fix: add source browsing context to Request and HTTP credentials prompt (#34808)

* fix: add source browsing ctx id to request when initiate navigation

Signed-off-by: Jason Tsai <git@pews.dev>

* chore: clippy

Signed-off-by: Jason Tsai <git@pews.dev>

* Update components/net/http_loader.rs

Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Jason Tsai <git@pews.dev>

* chore: apply suggestions

Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Jason Tsai <git@pews.dev>

* chore: fix naming

Signed-off-by: Jason Tsai <git@pews.dev>

* refactor: set request browsing ctx id on pre page load

Signed-off-by: Jason Tsai <git@pews.dev>

---------

Signed-off-by: Jason Tsai <git@pews.dev>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
This commit is contained in:
Jason Tsai 2025-01-03 14:35:16 +08:00 committed by GitHub
parent b87a0db497
commit 8b115c246c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 28 additions and 7 deletions

View file

@ -10,7 +10,7 @@ use std::time::{Duration, SystemTime, UNIX_EPOCH};
use async_recursion::async_recursion;
use base::cross_process_instant::CrossProcessInstant;
use base::id::{HistoryStateId, PipelineId};
use base::id::{HistoryStateId, PipelineId, TopLevelBrowsingContextId};
use crossbeam_channel::Sender;
use devtools_traits::{
ChromeToDevtoolsControlMsg, DevtoolsControlMsg, HttpRequest as DevtoolsHttpRequest,
@ -1571,8 +1571,10 @@ async fn http_network_or_cache_fetch(
// Step 14.3 If requests use-URL-credentials flag is unset or isAuthenticationFetch is true, then:
if !http_request.use_url_credentials || authentication_fetch_flag {
let Some(credentials) = prompt_user_for_credentials(&context.state.embedder_proxy)
else {
let Some(credentials) = prompt_user_for_credentials(
&context.state.embedder_proxy,
http_request.target_browsing_context_id,
) else {
return response;
};
let Some(username) = credentials.username else {
@ -1625,7 +1627,10 @@ async fn http_network_or_cache_fetch(
// Step 15.4 Prompt the end user as appropriate in requests window
// window and store the result as a proxy-authentication entry.
let Some(credentials) = prompt_user_for_credentials(&context.state.embedder_proxy) else {
let Some(credentials) = prompt_user_for_credentials(
&context.state.embedder_proxy,
http_request.target_browsing_context_id,
) else {
return response;
};
let Some(user_name) = credentials.username else {
@ -1762,13 +1767,14 @@ impl Drop for ResponseEndTimer {
fn prompt_user_for_credentials(
embedder_proxy: &Mutex<EmbedderProxy>,
top_level_browsing_context_id: Option<TopLevelBrowsingContextId>,
) -> Option<PromptCredentialsInput> {
let proxy = embedder_proxy.lock().unwrap();
let (ipc_sender, ipc_receiver) = ipc::channel().unwrap();
proxy.send((
None,
top_level_browsing_context_id,
EmbedderMsg::Prompt(
PromptDefinition::Credentials(ipc_sender),
PromptOrigin::Trusted,

View file

@ -123,6 +123,7 @@ fn request_init_from_request(request: NetTraitsRequest) -> RequestBuilder {
referrer: request.referrer.clone(),
referrer_policy: request.referrer_policy,
pipeline_id: request.pipeline_id,
target_browsing_context_id: request.target_browsing_context_id,
redirect_mode: request.redirect_mode,
integrity_metadata: request.integrity_metadata.clone(),
url_list: vec![],

View file

@ -3505,6 +3505,7 @@ impl ScriptThread {
/// argument until a notification is received that the fetch is complete.
fn pre_page_load(&self, mut incomplete: InProgressLoad, load_data: LoadData) {
let id = incomplete.pipeline_id;
let top_level_browsing_context_id = incomplete.top_level_browsing_context_id;
let req_init = RequestBuilder::new(load_data.url.clone(), load_data.referrer)
.method(load_data.method)
.destination(Destination::Document)
@ -3512,6 +3513,7 @@ impl ScriptThread {
.credentials_mode(CredentialsMode::Include)
.use_url_credentials(true)
.pipeline_id(Some(id))
.target_browsing_context_id(Some(top_level_browsing_context_id))
.referrer_policy(load_data.referrer_policy)
.headers(load_data.headers)
.body(load_data.data)

View file

@ -5,7 +5,7 @@
use std::sync::atomic::{AtomicUsize, Ordering};
use std::sync::{Arc, Mutex};
use base::id::PipelineId;
use base::id::{PipelineId, TopLevelBrowsingContextId};
use content_security_policy::{self as csp};
use http::header::{HeaderName, AUTHORIZATION};
use http::{HeaderMap, Method};
@ -267,6 +267,7 @@ pub struct RequestBuilder {
pub referrer: Referrer,
pub referrer_policy: ReferrerPolicy,
pub pipeline_id: Option<PipelineId>,
pub target_browsing_context_id: Option<TopLevelBrowsingContextId>,
pub redirect_mode: RedirectMode,
pub integrity_metadata: String,
// to keep track of redirects
@ -301,6 +302,7 @@ impl RequestBuilder {
referrer,
referrer_policy: ReferrerPolicy::EmptyString,
pipeline_id: None,
target_browsing_context_id: None,
redirect_mode: RedirectMode::Follow,
integrity_metadata: "".to_owned(),
url_list: vec![],
@ -382,6 +384,14 @@ impl RequestBuilder {
self
}
pub fn target_browsing_context_id(
mut self,
target_browsing_context_id: Option<TopLevelBrowsingContextId>,
) -> RequestBuilder {
self.target_browsing_context_id = target_browsing_context_id;
self
}
pub fn redirect_mode(mut self, redirect_mode: RedirectMode) -> RequestBuilder {
self.redirect_mode = redirect_mode;
self
@ -452,6 +462,7 @@ impl RequestBuilder {
request.response_tainting = self.response_tainting;
request.crash = self.crash;
request.policy_container = self.policy_container;
request.target_browsing_context_id = self.target_browsing_context_id;
request
}
}
@ -479,7 +490,7 @@ pub struct Request {
pub body: Option<RequestBody>,
// TODO: client object
pub window: Window,
// TODO: target browsing context
pub target_browsing_context_id: Option<TopLevelBrowsingContextId>,
/// <https://fetch.spec.whatwg.org/#request-keepalive-flag>
pub keep_alive: bool,
/// <https://fetch.spec.whatwg.org/#request-service-workers-mode>
@ -555,6 +566,7 @@ impl Request {
referrer,
referrer_policy: ReferrerPolicy::EmptyString,
pipeline_id,
target_browsing_context_id: None,
synchronous: false,
mode: RequestMode::NoCors,
use_cors_preflight: false,