-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fenced frames: Disallow URLs with potentially dangling markup
There is an old Fetch Standard PR up for review that blocks resource requests whose URL contains potentially dangling markup [1]. This is for security purposes, see [2] and [3]. While non-standard yet, Chromium has shipped this behavior, and we intend to do the same for fenced frames. This CL implements potentially dangling markup restrictions on all embedder-provided URLs for fenced frame navigations. When a URL with dangling markup is passed to SharedStorage's `selectURL()` method, it is parsed and partially sanitized, therefore the resulting urn:uuid can be successfully navigated to. When crbug.com/1318970 is fixed, SharedStorage will reject these URLs as inputs. [1]: whatwg/fetch#519 [2]: https://bugs.chromium.org/p/chromium/issues/detail?id=1039885 [3]: https://bugs.chromium.org/p/chromium/issues/detail?id=1301333 Bug: 1301333, 1318970 Change-Id: I1ada9de23b05795499408988529fa3a49486aea3 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3702854 Reviewed-by: Garrett Tanzer <[email protected]> Reviewed-by: Alex Moshchuk <[email protected]> Commit-Queue: Dominic Farolino <[email protected]> Cr-Commit-Position: refs/heads/main@{#1014928} NOKEYCHECK=True GitOrigin-RevId: fe04c0639254e5d021da539d321f2e3a64a0085c
- Loading branch information
1 parent
35e0a76
commit 1d2d666
Showing
6 changed files
with
138 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
42 changes: 42 additions & 0 deletions
42
...l/fenced-frame-mparch/wpt_internal/fenced_frame/disallowed-navigations.https-expected.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
This is a testharness.js-based test. | ||
PASS iframe data: URL | ||
PASS iframe blob: URL | ||
PASS iframe javascript: URL | ||
PASS fenced frame mode=opaque-ads data: URL | ||
PASS fenced frame mode=opaque-ads blob: URL | ||
PASS fenced frame mode=opaque-ads javascript: URL | ||
PASS fenced frame mode=opaque-ads http: URL | ||
PASS fenced frame mode=opaque-ads dangling-markup URL with 'blo | ||
ck<ed' | ||
PASS fenced frame mode=opaque-ads dangling-markup URL with 'blo\rck<ed' | ||
PASS fenced frame mode=opaque-ads dangling-markup URL with 'blo ck<ed' | ||
PASS fenced frame mode=opaque-ads dangling-markup URL with 'blo<ck | ||
ed' | ||
PASS fenced frame mode=opaque-ads dangling-markup URL with 'blo<ck\red' | ||
PASS fenced frame mode=opaque-ads dangling-markup URL with 'blo<ck ed' | ||
PASS fenced frame mode=default data: URL | ||
PASS fenced frame mode=default blob: URL | ||
PASS fenced frame mode=default javascript: URL | ||
PASS fenced frame mode=default http: URL | ||
PASS fenced frame mode=default dangling-markup URL with 'blo | ||
ck<ed' | ||
PASS fenced frame mode=default dangling-markup URL with 'blo\rck<ed' | ||
PASS fenced frame mode=default dangling-markup URL with 'blo ck<ed' | ||
PASS fenced frame mode=default dangling-markup URL with 'blo<ck | ||
ed' | ||
PASS fenced frame mode=default dangling-markup URL with 'blo<ck\red' | ||
PASS fenced frame mode=default dangling-markup URL with 'blo<ck ed' | ||
PASS fenced frame opaque URN => data: URL | ||
PASS fenced frame opaque URN => blob: URL | ||
PASS fenced frame opaque URN => javascript: URL | ||
PASS fenced frame opaque URN => http: URL | ||
FAIL fenced frame opaque URN => https: URL with dangling markup 'blo | ||
ck<ed' assert_equals: expected "NOT LOADED" but got "https://web-platform.test:8444/wpt_internal/fenced_frame/resources/report-url.html?blo<cked=" | ||
FAIL fenced frame opaque URN => https: URL with dangling markup 'blo\rck<ed' assert_equals: expected "NOT LOADED" but got "https://web-platform.test:8444/wpt_internal/fenced_frame/resources/report-url.html?blo<cked=" | ||
FAIL fenced frame opaque URN => https: URL with dangling markup 'blo ck<ed' assert_equals: expected "NOT LOADED" but got "https://web-platform.test:8444/wpt_internal/fenced_frame/resources/report-url.html?blo<cked=" | ||
FAIL fenced frame opaque URN => https: URL with dangling markup 'blo<ck | ||
ed' assert_equals: expected "NOT LOADED" but got "https://web-platform.test:8444/wpt_internal/fenced_frame/resources/report-url.html?blo<cked=" | ||
FAIL fenced frame opaque URN => https: URL with dangling markup 'blo<ck\red' assert_equals: expected "NOT LOADED" but got "https://web-platform.test:8444/wpt_internal/fenced_frame/resources/report-url.html?blo<cked=" | ||
FAIL fenced frame opaque URN => https: URL with dangling markup 'blo<ck ed' assert_equals: expected "NOT LOADED" but got "https://web-platform.test:8444/wpt_internal/fenced_frame/resources/report-url.html?blo<cked=" | ||
Harness: the test ran to completion. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 7 additions & 0 deletions
7
blink/web_tests/wpt_internal/fenced_frame/resources/report-url.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
<!DOCTYPE html> | ||
<script src="utils.js"></script> | ||
<title>A page embedded as a fenced frame that reports the document URL</title> | ||
<script> | ||
const [uuid] = parseKeylist(); | ||
writeValueToServer(uuid, location.href); | ||
</script> |
1 change: 1 addition & 0 deletions
1
blink/web_tests/wpt_internal/fenced_frame/resources/report-url.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Supports-Loading-Mode: fenced-frame |