Issue 1368863002: Set SSL info when an HTTP auth dialog is triggered by direct navigation.

Issue 1368863002: Set SSL info when an HTTP auth dialog is triggered by direct navigation. (Closed)

Created:
5 years, 3 months ago by palmer

Modified:
3 years, 10 months ago

Reviewers:
Charlie Reis, meacer, nasko

CC:
achuith+watch_chromium.org, chromium-reviews, darin-cc_chromium.org, dzhioev+watch_chromium.org, jam

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Set SSL info when an HTTP auth dialog is triggered by direct navigation. This patch correctly sets the SSL information of a navigation entry when an HTTP auth dialog is triggered. It only sets the information if the navigation is initiated by the user (i.e. through the omnibox). It does not set SSL information if the navigation ending up with the HTTP auth dialog was triggered by a page redirect, as there is no SiteInstance to get the SSL information from in that case. BUG=395050

Patch Set 1 #

Total comments: 1

Patch Set 2 : Finish integrating with the new SSLStatus interfaces; rebase. #

Patch Set 3 : Respond to creis' comments on the other CL. #

Total comments: 8

Patch Set 4 : Respond to meacer's comments, and fix nullptr deref in SSLManager::UpdateEntry. #

Patch Set 5 : Fill in the rest of entry->GetSSL(). #

Total comments: 3

Created: 5 years, 2 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+365 lines, -32 lines)			Patch
M	chrome/browser/ui/login/login_interstitial_delegate.h	View		3 chunks	+5 lines, -0 lines	0 comments	Download
M	chrome/browser/ui/login/login_interstitial_delegate.cc	View		3 chunks	+17 lines, -1 line	1 comment	Download
M	chrome/browser/ui/login/login_prompt.h	View		1 chunk	+1 line, -1 line	0 comments	Download
M	chrome/browser/ui/login/login_prompt.cc	View	1 2	2 chunks	+20 lines, -2 lines	1 comment	Download
M	chrome/browser/ui/login/login_prompt_browsertest.cc	View		7 chunks	+191 lines, -3 lines	0 comments	Download
M	chrome/test/data/login/cross_origin.html	View		1 chunk	+1 line, -1 line	0 comments	Download
M	content/browser/loader/resource_loader.h	View		1 chunk	+0 lines, -8 lines	0 comments	Download
M	content/browser/loader/resource_loader.cc	View	1 2 3	9 chunks	+58 lines, -10 lines	0 comments	Download
M	content/browser/ssl/ssl_manager.h	View	1 2	3 chunks	+18 lines, -0 lines	0 comments	Download
M	content/browser/ssl/ssl_manager.cc	View	1 2 3 4	3 chunks	+54 lines, -6 lines	1 comment	Download

Messages

Total messages: 11 (1 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

palmer

This is a rebased and hacked-to-build work in progress forked from meacer's CL https://codereview.chromium.org/403933002/. PTAL ...

5 years, 3 months ago (2015-09-25 01:33:26 UTC) #2

meacer

https://codereview.chromium.org/1368863002/diff/1/chrome/browser/ui/login/login_prompt.cc File chrome/browser/ui/login/login_prompt.cc (right): https://codereview.chromium.org/1368863002/diff/1/chrome/browser/ui/login/login_prompt.cc#newcode590 chrome/browser/ui/login/login_prompt.cc:590: const content::SSLStatus& ssl_status = pending_entry->GetSSL(); Charlie and I had ...

5 years, 2 months ago (2015-09-25 18:15:46 UTC) #3

palmer

creis, meacer: I've added some TODO(palmer, creis, meacer) comments in 2 places. I could use ...

5 years, 2 months ago (2015-09-29 00:07:41 UTC) #4

meacer

https://codereview.chromium.org/1368863002/diff/40001/content/browser/loader/resource_loader.cc File content/browser/loader/resource_loader.cc (right): https://codereview.chromium.org/1368863002/diff/40001/content/browser/loader/resource_loader.cc#newcode135 content/browser/loader/resource_loader.cc:135: &signed_certificate_timestamp_ids); Lines 132-135 aren't needed anymore now that this ...

5 years, 2 months ago (2015-09-29 00:17:02 UTC) #5

palmer

https://codereview.chromium.org/1368863002/diff/40001/content/browser/loader/resource_loader.cc File content/browser/loader/resource_loader.cc (right): https://codereview.chromium.org/1368863002/diff/40001/content/browser/loader/resource_loader.cc#newcode135 content/browser/loader/resource_loader.cc:135: &signed_certificate_timestamp_ids); On 2015/09/29 00:17:02, Mustafa Emre Acer wrote: > ...

5 years, 2 months ago (2015-09-29 00:46:36 UTC) #6

meacer

https://codereview.chromium.org/1368863002/diff/40001/content/browser/ssl/ssl_manager.cc File content/browser/ssl/ssl_manager.cc (right): https://codereview.chromium.org/1368863002/diff/40001/content/browser/ssl/ssl_manager.cc#newcode165 content/browser/ssl/ssl_manager.cc:165: ssl_status.signed_certificate_timestamp_ids; On 2015/09/29 00:46:36, palmer wrote: > How shall ...

5 years, 2 months ago (2015-09-29 00:48:51 UTC) #7

palmer

5 years, 2 months ago (2015-09-29 00:56:46 UTC) #8

Charlie Reis

On 2015/09/29 00:07:41, palmer wrote: > creis, meacer: I've added some TODO(palmer, creis, meacer) comments ...

5 years, 2 months ago (2015-09-29 17:00:39 UTC) #9

Charlie Reis

Unfortunately, I have a lot of the same concerns, and I don't know of a ...

5 years, 2 months ago (2015-09-29 22:52:11 UTC) #10

Unfortunately, I have a lot of the same concerns, and I don't know of a good way
to resolve them the way the code currently works.

The problem is that we're trying to correlate an event in the network stack (on
the IO thread) with a particular NavigationEntry in the navigation stack (on the
UI thread).  There's no breadcrumb that ties these together (and unfortunately
there hasn't been since Chrome launched), and races exist that can cause the
current request to not match the current pending entry.

The same problem has come up in other scenarios as well, such as
DidFailProvisionalLoadWithError.  That causes https://crbug.com/513742 (see
comments 5-8).  There may be a way forward mentioned in that discussion, and I'm
interested in it, but it's a nontrivial change.

https://codereview.chromium.org/1368863002/diff/80001/chrome/browser/ui/login...
File chrome/browser/ui/login/login_interstitial_delegate.cc (right):

https://codereview.chromium.org/1368863002/diff/80001/chrome/browser/ui/login...
chrome/browser/ui/login/login_interstitial_delegate.cc:55: void
LoginInterstitialDelegate::OverrideEntry(content::NavigationEntry* entry) {
I don't see a caller of this, and it looks like a dangerous method if used
incorrectly.  (It could easily lead to spoof attacks if the wrong entry is
passed in.)  Can we remove it?  If not, can we add some way to verify whether
the entry is the intended one, such as at least comparing against the
request_url?

https://codereview.chromium.org/1368863002/diff/80001/chrome/browser/ui/login...
File chrome/browser/ui/login/login_prompt.cc (right):

https://codereview.chromium.org/1368863002/diff/80001/chrome/browser/ui/login...
chrome/browser/ui/login/login_prompt.cc:593: // gone by now, which might have
been why we couldn't use it.)
Following the trail in codesearch, it looks like LoginDialogCallback is a task
posted to the UI thread via a long chain starting in
ResourceLoader::OnAuthRequired.

That means it's definitely possible for the pending entry to have been discarded
or even replaced for a different navigation by the time we get here.  As a
result, I don't think it's safe to use GetPendingEntry below, at least in the
general case.  

(Some examples that come to mind: the user has just clicked Stop, or the
renderer process initiates a new same-process main frame navigation, or the
renderer process initiates a cross-process subframe navigation.)

Suppose we found a way to check whether the pending entry still matched this
particular request (though I'm not sure yet if that's possible).  How should the
code below behave if there is no pending entry or if it doesn't match?

https://codereview.chromium.org/1368863002/diff/80001/content/browser/ssl/ssl...
File content/browser/ssl/ssl_manager.cc (right):

https://codereview.chromium.org/1368863002/diff/80001/content/browser/ssl/ssl...
content/browser/ssl/ssl_manager.cc:110: // one in the meantime.) Ensure this is
safe.
Same concerns.  I don't know how to make this safe.

palmer

3 years, 10 months ago (2017-02-09 22:43:07 UTC) #11

I'm going to close this since the diff probably doesn't apply at all now, and I
don't know how to proceed on it. Also I'm swamped with other stuff at the
moment. Feel free to pick it up...

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages