diff --git content/browser/child_process_security_policy_impl.cc content/browser/child_process_security_policy_impl.cc index 1bf903af89b3c..5471355376272 100644 --- content/browser/child_process_security_policy_impl.cc +++ content/browser/child_process_security_policy_impl.cc @@ -2084,6 +2084,17 @@ bool ChildProcessSecurityPolicyImpl::CanAccessMaybeOpaqueOrigin( // DeclarativeApiTest.PersistRules. if (actual_process_lock.matches_scheme(url::kDataScheme)) return true; + + // Allow other schemes that are non-standard, non-local and WebSafe. + if (lock_url.is_valid() && !lock_url.IsStandard() && + !base::Contains(url::GetLocalSchemes(), + lock_url.scheme_piece())) { + base::AutoLock schemes_lock(schemes_lock_); + if (base::Contains(schemes_okay_to_request_in_any_process_, + lock_url.scheme())) { + return true; + } + } } // Make an exception to allow most visited tiles to commit in diff --git content/browser/renderer_host/navigation_request.cc content/browser/renderer_host/navigation_request.cc index 22bb23e6a84d3..512b8ac76cf77 100644 --- content/browser/renderer_host/navigation_request.cc +++ content/browser/renderer_host/navigation_request.cc @@ -8214,10 +8214,22 @@ NavigationRequest::GetOriginForURLLoaderFactoryBeforeResponseWithDebugInfo( bool use_opaque_origin = (sandbox_flags & network::mojom::WebSandboxFlags::kOrigin) == network::mojom::WebSandboxFlags::kOrigin; + if (use_opaque_origin) { + origin_and_debug_info.second += ", sandbox_flags"; + } + + if (!origin_and_debug_info.first.GetURL().IsStandard()) { + // Always return an opaque origin for non-standard URLs. Otherwise, the + // CanAccessDataForOrigin() check may fail for unregistered custom scheme + // requests in CEF. + use_opaque_origin = true; + origin_and_debug_info.second += ", cef_nonstandard"; + } + if (use_opaque_origin) { origin_and_debug_info = std::pair(origin_and_debug_info.first.DeriveNewOpaqueOrigin(), - origin_and_debug_info.second + ", sandbox_flags"); + origin_and_debug_info.second); } return origin_and_debug_info; @@ -8325,6 +8337,15 @@ NavigationRequest::GetOriginForURLLoaderFactoryAfterResponseWithDebugInfo() { DetermineInitiatorRelationship(initiator_rfh, frame_tree_node_->current_frame_host())); + if (origin_with_debug_info.first.opaque() && + origin_with_debug_info.second.find("cef_nonstandard") != + std::string::npos) { + // Always return an opaque origin for non-standard URLs. Otherwise, the + // below CanAccessDataForOrigin() check may fail for unregistered custom + // scheme requests in CEF. + return origin_with_debug_info; + } + // MHTML documents should commit as an opaque origin. They should not be able // to make network request on behalf of the real origin. DCHECK(!IsMhtmlOrSubframe() || origin_with_debug_info.first.opaque());