bcarrella/cef
1
0
Fork 0
mirror of https://bitbucket.org/chromiumembedded/cef synced 2025-01-29 18:49:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
cef/patch/patches/services_network_initiator_lock_1051674.patch
Alexander Guettler 71768ea6c3 Update to Chromium version 80.0.3987.0 (#722274)
2020-02-17 13:19:09 -05:00

43 lines
2.2 KiB
Diff
Raw Blame History

diff --git services/network/public/cpp/initiator_lock_compatibility.cc services/network/public/cpp/initiator_lock_compatibility.cc
index 3215c667d8a1..c305faab1e0d 100644
--- services/network/public/cpp/initiator_lock_compatibility.cc
+++ services/network/public/cpp/initiator_lock_compatibility.cc
@@ -37,20 +37,26 @@ InitiatorLockCompatibility VerifyRequestInitiatorLock(
if (initiator.opaque() || (initiator == lock))
return InitiatorLockCompatibility::kCompatibleLock;
- // TODO(lukasza, nasko): https://crbug.com/888079: Return kIncorrectLock if
+ // TODO(lukasza): https://crbug.com/891872: Return kIncorrectLock if
// the origins do not match exactly in the previous if statement. This should
- // be possible to do once we no longer fall back to site_url and have
- // request_initiator_*origin*_lock instead. In practice, the fallback can go
- // away after we no longer vend process-wide factory: https://crbug.com/891872
+ // be possible to do once we no longer vend process-wide factory.
if (!initiator.opaque() && !lock.opaque() &&
initiator.scheme() == lock.scheme() &&
- initiator.GetURL().SchemeIsHTTPOrHTTPS() &&
- !initiator.GetURL().HostIsIPAddress()) {
- std::string lock_domain = lock.host();
- if (!lock_domain.empty() && lock_domain.back() == '.')
- lock_domain.erase(lock_domain.length() - 1);
- if (initiator.DomainIs(lock_domain))
- return InitiatorLockCompatibility::kCompatibleLock;
+ initiator.GetURL().SchemeIsHTTPOrHTTPS()) {
+ if (initiator.GetURL().HostIsIPAddress()) {
+ // For IP addresses, we require host equality (allowing ports to differ,
+ // since site_url ignores ports). See also https://crbug.com/1051674.
+ if (initiator.host() == lock.host())
+ return InitiatorLockCompatibility::kCompatibleLock;
+ } else {
+ // For non-IP-address origins, we require sites (eTLD+1) to match
+ // (again ignoring ports).
+ std::string lock_domain = lock.host();
+ if (!lock_domain.empty() && lock_domain.back() == '.')
+ lock_domain.erase(lock_domain.length() - 1);
+ if (initiator.DomainIs(lock_domain))
+ return InitiatorLockCompatibility::kCompatibleLock;
+ }
}
return InitiatorLockCompatibility::kIncorrectLock;
Reference in New Issue View Git Blame Copy Permalink