fix Block gateway attacks via websockets

build/patches/Block-gateway-attacks-via-websockets.patch

@@ -4,15 +4,15 @@ Subject: Block gateway attacks via websockets
 
 ---
  .../renderer/core/loader/base_fetch_context.h |  1 +
- .../core/loader/frame_fetch_context.cc        | 20 ++++++++++++++
+ .../core/loader/frame_fetch_context.cc        | 20 +++++++++++++
  .../core/loader/frame_fetch_context.h         |  1 +
- .../core/loader/worker_fetch_context.cc       | 21 +++++++++++++++
+ .../core/loader/worker_fetch_context.cc       | 21 ++++++++++++++
  .../core/loader/worker_fetch_context.h        |  1 +
- .../background_fetch_manager.cc               |  2 --
+ .../background_fetch_manager.cc               |  4 +--
  .../websockets/websocket_channel_impl.cc      |  5 ++++
- .../modules/websockets/websocket_common.cc    | 27 +++++++++++++++++++
+ .../modules/websockets/websocket_common.cc    | 29 +++++++++++++++++++
  .../modules/websockets/websocket_common.h     |  4 +++
- 9 files changed, 80 insertions(+), 2 deletions(-)
+ 9 files changed, 84 insertions(+), 2 deletions(-)
 
 diff --git a/third_party/blink/renderer/core/loader/base_fetch_context.h b/third_party/blink/renderer/core/loader/base_fetch_context.h
 --- a/third_party/blink/renderer/core/loader/base_fetch_context.h
@@ -118,15 +118,19 @@ diff --git a/third_party/blink/renderer/core/loader/worker_fetch_context.h b/thi
 diff --git a/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc b/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc
 --- a/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc
 +++ b/third_party/blink/renderer/modules/background_fetch/background_fetch_manager.cc
-@@ -104,7 +104,6 @@ bool ShouldBlockDanglingMarkup(const KURL& request_url) {
+@@ -104,9 +104,10 @@ bool ShouldBlockDanglingMarkup(const KURL& request_url) {
  
  bool ShouldBlockGateWayAttacks(ExecutionContext* execution_context,
                                 const KURL& request_url) {
 -  if (RuntimeEnabledFeatures::CorsRFC1918Enabled()) {
      network::mojom::IPAddressSpace requestor_space =
          execution_context->AddressSpace();
++    if (requestor_space == network::mojom::IPAddressSpace::kUnknown)
++      requestor_space = network::mojom::IPAddressSpace::kPublic;
  
-@@ -121,7 +120,6 @@ bool ShouldBlockGateWayAttacks(ExecutionContext* execution_context,
+     // TODO(mkwst): This only checks explicit IP addresses. We'll have to move
+     // all this up to //net and //content in order to have any real impact on
+@@ -121,7 +122,6 @@ bool ShouldBlockGateWayAttacks(ExecutionContext* execution_context,
      bool is_external_request = requestor_space > target_space;
      if (is_external_request)
        return true;
@@ -152,7 +156,7 @@ diff --git a/third_party/blink/renderer/modules/websockets/websocket_channel_imp
 diff --git a/third_party/blink/renderer/modules/websockets/websocket_common.cc b/third_party/blink/renderer/modules/websockets/websocket_common.cc
 --- a/third_party/blink/renderer/modules/websockets/websocket_common.cc
 +++ b/third_party/blink/renderer/modules/websockets/websocket_common.cc
-@@ -124,9 +124,36 @@ WebSocketCommon::ConnectResult WebSocketCommon::Connect(
+@@ -124,9 +124,38 @@ WebSocketCommon::ConnectResult WebSocketCommon::Connect(
      return ConnectResult::kException;
    }
  
@@ -172,6 +176,8 @@ diff --git a/third_party/blink/renderer/modules/websockets/websocket_common.cc b
 +  // TODO(mkwst): This only checks explicit IP addresses. We'll have to move
 +  // all this up to //net and //content in order to have any real impact on
 +  // gateway attacks. That turns out to be a TON of work (crbug.com/378566).
++  if (requestor_space == network::mojom::IPAddressSpace::kUnknown)
++    requestor_space = network::mojom::IPAddressSpace::kPublic;
 +  network::mojom::IPAddressSpace target_space =
 +      network::mojom::IPAddressSpace::kPublic;
 +  if (network_utils::IsReservedIPAddress(request_url.Host()))