Disable RendererSideContentDecoding for navigations
The RendererSideContentDecoding feature allows the network service to skip decoding response bodies (e.g., handling `Content-Encoding: gzip`), delegating this task to the client, typically the renderer process. This is activated by setting the `client_side_content_decoding_enabled` flag on the `ResourceRequest`. However, enabling this feature for navigation requests caused issues. Not all navigation responses are sent to a renderer process. For instance, a response with a `Content-Disposition: attachment` header triggers a download. If the network service skips decoding for such a response, the user would incorrectly download the raw, encoded file (e.g., the gzipped data) instead of the decoded content. Determining within the network service whether a navigation response will ultimately lead to a download is complex (See `content::download_utils::MustDownload()` method). Therefore, this CL takes a simpler, more robust approach: it disables the `RendererSideContentDecoding` feature entirely for navigation requests. This is achieved by removing the logic that sets the `client_side_content_decoding_enabled` flag within `CreateResourceRequestForNavigation`. As a result, the network service will now always handle content decoding for navigation responses. This guarantees that the correct, decoded content is consistently provided, whether the response is intended for rendering or triggers a download. A browser test (`DownloadContentTest.CompressedResponseWithContentDisposition`) has been added to verify this fix. It ensures that navigating to a URL that serves content with both `Content-Encoding: gzip` and `Content-Disposition: attachment` results in a correctly decoded downloaded file. Bug: 391950057 Change-Id: I2e8bc9fb6d1c3fe3124662f62e7b403b7e1e182c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6399553 Reviewed-by: Adam Rice <ricea@chromium.org> Reviewed-by: Min Qin <qinmin@chromium.org> Commit-Queue: Tsuyoshi Horo <horo@chromium.org> Cr-Commit-Position: refs/heads/main@{#1439161}
This commit is contained in:

committed by
Chromium LUCI CQ

parent
619ed18814
commit
f958d2bc4b
@@ -4419,6 +4419,33 @@ IN_PROC_BROWSER_TEST_F(DownloadContentTest, DuplicateContentDisposition) {
|
||||
downloads[0]->GetTargetFilePath().BaseName().value());
|
||||
}
|
||||
|
||||
IN_PROC_BROWSER_TEST_F(DownloadContentTest,
|
||||
CompressedResponseWithContentDisposition) {
|
||||
// gzip-content-with-content-disposition.gz is served with Content-Disposition
|
||||
// headers, and `Content-Encoding: gzip`.
|
||||
NavigateToURLAndWaitForDownload(
|
||||
shell(),
|
||||
embedded_test_server()->GetURL(
|
||||
"/download/gzip-content-with-content-disposition.gz"),
|
||||
download::DownloadItem::COMPLETE);
|
||||
|
||||
std::vector<raw_ptr<download::DownloadItem, VectorExperimental>> downloads;
|
||||
DownloadManagerForShell(shell())->GetAllDownloads(&downloads);
|
||||
ASSERT_EQ(1u, downloads.size());
|
||||
|
||||
EXPECT_EQ(FILE_PATH_LITERAL("hello.txt"),
|
||||
downloads[0]->GetTargetFilePath().BaseName().value());
|
||||
|
||||
// Verify the file is downloaded correctly.
|
||||
{
|
||||
base::ScopedAllowBlockingForTesting allow_blocking;
|
||||
std::string downloaded_content;
|
||||
ASSERT_TRUE(base::ReadFileToString(downloads[0]->GetTargetFilePath(),
|
||||
&downloaded_content));
|
||||
EXPECT_EQ(downloaded_content, "Hello World!\n");
|
||||
}
|
||||
}
|
||||
|
||||
// Test that the network isolation key is populated for:
|
||||
// (1) <a download> triggered download request that doesn't go through the
|
||||
// navigation path
|
||||
|
@@ -559,11 +559,6 @@ std::unique_ptr<network::ResourceRequest> CreateResourceRequestForNavigation(
|
||||
|
||||
new_request->enable_load_timing = true;
|
||||
|
||||
if (base::FeatureList::IsEnabled(
|
||||
network::features::kRendererSideContentDecoding)) {
|
||||
new_request->client_side_content_decoding_enabled = true;
|
||||
}
|
||||
|
||||
return new_request;
|
||||
}
|
||||
|
||||
|
@@ -6671,6 +6671,8 @@ data/download/download-with-xfo-deny.html.mock-http-headers
|
||||
data/download/empty.bin
|
||||
data/download/empty.bin.mock-http-headers
|
||||
data/download/forms.mhtml
|
||||
data/download/gzip-content-with-content-disposition.gz
|
||||
data/download/gzip-content-with-content-disposition.gz.mock-http-headers
|
||||
data/download/gzip-content.gz
|
||||
data/download/gzip-content.gz.mock-http-headers
|
||||
data/download/hello.mhtml
|
||||
|
Binary file not shown.
@@ -0,0 +1,4 @@
|
||||
HTTP/1.1 200 OK
|
||||
Content-Length: 33
|
||||
Content-Disposition: attachment; filename=hello.txt
|
||||
Content-Encoding: gzip
|
Reference in New Issue
Block a user