diff --git content/browser/child_process_security_policy_impl.cc content/browser/child_process_security_policy_impl.cc index 72b1e46a91e78..2aea3ca80157e 100644 --- content/browser/child_process_security_policy_impl.cc +++ content/browser/child_process_security_policy_impl.cc @@ -1878,6 +1878,16 @@ bool ChildProcessSecurityPolicyImpl::CanAccessDataForMaybeOpaqueOrigin( // DeclarativeApiTest.PersistRules. if (actual_process_lock.matches_scheme(url::kDataScheme)) return true; + + // Allow other schemes that are non-standard, non-local and WebSafe. + if (lock_url.is_valid() && + !lock_url.IsStandard() && + !base::Contains(url::GetLocalSchemes(), + lock_url.scheme_piece()) && + base::Contains(schemes_okay_to_request_in_any_process_, + lock_url.scheme())) { + return true; + } } // Make an exception to allow most visited tiles to commit in diff --git content/browser/renderer_host/navigation_request.cc content/browser/renderer_host/navigation_request.cc index dead84566f239..9fffaa0c20c97 100644 --- content/browser/renderer_host/navigation_request.cc +++ content/browser/renderer_host/navigation_request.cc @@ -7772,10 +7772,22 @@ NavigationRequest::GetOriginForURLLoaderFactoryBeforeResponseWithDebugInfo( bool use_opaque_origin = (sandbox_flags & network::mojom::WebSandboxFlags::kOrigin) == network::mojom::WebSandboxFlags::kOrigin; + if (use_opaque_origin) { + origin_and_debug_info.second += ", sandbox_flags"; + } + + if (!origin_and_debug_info.first.GetURL().IsStandard()) { + // Always return an opaque origin for non-standard URLs. Otherwise, the + // CanAccessDataForOrigin() check may fail for unregistered custom scheme + // requests in CEF. + use_opaque_origin = true; + origin_and_debug_info.second += ", cef_nonstandard"; + } + if (use_opaque_origin) { origin_and_debug_info = std::make_pair(origin_and_debug_info.first.DeriveNewOpaqueOrigin(), - origin_and_debug_info.second + ", sandbox_flags"); + origin_and_debug_info.second); } return origin_and_debug_info; @@ -7883,6 +7895,15 @@ NavigationRequest::GetOriginForURLLoaderFactoryAfterResponseWithDebugInfo() { DetermineInitiatorRelationship(initiator_rfh, frame_tree_node_->current_frame_host())); + if (origin_with_debug_info.first.opaque() && + origin_with_debug_info.second.find("cef_nonstandard") != + std::string::npos) { + // Always return an opaque origin for non-standard URLs. Otherwise, the + // below CanAccessDataForOrigin() check may fail for unregistered custom + // scheme requests in CEF. + return origin_with_debug_info; + } + // MHTML documents should commit as an opaque origin. They should not be able // to make network request on behalf of the real origin. DCHECK(!IsMhtmlOrSubframe() || origin_with_debug_info.first.opaque());