Compare commits

...

2 Commits

Author SHA1 Message Date
Marshall Greenblatt ff7dcd851e Revert unretained dangling ptr detector crash by default (fixes #3693) 2024-05-06 16:56:41 -04:00
Marshall Greenblatt a6e684abf1 Fix credentials mode for fetch request redirect (fixes #3675)
Also verified that https://browseraudit.com/ gives the same results
both with and without `--disable-request-handling-for-testing`.
2024-05-06 15:11:57 -04:00
3 changed files with 30 additions and 0 deletions

View File

@ -359,6 +359,7 @@ class InterceptedRequest : public network::mojom::URLLoader,
GURL redirect_url_;
GURL header_client_redirect_url_;
const net::MutableNetworkTrafficAnnotationTag traffic_annotation_;
std::optional<network::mojom::CredentialsMode> original_crendentials_mode_;
mojo::Receiver<network::mojom::URLLoader> proxied_loader_receiver_;
mojo::Remote<network::mojom::URLLoaderClient> target_client_;
@ -507,6 +508,7 @@ void InterceptedRequest::Restart() {
// Match logic in CorsURLLoader::StartNetworkRequest.
const auto response_tainting = CalculateResponseTainting(
should_check_cors, request_.mode, tainted_origin);
original_crendentials_mode_ = request_.credentials_mode;
request_.credentials_mode =
network::cors::CalculateCredentialsFlag(request_.credentials_mode,
response_tainting)
@ -875,6 +877,14 @@ void InterceptedRequest::ContinueAfterIntercept() {
target_loader_.BindNewPipeAndPassReceiver(), id_, options, request_,
proxied_client_receiver_.BindNewPipeAndPassRemote(),
traffic_annotation_);
if (original_crendentials_mode_) {
// Restore the original |credentials_mode| value after calling
// CreateLoaderAndStart. This matches the logic in CorsURLLoader::
// StartNetworkRequest and allows InterceptedRequest::Restart to compute
// the correct |credentials_mode| during a fetch request redirect.
request_.credentials_mode = *original_crendentials_mode_;
original_crendentials_mode_.reset();
}
}
}

View File

@ -766,5 +766,12 @@ patches = [
# It is a bit hacky, not suitable for merging into upstream.
# https://chromium-review.googlesource.com/c/chromium/src/+/5302103
'name': 'osr_win_remove_keyed_mutex_2575'
},
{
# Revert unretained dangling ptr detector crash by default.
# https://github.com/chromiumembedded/cef/issues/3693
# Reverts
# https://chromium-review.googlesource.com/c/chromium/src/+/5351597
'name': 'base_allocator_unretained_dangling_ptr_5351597'
}
]

View File

@ -0,0 +1,13 @@
diff --git base/allocator/partition_alloc_features.cc base/allocator/partition_alloc_features.cc
index a2616fced0f5b..cacd41b0ffa23 100644
--- base/allocator/partition_alloc_features.cc
+++ base/allocator/partition_alloc_features.cc
@@ -36,7 +36,7 @@ const base::FeatureParam<UnretainedDanglingPtrMode>
kUnretainedDanglingPtrModeParam = {
&kPartitionAllocUnretainedDanglingPtr,
"mode",
- UnretainedDanglingPtrMode::kCrash,
+ UnretainedDanglingPtrMode::kDumpWithoutCrashing,
&kUnretainedDanglingPtrModeOption,
};