Rename URLRequest's expected_signatures to expected_public_keys.
This was a bad naming choice. We're passing public key expectations up from Blink for use in the network stack. The signatures come from the server's response, and are eventually verified against these keys. No change in behavior, just improving comprehension. Bug: 383409575 Change-Id: I9348fd7f0baa4df6df589bceec61c77553eb3e5a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6368837 Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Reviewed-by: Kenichi Ishibashi <bashi@chromium.org> Cr-Commit-Position: refs/heads/main@{#1435893}
This commit is contained in:
Mike West
committed by
Chromium LUCI CQ
Chromium LUCI CQ
parent
7570bd0267
commit
71e4dabaf3
services/network
prefetch_matches.ccurl_loader.ccurl_loader.h
public
cpp
resource_request.ccresource_request.hsri_message_signatures.ccsri_message_signatures.hurl_request_mojom_traits.ccurl_request_mojom_traits.hurl_request_mojom_traits_perftest.ccurl_request_mojom_traits_unittest.cc
mojom
third_party/blink/renderer
core
html
parser
platform
loader
fetch
tools/metrics/histograms/metadata/network
@ -80,7 +80,7 @@ namespace {
|
||||
DO_FIELD(credentials_mode) __VA_ARGS__ \
|
||||
DO_FIELD(redirect_mode) __VA_ARGS__ \
|
||||
DO_FIELD(fetch_integrity) __VA_ARGS__ \
|
||||
DO_FIELD(expected_signatures) __VA_ARGS__ \
|
||||
DO_FIELD(expected_public_keys) __VA_ARGS__ \
|
||||
DO_FIELD(destination) __VA_ARGS__ \
|
||||
DO_FIELD(original_destination) __VA_ARGS__ \
|
||||
DO_FIELD(request_body) __VA_ARGS__ \
|
||||
@ -222,7 +222,7 @@ enum class FieldsForUma {
|
||||
kAttributionReportingSrcToken = 61,
|
||||
kIsAdTagged = 62,
|
||||
kKeepaliveToken = 63,
|
||||
kExpectedSignatures = 64,
|
||||
kExpectedPublicKeys = 64,
|
||||
kPermissionsPolicy = 65,
|
||||
kClientSideContentDecodingEnabled = 66,
|
||||
kMaxValue = kClientSideContentDecodingEnabled,
|
||||
@ -256,7 +256,7 @@ constexpr auto kUmaEnumMap = base::MakeFixedFlatMap<Fields, FieldsForUma>({
|
||||
{Fields::kcredentials_mode, FieldsForUma::kCredentialsMode},
|
||||
{Fields::kredirect_mode, FieldsForUma::kRedirectMode},
|
||||
{Fields::kfetch_integrity, FieldsForUma::kFetchIntegrity},
|
||||
{Fields::kexpected_signatures, FieldsForUma::kExpectedSignatures},
|
||||
{Fields::kexpected_public_keys, FieldsForUma::kExpectedPublicKeys},
|
||||
{Fields::kdestination, FieldsForUma::kDestination},
|
||||
{Fields::koriginal_destination, FieldsForUma::kOriginalDestination},
|
||||
{Fields::krequest_body, FieldsForUma::kRequestBody},
|
||||
|
||||
@ -310,7 +310,7 @@ bool ResourceRequest::EqualsForTesting(const ResourceRequest& request) const {
|
||||
credentials_mode == request.credentials_mode &&
|
||||
redirect_mode == request.redirect_mode &&
|
||||
fetch_integrity == request.fetch_integrity &&
|
||||
expected_signatures == request.expected_signatures &&
|
||||
expected_public_keys == request.expected_public_keys &&
|
||||
destination == request.destination &&
|
||||
request_body == request.request_body &&
|
||||
keepalive == request.keepalive &&
|
||||
|
||||
@ -181,7 +181,7 @@ struct COMPONENT_EXPORT(NETWORK_CPP_BASE) ResourceRequest {
|
||||
std::string fetch_integrity;
|
||||
// Used to populate `Accept-Signatures`
|
||||
// https://www.rfc-editor.org/rfc/rfc9421.html#name-the-accept-signature-field
|
||||
std::vector<std::string> expected_signatures;
|
||||
std::vector<std::string> expected_public_keys;
|
||||
mojom::RequestDestination destination = mojom::RequestDestination::kEmpty;
|
||||
mojom::RequestDestination original_destination =
|
||||
mojom::RequestDestination::kEmpty;
|
||||
|
||||
@ -746,7 +746,7 @@ MaybeBlockResponseForSRIMessageSignature(
|
||||
|
||||
void MaybeSetAcceptSignatureHeader(
|
||||
net::URLRequest* request,
|
||||
const std::vector<std::string>& expected_signatures) {
|
||||
const std::vector<std::string>& expected_public_keys) {
|
||||
// In order to support request-specific experimentation, we send the
|
||||
// `Accept-Signature` header whenever signatures are expected by a request's
|
||||
// initiator, regardless of the `features::kSRIMessageSignatureEnforcement`
|
||||
@ -757,7 +757,7 @@ void MaybeSetAcceptSignatureHeader(
|
||||
|
||||
std::stringstream header;
|
||||
int counter = 0;
|
||||
for (const std::string& public_key : expected_signatures) {
|
||||
for (const std::string& public_key : expected_public_keys) {
|
||||
// We expect these to be validly base64-encoded Ed25519 public keys:
|
||||
std::optional<std::vector<uint8_t>> decoded =
|
||||
base::Base64Decode(public_key);
|
||||
|
||||
@ -78,7 +78,7 @@ MaybeBlockResponseForSRIMessageSignature(
|
||||
COMPONENT_EXPORT(NETWORK_CPP)
|
||||
void MaybeSetAcceptSignatureHeader(
|
||||
net::URLRequest*,
|
||||
const std::vector<std::string>& expected_signatures);
|
||||
const std::vector<std::string>& expected_public_keys);
|
||||
|
||||
} // namespace network
|
||||
|
||||
|
||||
@ -121,7 +121,7 @@ bool StructTraits<
|
||||
!data.ReadCredentialsMode(&out->credentials_mode) ||
|
||||
!data.ReadRedirectMode(&out->redirect_mode) ||
|
||||
!data.ReadFetchIntegrity(&out->fetch_integrity) ||
|
||||
!data.ReadExpectedSignatures(&out->expected_signatures) ||
|
||||
!data.ReadExpectedPublicKeys(&out->expected_public_keys) ||
|
||||
!data.ReadRequestBody(&out->request_body) ||
|
||||
!data.ReadThrottlingProfileId(&out->throttling_profile_id) ||
|
||||
!data.ReadFetchWindowId(&out->fetch_window_id) ||
|
||||
|
||||
@ -264,9 +264,9 @@ struct COMPONENT_EXPORT(NETWORK_CPP_BASE)
|
||||
const network::ResourceRequest& request) {
|
||||
return request.fetch_integrity;
|
||||
}
|
||||
static const std::vector<std::string>& expected_signatures(
|
||||
static const std::vector<std::string>& expected_public_keys(
|
||||
const network::ResourceRequest& request) {
|
||||
return request.expected_signatures;
|
||||
return request.expected_public_keys;
|
||||
}
|
||||
static network::mojom::RequestDestination destination(
|
||||
const network::ResourceRequest& request) {
|
||||
|
||||
@ -72,7 +72,7 @@ network::ResourceRequest CreateResourceRequest() {
|
||||
request.credentials_mode = mojom::CredentialsMode::kInclude;
|
||||
request.redirect_mode = mojom::RedirectMode::kFollow;
|
||||
request.fetch_integrity = "dummy_fetch_integrity";
|
||||
request.expected_signatures = {};
|
||||
request.expected_public_keys = {};
|
||||
request.keepalive = true;
|
||||
request.browsing_topics = true;
|
||||
request.ad_auction_headers = true;
|
||||
|
||||
@ -86,7 +86,7 @@ TEST(URLRequestMojomTraitsTest, Roundtrips_ResourceRequest) {
|
||||
original.credentials_mode = mojom::CredentialsMode::kInclude;
|
||||
original.redirect_mode = mojom::RedirectMode::kFollow;
|
||||
original.fetch_integrity = "dummy_fetch_integrity";
|
||||
original.expected_signatures = {};
|
||||
original.expected_public_keys = {};
|
||||
original.keepalive = true;
|
||||
original.browsing_topics = true;
|
||||
original.ad_auction_headers = true;
|
||||
|
||||
@ -317,7 +317,7 @@ struct URLRequest {
|
||||
// to populate an `Accept-Signatures` header.
|
||||
//
|
||||
// https://www.rfc-editor.org/rfc/rfc9421.html#name-the-accept-signature-field
|
||||
array<string> expected_signatures;
|
||||
array<string> expected_public_keys;
|
||||
|
||||
// https://fetch.spec.whatwg.org/#concept-request-destination
|
||||
RequestDestination destination;
|
||||
|
||||
@ -679,7 +679,7 @@ URLLoader::URLLoader(
|
||||
has_user_activation_(request.trusted_params &&
|
||||
request.trusted_params->has_user_activation),
|
||||
request_destination_(request.destination),
|
||||
expected_signatures_(request.expected_signatures),
|
||||
expected_public_keys_(request.expected_public_keys),
|
||||
resource_scheduler_client_(context.GetResourceSchedulerClient()),
|
||||
keepalive_statistics_recorder_(std::move(keepalive_statistics_recorder)),
|
||||
custom_proxy_pre_cache_headers_(request.custom_proxy_pre_cache_headers),
|
||||
@ -962,7 +962,7 @@ void URLLoader::ConfigureRequest(
|
||||
*factory_params_, *origin_access_list_,
|
||||
request_credentials_mode_);
|
||||
|
||||
MaybeSetAcceptSignatureHeader(url_request_.get(), expected_signatures_);
|
||||
MaybeSetAcceptSignatureHeader(url_request_.get(), expected_public_keys_);
|
||||
|
||||
url_request_->set_first_party_url_policy(first_party_url_policy);
|
||||
|
||||
@ -2200,7 +2200,7 @@ void URLLoader::ContinueOnResponseStartedImmediately() {
|
||||
if (std::optional<mojom::BlockedByResponseReason> blocked_reason =
|
||||
MaybeBlockResponseForSRIMessageSignature(
|
||||
url_request_->url(), *response_,
|
||||
/*checks_forced_by_initiator=*/!expected_signatures_.empty(),
|
||||
/*checks_forced_by_initiator=*/!expected_public_keys_.empty(),
|
||||
devtools_observer_, devtools_request_id().value_or(""))) {
|
||||
CompleteBlockedResponse(net::ERR_BLOCKED_BY_RESPONSE, false,
|
||||
blocked_reason);
|
||||
|
||||
@ -796,7 +796,7 @@ class COMPONENT_EXPORT(NETWORK_SERVICE) URLLoader
|
||||
const mojom::RequestDestination request_destination_ =
|
||||
mojom::RequestDestination::kEmpty;
|
||||
|
||||
const std::vector<std::string> expected_signatures_ = {};
|
||||
const std::vector<std::string> expected_public_keys_;
|
||||
|
||||
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client_;
|
||||
|
||||
|
||||
@ -116,7 +116,7 @@ Resource* PreloadRequest::Start(Document* document) {
|
||||
ResourceFetcher::DetermineRequestContext(resource_type_, is_image_set_));
|
||||
resource_request.SetRequestDestination(
|
||||
ResourceFetcher::DetermineRequestDestination(resource_type_));
|
||||
resource_request.SetExpectedSignatures(integrity_metadata_);
|
||||
resource_request.SetExpectedPublicKeys(integrity_metadata_);
|
||||
resource_request.SetFetchPriorityHint(fetch_priority_hint_);
|
||||
|
||||
// Disable issue logging to avoid duplicates, since `CanRegister()` will be
|
||||
|
||||
@ -465,13 +465,13 @@ void ResourceRequestHead::SetFetchIntegrity(
|
||||
IntegrityMetadataSet metadata;
|
||||
SubresourceIntegrity::ParseIntegrityAttribute(integrity, metadata,
|
||||
feature_context);
|
||||
SetExpectedSignatures(metadata);
|
||||
SetExpectedPublicKeys(metadata);
|
||||
}
|
||||
|
||||
void ResourceRequestHead::SetExpectedSignatures(
|
||||
void ResourceRequestHead::SetExpectedPublicKeys(
|
||||
const IntegrityMetadataSet& metadata) {
|
||||
for (const auto& signature : metadata.signatures) {
|
||||
expected_signatures_.push_back(signature.first);
|
||||
for (const auto& public_key : metadata.signatures) {
|
||||
expected_public_keys_.push_back(public_key.first);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -408,9 +408,9 @@ class PLATFORM_EXPORT ResourceRequestHead {
|
||||
void SetFetchIntegrity(const String& integrity, const FeatureContext*);
|
||||
|
||||
// This is also called as a side-effect of `SetFetchIntegrity()`.
|
||||
void SetExpectedSignatures(const IntegrityMetadataSet&);
|
||||
const WTF::Vector<String>& GetExpectedSignatures() const {
|
||||
return expected_signatures_;
|
||||
void SetExpectedPublicKeys(const IntegrityMetadataSet&);
|
||||
const WTF::Vector<String>& GetExpectedPublicKeys() const {
|
||||
return expected_public_keys_;
|
||||
}
|
||||
|
||||
bool CacheControlContainsNoCache() const;
|
||||
@ -751,8 +751,8 @@ class PLATFORM_EXPORT ResourceRequestHead {
|
||||
network::mojom::RedirectMode redirect_mode_;
|
||||
// Exposed as Request.integrity in Service Workers
|
||||
String fetch_integrity_;
|
||||
// Signature expectations extracted from `fetch_integrity_`
|
||||
WTF::Vector<String> expected_signatures_;
|
||||
// Public key expectations extracted from `integrity_`
|
||||
WTF::Vector<String> expected_public_keys_;
|
||||
String referrer_string_;
|
||||
network::mojom::ReferrerPolicy referrer_policy_;
|
||||
network::mojom::CorsPreflightPolicy cors_preflight_policy_;
|
||||
|
||||
@ -325,9 +325,9 @@ void PopulateResourceRequest(const ResourceRequestHead& src,
|
||||
dest->credentials_mode = src.GetCredentialsMode();
|
||||
dest->redirect_mode = src.GetRedirectMode();
|
||||
dest->fetch_integrity = src.GetFetchIntegrity().Utf8();
|
||||
dest->expected_signatures.reserve(src.GetExpectedSignatures().size());
|
||||
for (const String& signature : src.GetExpectedSignatures()) {
|
||||
dest->expected_signatures.push_back(signature.Utf8());
|
||||
dest->expected_public_keys.reserve(src.GetExpectedPublicKeys().size());
|
||||
for (const String& public_key : src.GetExpectedPublicKeys()) {
|
||||
dest->expected_public_keys.push_back(public_key.Utf8());
|
||||
}
|
||||
if (src.GetWebBundleTokenParams().has_value()) {
|
||||
dest->web_bundle_token_params =
|
||||
|
||||
@ -1570,7 +1570,7 @@ chromium-metrics-reviews@google.com.
|
||||
<int value="61" label="attribution_reporting_src_token"/>
|
||||
<int value="62" label="is_ad_tagged"/>
|
||||
<int value="63" label="keepalive_token"/>
|
||||
<int value="64" label="expected_signatures"/>
|
||||
<int value="64" label="expected_public_keys"/>
|
||||
<int value="65" label="permissions_policy"/>
|
||||
<int value="66" label="client_side_content_decoding_enabled"/>
|
||||
</enum>
|
||||
|
||||
Reference in New Issue
Block a user