This is part 1 of a series of CL to split DevTools agent hosts for
workers and regular (CSS/Animation/Audio) worklets. These differ
notably in the domains they support and other aspects of handling
and are already handled differently on the renderer side, so they
deserve specific classes on the browser side as well. This CL
just renames WorkerDevToolsAgentHost to WorkerOrWorkletDevToolsAgentHost, with the intent of it serving as
a common base for DedicatedWorkerDevToolsAgentHost and
WorkletDevToolsAgentHost, to be introduced in the follow-up CLs.
Bug: 1517088
Change-Id: Ie7b02361b10ad18555194217f26f74585b7ab2f7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5186137
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Commit-Queue: Andrey Kosyakov <caseq@chromium.org>
Reviewed-by: Peter Kvitek <kvitekp@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1246220}
This CL modifies the DedicatedWorkerService observer interface
to expose information about nested workers.
Before this change, only the ancestor frame was exposed, making
it impossible to know if a worker was nested or not.
Now, a new variant type called DedicatedWorkerCreator represents
either the creator frame or the creator dedicated worker.
This new type replaces both `creator_render_frame_host_id_` and
`creator_worker_token_` in DedicatedWorkerHost.
Bug: 993029
Change-Id: Ia45317e82a1794f51085cab5ad841275779c8633
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2355050
Reviewed-by: Kirubel Aklilu <kaklilu@chromium.org>
Commit-Queue: Patrick Monette <pmonette@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Reviewed-by: Anton Maliev <amaliev@chromium.org>
Reviewed-by: Ahmed Fakhry <afakhry@chromium.org>
Reviewed-by: Yoshisato Yanagisawa <yyanagisawa@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1230736}
This CL adds a structure and changes the arguments of FallbackCallback
in `NavigationLoaderInterceptor` to the newly created structure.
The added structure currently has only one field, `load_timing_info`, but we plan to add other fields to update response headers other than
load timing.
This is the preliminary change to fix the bug on DevTools support for SW
Static Routing API.
Bug: 1502443
Change-Id: I742f9277586a29aa7cea2d1f79adcc867193390b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5051307
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org>
Commit-Queue: Takashi Nakayama <tnak@chromium.org>
Reviewed-by: Shunya Shishido <sisidovski@chromium.org>
Reviewed-by: Yoshisato Yanagisawa <yyanagisawa@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1228776}
WorkerScriptLoader was originally designed for handling multiple
NavigationLoaderInterceptors, but after AppCache was removed by
https://crrev.com/c/3214643, ServiceWorkerMainResourceLoaderInterceptor
is the only intercepter used there. For code cleanup, this CL makes the
loader explicitly handle only one interceptor.
Bug: n/a
Change-Id: Id5511d3763e11dd92c54513387edc06d6f90bbd3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5048055
Commit-Queue: Hiroki Nakagawa <nhiroki@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Yoshisato Yanagisawa <yyanagisawa@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1227742}
This new bit will make the storage partition config to preserved
across navigation (similar to the "is_guest" bit).
Also switch the isolated PWA to use this instead of guest SiteInstance.
Bug: b/304851565
Change-Id: I43755d6bce622749dbe6cca2ae5ac170e381bbba
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5012192
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Jason Lin <lxj@google.com>
Reviewed-by: Glen Robertson <glenrob@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1227266}
`ancestor_render_frame_host` looks used regardless of it is valid or
not. When the RenderFrameHost has been deleted, it might be natural to
get nullptr for `ancestor_render_frame_id_`, and we should not use the
value at that time.
Bug: 1501265
Change-Id: I3f0ff19364f5ac8393a859f590b8db3003e26bb3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5029253
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Commit-Queue: Yoshisato Yanagisawa <yyanagisawa@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1224614}
This is a refactor in preparation to implement BFCache logic for
FileSystemAccessLockManager. There should be no behavioral change.
This plumbs the GlobalRenderFrameHostId through to the LockManager so
that the LockManager can hand out LockHandles for each Lock per the
frame.
Bug: 1382215, 1241174
Change-Id: I55301f488bd3b22423efa065bc79fe2e81ce4525
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4953324
Reviewed-by: Austin Sullivan <asully@chromium.org>
Commit-Queue: Nathan Memmott <memmott@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Reviewed-by: Chris Bookholt <bookholt@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1217823}
This CL adds a WPT which ensures that partitioned SharedWorkers
only can access partitioned cookies whose CookiePartitionKey
match the worker's StorageKey. The test covers subresource requests
and importScripts calls. It does not test the cookies available to
the request for the worker script.
It also updates how SharedWorker builds IsolationInfo in some
places to ensure the tests pass.
Bug: 1147281,1488557
Change-Id: I5a576a182b19d9d09caaa2ad042d50cb8de6d03b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4908159
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Commit-Queue: Dylan Cutler <dylancutler@google.com>
Cr-Commit-Position: refs/heads/main@{#1205932}
The party_context is never actually read anymore, now that the
implementation of the SameParty attribute has been (mostly) removed.
The only remaining reader of the field just cares about whether the
absl::optional is populated for not, so we can replace the field with
a boolean. (Note: I'm open to better names for the boolean, since the
one I picked seems in conflict with
IsolationInfo::CreateForInternalRequest. But I don't have a better
idea.)
Note that this does not touch the IsolationInfo proto's field, since
I can't tell how that's used (and it may be stored on disk).
Bug: 1348588
Change-Id: I3b9ef1c86880fa733175054bb97aeea3c920bd19
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4846992
Reviewed-by: Steven Bingler <bingler@chromium.org>
Reviewed-by: Brendon Tiszka <tiszka@chromium.org>
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Auto-Submit: Chris Fredrickson <cfredric@chromium.org>
Reviewed-by: Dominic Farolino <dom@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Commit-Queue: Dominic Farolino <dom@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1193664}
With the newly introduced InProcessRenderExiting notification, it can
be used to handle the --single-process flag the same way that we
handle regular renderer that exited.
Change-Id: Id12e661267907594881fc88c70565445f7d5f780
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4778750
Commit-Queue: Patrick Monette <pmonette@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1184698}
This change is part of the effort to re-enable consistently passing
tests across the entire chromium.
If the tests are reasonable, please LGTM and I will proceed to submit
the change.
If the tests are unreasonable, please let me know and I will remove
them.
------ How the change is created ------
I do not inspect each individual test case, the idea is to run the
disabled tests on reviver builders
https://ci.chromium.org/ui/p/chromium/g/reviver/builders and use the
aggregated results to decide if a previously disabled test is now
consistently passing.
Usually I create changes by directly enabling the tests. If the tests
are failing on platforms not covered by the reviver builders or
explicitly mentioned in the associated bugs, I may conditionally
enable them on certain platforms.
But other than that, I won't include extra changes except for the
ones suggested by `git cl format`.
------ How to inspect the reviver builder results ------
You may choose a platform you are interested,
e.g. chromium/reviver/lacros-coordinator.
[link: https://ci.chromium.org/p/chromium/builders/reviver/lacros-coordinator]
In the baseline builder / buildbucket.schedule step, e.g.
chromium/ci/linux-lacros-builder-rel - buildbucket.schedule,
there will be a luci run link.
[ex: https://ci.chromium.org/ui/p/chromium/builders/reviver/runner/b8776966777608450081/overview]
------ Aggregated results of the tests involved ------
The following list shows how many times the changed tests were
*consistently* passing on the relevant builders.
content/test:content_unittests/SharedWorkerServiceImplTest.WebContentsDestroyed
127 fuchsia-fyi-arm64-dbg
150 fuchsia-fyi-x64-dbg
192 fuchsia-x64-rel
110 linux-lacros-tester-rel
data version: 2023-06-28 16:45:51
Bug: 1380293
Change-Id: I50ffc741565a46e8b292a89ec4fed63f280bd90e
Fixed: 1029434
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4701307
Reviewed-by: Bo Liu <boliu@chromium.org>
Commit-Queue: Zijie He <zijiehe@google.com>
Cr-Commit-Position: refs/heads/main@{#1172662}
The feature itself is only available to Isolated Web Apps and Chrome
Apps behind a flag.
Also replace Worker with DedicatedWorker in .idl files as we don't
have any plans of supporting other worker types at the moment.
Bug: 1456269
Change-Id: Ic9a55266b7f142d486845d200a72aa3de84ddd98
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4622315
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Commit-Queue: Andrew Rayskiy <greengrape@google.com>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1160621}
This CL clean up one-off code to support User-Agent reduction and
User-agent deprecation origin trial. Make sure WorkerGlobalScope and WorkletGlobalScope execution return the correct user-agent for the Navigator JavaScript APIs. Instead of checking origin trial, user-agent response should depend on the default user-agent function as we completed user-agent reduction for all phases.
This CL also refactor the existing browser tests to make sure the
user-agent is already reduced when feature turns on.
Reference CL added support the two origin trials in Service Workers:
* https://crrev.com/c/3137615
* https://crrev.com/c/3427831
The following up cl will:
* Remove UA reduction origin trial for all requests
Change-Id: I1e59edf7c22ae6b39ece5652f2eb610cae53e461
Bug: 1258063
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4538251
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Commit-Queue: Victor Tan <victortan@chromium.org>
Reviewed-by: Yoav Weiss <yoavweiss@chromium.org>
Reviewed-by: Ben Kelly <wanderview@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1155035}
This CL expands the NavigationNetworkResponse experiment to include (a) the extensions web request UI thread shim for both navigation and service worker preload (i.e., service worker navigations where the main request is still loaded).
Bug: b/281094330
Change-Id: Iaf875d6858c68858a3b5bbc1db182b1659af35f9
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4510075
Owners-Override: Alexander Timin <altimin@chromium.org>
Commit-Queue: Ryan Sturm <ryansturm@chromium.org>
Reviewed-by: Bo Liu <boliu@chromium.org>
Reviewed-by: Alexander Timin <altimin@chromium.org>
Reviewed-by: David Bertoni <dbertoni@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1150788}
That's because all functions are called from browser process.
For content/renderer/workers, IsOutOfProcessNetworkService() is
used ([1]) to terminate workers if the network service crashes.
However, if the crashed network service is in the browser process,
then the workers are going to get terminated anyway, so introducing
this condition doesn't actually help. Thus we can remove them.
[1] https://chromium-review.googlesource.com/c/chromium/src/+/1264139
Bug: 1329834
Change-Id: Iaf3c9847b2231aef9e413481d6bdf53f7e9065ba
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4547630
Auto-Submit: Yoichi Osato <yoichio@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Owners-Override: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1150766}
This updates the last remaining callers of
NetworkIsolationKey::ToDoUseTopFrameOriginAsWell and
NetworkAnonymizationKey::ToDoUseTopFrameOriginAsWell to use
the new StorageKey::ToPartialNetIsolationInfo method instead.
Corresponding changes were made for Service Workers in
https://chromium-review.googlesource.com/c/chromium/src/+/4494754/15/content/browser/service_worker/service_worker_host.cc
This also removes NetworkIsolationKey::ToDoUseTopFrameOriginAsWell
and NetworkAnonymizationKey::ToDoUseTopFrameOriginAsWell,
since they are no longer used, as well as
IsolationInfo::ToDoUseTopFrameOriginAsWell since it isn't used
anymore either.
Bug: 1147281
Change-Id: Ic0332026009f80e97e9316a95a5a5339ccdc63bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4347543
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Commit-Queue: Andrew Williams <awillia@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1144846}
Add permissions policy for Private State Tokens issuance operation.
Update existing unit/browser tests. Add new unit/browser tests. Add
external WPT tests.
Permission Policy behavior:
1. If there are no permission policy response from server. PST
issuance can be enabled in iframes for same and cross origins
using allow attribute. See
private-state-token-issue-allowed-by-permissions-policy-attribute.tentative.https.sub.html
2. Issuance can be disabled via the new permission policy, see
private-state-token-issue-disabled-by-permissions-policy.tentative.https.sub.html and relevant header file.
3. Permissions-Policy: private-state-token-issuance=* enables
issuance. Cross origin iframes need allow attribute. See
permissions-policy/private-state-token-issue-enabled-by-permissions-policy.tentative.https.sub.html and relevant header file.
Fixed: 1434086
Change-Id: I02c41b45fab9415c135e74eb51d9033c308e7622
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4436709
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Aykut Bulut <aykutb@google.com>
Code-Coverage: Findit <findit-for-me@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1135556}
This uses the storage key known to the browser process, either from the
frame or worker, instead of creating a first-party storage key from the
origin received from the renderer.
This has the effect of better-partitioning this cache storage, as well
as not relying on an origin from the renderer process. The
`code_cache_origin` parameter is no longer passed from the renderer at
all.
Bug: 1402861, 1199077
Change-Id: I24de48f3b9bc046a4eab2fb2ba4d102b63f2dc5c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4427498
Commit-Queue: Dustin Mitchell <djmitche@chromium.org>
Reviewed-by: Martin Šrámek <msramek@chromium.org>
Code-Coverage: Findit <findit-for-me@appspot.gserviceaccount.com>
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Nate Chapin <japhet@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1135299}
This CL starts saving BackForwardCacheBlockingDetails (vector of mojom that has JS locations) in RenderFrameHostImpl and DedicatedWorkerHost, and use this mojom to determine which features are used.
We are not using the JavaScript blocking details yet in this CL.
Bug: 1366675
Change-Id: Ie81227b823040b6d8c415df908f6a946c29eb7de
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4322987
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Fergal Daly <fergal@chromium.org>
Commit-Queue: Yuzu Saijo <yuzus@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1122878}
They were being taken as const pointers. This was due to overly strict
adherence to a line from the Google C++ style guide:
Generally, use std::optional to represent optional by-value inputs,
and use a const pointer when the non-optional form would have used
a reference.
While this may make sense in the general case of a function that takes
a value and uses it directly, without more context, it doesn't make
sense in the case of a constructor that stores the input as an
absl::optional, particularly when every since production caller of that
constructor already has the value in an optional. Having all of those
callers have to convert an optional to a pointer, only to have the
constructor covert it back into an optional adds a lot of unnecessary
complexity, and doesn't accomplish anything useful.
BUG: None
Change-Id: I1a51cfab8df385df6fff8ae7dc064e2438740315
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4326990
Commit-Queue: Matt Menke <mmenke@chromium.org>
Reviewed-by: danakj <danakj@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Ayu Ishii <ayui@chromium.org>
Reviewed-by: Brianna Goldstein <brgoldstein@google.com>
Cr-Commit-Position: refs/heads/main@{#1118897}
This CL changes the mojom function signature of DidChangeBackForwardCacheDisablingFeatures from using bitmask of features to using vectors of features + their JS locations.
Currently we are not using the JS information, but in a follow-up, we are going to save the information and start showing them on DevTools.
Features mask is no longer used, so will be removed in a separate follow-up.
Bug:1366675
Change-Id: I91b70719463e5080ac9498008aa784130d6103f6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4240523
Commit-Queue: Yuzu Saijo <yuzus@chromium.org>
Reviewed-by: Fergal Daly <fergal@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1114977}
There's a need to keep StorageKey and BlinkStorageKey partial sync, but
as each organically grew this has gotten lost. As we wrap up and launch
storage partitioning, we should leave this code in a good state.
This CL migrates production StorageKey creation to use the re-named
CreateWithNonce function. There's no reason for this to be test only as
it allows simplification of the construction path.
This CL is part of a series:
(1) Organize public functions and map work
(2) Rename CreateFirstParty constructors
(3) Rename CreateWithNonce constructors
(4) Rename Create constructors
(5) Remove old test constructors
(6) Define opaque origin behavior
Bug: 1410254
Change-Id: Ibf7a1d5c6c3477dd18b1221e767cb9d1971f8c0a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4252060
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Auto-Submit: Ari Chivukula <arichiv@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Owners-Override: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Ari Chivukula <arichiv@chromium.org>
Reviewed-by: Steven Bingler <bingler@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1105940}
FOR REVIEWERS - This is a large CL, sorry about that. Please review just
the files you're an owner for. In almost all cases, the changes should
be minimal and straightforward.
There's a need to keep StorageKey and BlinkStorageKey partial sync, but
as each organically grew this has gotten lost. As we wrap up and launch
storage partitioning, we should leave this code in a good state.
This CL swaps out the origin constructor for a new static function
called CreateFirstParty. The reason for this is to ensure callsites know
that they are explicitly creating a first-party only StorageKey and
might be missing context important to partition storage. Further, if in
the future we were to want to deprecate this construction method in
prod, we would need a static function we could re-name like this
and so migrating to this style of syntax will make that easier.
This CL is part of a series:
(1) Organize public functions and map work
(2) Rename CreateFirstParty constructors
(3) Rename CreateWithNonce constructors
(4) Rename Create constructors
(5) Remove old test constructors
(6) Define opaque origin behavior
Bug: 1410254
Change-Id: I0be1305f91a454484c68d0faf4015bad3afe05ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4251237
Owners-Override: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Steven Bingler <bingler@chromium.org>
Auto-Submit: Ari Chivukula <arichiv@chromium.org>
Commit-Queue: Ari Chivukula <arichiv@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1105850}
This CL changes how HTTPS-First Mode and HTTPS Upgrades trigger a
fallback navigation to HTTP. Before this change, the NavigationThrottle
would cancel the failed navigation and post an async task to start a
new navigation to the fallback URL. This generally worked, but had
(at least) three issues: (1) this could cause "double counting" of
navigations, (2) it's hard to create a new navigation out of an old one
without missing important parameters (and maintain that over time), and
(3) it's possible for race conditions to occur on the frame being
navigated.
To avoid these issues, this CL changes the fallback mechanism to
instead intercept the failing navigation via
NavigationLoaderInterceptor::MaybeCreateLoaderForResponse() to serve an
artificial redirect back to the fallback URL directly, as part of the
same overall navigation. This means no new navigation is created
(avoiding double counting), no state is lost on the navigation (it's
just like the site itself served a downgrade redirect), and there is
no period where one navigation is canceled and another is not yet
created in which races could occur.
As the HTTPS-First Mode/HTTPS Upgrades logic is currently implemented
in chrome/, this exposes the MaybeCreateLoaderForResponse() API on
URLLoaderRequestInterceptor and adds an implementation to
HttpsUpgradesInterceptor. As a result, a lot of the logic from
HttpsUpgradesNavigationThrottle moves into HttpsUpgradesInterceptor.
The SetNavigationTimeout() implementation also needs to be modified to
trigger NavigationURLLoaderImpl::OnComplete() rather than
NotifyRequestFailed(), as the latter skips directly to the failure
state and does not trigger the interceptor's
MaybeCreateLoaderForResponse().
There are still known issues with how the new fallback implementation
interacts with (1) redirect loops and (2) tracking fallback state
across navigations. The first can result in briefly seeing a network
error for TOO_MANY_REDIRECTS before the HTTPS-First Mode interstitial
is triggered. The second can result in an incorrect security state
being computed for a tab where a fallback to HTTP had previously
occurred. Fixes for these issues will be handled in followup CLs.
Bug: 1394910
Change-Id: Ib53c8f873a30e6b2ebb933ae527a5c7f5fcd9bcd
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4199590
Commit-Queue: Chris Thompson <cthomp@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1105469}
This change attempts to clarify the computation inside
`DerivePrivateNetworkRequestPolicy()` by introducing a new
`FeatureState` enum representing the state of feature flags for each
request context.
At the same time, this lays the foundation to more easily add new
request contexts: firstly iframes in crrev.com/c/3945088.
In doing so, it moves checks the `kPrivateNetworkAccessForWorkers`
feature flag into `DerivePrivateNetworkRequestPolicy()`.
Then, instead of passing `nullptr` `ClientSecurityState` parameters to
worker-related URL loader factories when the feature is disabled, it
passes a valid `ClientSecurityState` with its private network request
policy set to `kAllow`. This should not be web-observable.
This change does have a web-observable effect when PNA for workers is
disabled (which might happen again if we roll back warnings): we now
set the correct private network request policy for service worker
contexts. This correctly disables PNA preflights for fetches from
within service workers when PNA for workers is disabled.
Bug: chromium:1170335
Fixed: chromium:1410740, chromium:1374286
Change-Id: Ic81622a3891daa5bbba6f965be20e90c10cdb084
Fixed: chromium:1374286
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4173994
Reviewed-by: Jonathan Hao <phao@chromium.org>
Commit-Queue: Titouan Rigoudy <titouan@chromium.org>
Reviewed-by: Camille Lamy <clamy@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1100544}
