220 Make CefBrowserContext an abstract base class (see issue #2969)
Existing CefBrowserContext functionality is now split between
CefBrowserContext and AlloyBrowserContext. Runtime implementations of
CefBrowserContext will provide access to the content::BrowserContext and
Profile types via different inheritance paths. For example, the Alloy
runtime uses ChromeProfileAlloy and the Chrome runtime uses ProfileImpl.

This change also renames CefResourceContext to CefIOThreadState to more
accurately represent its purpose as it no longer needs to extend
content::ResourceContext.
2020-07-01 15:35:07 -04:00
Marshall Greenblatt
b3a8da9b25 Add CefAppManager and remove global ContentClient accessors (see issue #2969)
This is the first pass in removing direct dependencies on the Alloy
runtime from code that can potentially be shared between runtimes.

CefBrowserHost and CefRequestContext APIs (including CefCookieManager,
CefURLRequest, etc.) are not yet implemented for the Chrome runtime.
Assert early if these API methods are called while the Chrome runtime
is enabled.
2020-06-29 16:17:58 -04:00
Marshall Greenblatt
84f3ff2afd Rename the current CEF runtime to Alloy (see issue #2969)
As part of introducing the Chrome runtime we now need to distinguish
between the classes that implement the current CEF runtime and the
classes the implement the shared CEF library/runtime structure and
public API. We choose the name Alloy for the current CEF runtime
because it describes a combination of Chrome and other elements.

Shared CEF library/runtime classes will continue to use the Cef
prefix. Classes that implement the Alloy or Chrome runtime will use
the Alloy or Chrome prefixes respectively. Classes that extend an
existing Chrome-prefixed class will add the Cef or Alloy suffix,
thereby following the existing naming pattern of Chrome-derived
classes.

This change applies the new naming pattern to an initial set of
runtime-related classes. Additional classes/files will be renamed
and moved as the Chrome runtime implementation progresses.
2020-06-29 16:17:41 -04:00
Alexander Guettler
790d248111 Update to Chromium version 84.0.4147.0 (#768962) 2020-06-10 15:26:29 -04:00
Dmitry Azaraev
be6af15754 Add SameSite (same_site) and Priority attributes to CefCookie (fixes issue #2524)
This change also restores the Chromium default values for the
SameSiteByDefaultCookies and CookiesWithoutSameSiteMustBeSecure features. See
https://www.chromium.org/updates/same-site for feature details and rollout
timeline.
2020-04-24 17:48:26 -04:00
Jengerer
87a7c4f94b Fix handling of partial range request (fixes issue #2873) 2020-04-20 13:19:42 -04:00
Marshall Greenblatt
27257d0288 Remove DCHECK in InterceptedRequest::OnReceiveRedirect (fixes issue #2917) 2020-04-20 12:38:31 -04:00
Cristian Amarie
1c14900093 Remove unexpected content headers when converting from POST to GET request on 302 redirect response (fixes issue #2883) 2020-04-02 21:05:07 +00:00
Marshall Greenblatt
047e8f9349 Update to Chromium version 82.0.4085.0 (#749737)
- Building on macOS now requires the 10.15 SDK. Xcode 11.3 is recommended as
  Xcode 11.4 is not currently supported (see https://crbug.com/1065146).
- Jumbo build configuration is no longer supported.

Chromium is skipping the M82 release and consequently no CEF 4085 branch will
be created. For details on the Chromium decision see
https://groups.google.com/a/chromium.org/d/msg/chromium-dev/Vn7uzglqLz0/JItlSrZxBAAJ
2020-04-02 13:20:25 -04:00
Marshall Greenblatt
869ae21c9f Convert CefCookieManagerImpl to use CefBrowserContext::Getter.
With this change CefCookieManagerImpl no longer keeps a reference to the
originating CefRequestContextImpl. This means that the CefRequestContextImpl
can be destroyed if all other references are released while the
CefCookieManagerImpl exists. If CefRequestContextImpl destruction results in
the underlying CefBrowserContext being destroyed then the CefCookieManagerImpl's
reference to that CefBrowserContext will be invalidated.

This is the same ownership model introduced with CefMediaRouterImpl in the
previous commit.
2020-03-27 16:22:34 -04:00
Marshall Greenblatt
9d9ee8b45f Update to Chromium version 81.0.4044.0 (#737173) 2020-03-04 19:31:54 -05:00
Alexander Guettler
71768ea6c3 Update to Chromium version 80.0.3987.0 (#722274) 2020-02-17 13:19:09 -05:00
Marshall Greenblatt
1da3f71357 Fix race between OpenInputStreamWrapper Open and Cancel (fixes issue #2843) 2020-01-29 17:14:29 -05:00
Marshall Greenblatt
c90b65a72c Fix potential crash in OpenInputStreamWrapper::Open (fixes issue #2808) 2020-01-15 16:46:18 +01:00
Marshall Greenblatt
ea63799c3e libcef: Convert NULL to nullptr (see issue #2861) 2020-01-15 14:49:22 +01:00
Yong Li
8d0ae1f894 Remove possibly incorrect CHECK in ProxyURLLoaderFactory::MaybeDestroySelf()
See also commit #81064faa.
2020-01-08 15:09:57 +00:00
Marshall Greenblatt
0d4879763a Fix crash when loading a file URL if using CefCookieAccessFilter (fixes issue #2818) 2020-01-06 14:47:18 +02:00
Daniel Nitsche
115f760821 Update to Chromium version 79.0.3945.1 (#706915) 2019-11-19 13:22:13 -05:00
Marshall Greenblatt
c8d0813669 Restore expected Accept-Language request header order (fixes issue #2796) 2019-11-05 15:29:32 -05:00
Marshall Greenblatt
01e75761d3 Remove incorrect DCHECK
There are valid cases where |frame_tree_node_id| may not match the node ID
reported by the selected RenderFrameHost.
2019-10-18 15:08:16 +02:00
Marshall Greenblatt
f8e0797773 Update to Chromium version 78.0.3904.0 (#693954) 2019-10-01 13:55:16 +00:00
Alexander Guettler
46d3a81ba0 Update to Chromium version 77.0.3865.0 (#681094)
- Windows: SDK version 10.0.18362.0 is now required.
2019-09-04 15:13:32 +00:00
Marshall Greenblatt
67b61c4af9 Remove the old network implementation (see issue #2622)
The `--disable-features=NetworkService` flag is no longer supported.
2019-07-29 17:41:45 -04:00
Marshall Greenblatt
2d8d064ce8 Fix missing cookie after redirect response with filter (fixes issue #2689, see issue #2622) 2019-07-25 16:50:30 -04:00
Marshall Greenblatt
e57acace0b Fix crash on shutdown with PDF viewer and multi-threaded message loop (fixes issue #2709, see issue #2622)
Requests from the PDF viewer are not associated with a CefBrowser. Consequently,
the InterceptedRequestHandler for those requests will register as an observer of
CefContext destruction. When the browser is closed the InterceptedRequestHandler
is destroyed and an async task is posted to remove/delete the observer on the UI
thread. If CefShutdown is then called the task may execute after shutdown has
started, in which case CONTEXT_STATE_VALID() will return false. We still need to
remove the observer in this case to avoid a use-after-free in
FinishShutdownOnUIThread.
2019-07-23 15:27:38 -04:00
Masako Toda
99c27f57b1 Fix redirect of requests with credentials mode 'include' (fixes issue #2699, see issue #2622).
Modifying the URL in OnBeforeResourceLoad causes an internal redirect response.
In cases where the request is cross-origin and credentials mode is 'include'
the redirect response must include the "Access-Control-Allow-Credentials"
header, otherwise the request will be blocked.
2019-07-16 17:43:44 -04:00
Marshall Greenblatt
3f1ebebde5 Add support for GetAuthCredentials (fixes issue #2718, see issue #2622).
When NetworkService is enabled requests created using CefFrame::CreateURLRequest
will call CefRequestHandler::GetAuthCredentials for the associated browser after
calling CefURLRequestClient::GetAuthCredentials if that call returns false.
2019-07-16 16:33:08 -04:00
Petra Öhlin
cc0db5f166 Update to Chromium version 76.0.3809.0 (#665002)
OSR tests will be fixed by a follow-up merge of Viz support (see issue #2575).
2019-07-16 15:34:16 -04:00
Marshall Greenblatt
5892ffc382 Remove POST data after redirect to GET (see issue #2707, see issue #2622).
For 303 redirects all request methods except HEAD are converted to GET as per
the latest http draft. For historical reasons the draft also allows POST
requests to be converted to GETs when following 301/302 redirects. Most major
browsers do this and so shall we. When a request is converted to GET any POST
data should also be removed.

Use 307 redirects instead if you want the request to be repeated using the same
method and POST data.
2019-07-11 16:56:51 -04:00
Marshall Greenblatt
45329d05a5 Fix cross-origin redirect from OnBeforeResourceLoad (fixes issue #2695, see issue #2622).
Modifying the URL in OnBeforeResourceLoad causes an internal redirect response.
In cases where the request is cross-origin (containing a non-null "Origin"
header) the redirect response must include the "Access-Control-Allow-Origin"
header, otherwise the request will be blocked.

This change also fixes a problem where existing request headers would be
discarded if the request was modified in OnBeforeResourceLoad.
2019-06-25 16:54:42 -04:00
Marshall Greenblatt
02a6b3bb38 Fix loading of http(s) sub-resources from custom scheme initiator (fixes issue #2685, see issue #2622).
Determine external request status based on the current URL instead of the
request initiator.
2019-06-25 10:50:33 -04:00
Marshall Greenblatt
b03a419c6b Fix crash if a pending request is continued after deletion (see issue #2622).
This is a speculative fix for a crash where the pending ResourceRequest appears
to be invalid after the request is continued from SetInitialized.
2019-06-19 15:49:08 +02:00