|
@@ -4,15 +4,15 @@ Subject: Block gateway attacks via websockets
|
|
|
|
|
|
---
|
|
|
.../renderer/core/loader/base_fetch_context.h | 1 +
|
|
|
- .../core/loader/frame_fetch_context.cc | 18 +++++++++++++
|
|
|
+ .../core/loader/frame_fetch_context.cc | 20 ++++++++++++++
|
|
|
.../core/loader/frame_fetch_context.h | 1 +
|
|
|
- .../core/loader/worker_fetch_context.cc | 19 +++++++++++++
|
|
|
+ .../core/loader/worker_fetch_context.cc | 21 +++++++++++++++
|
|
|
.../core/loader/worker_fetch_context.h | 1 +
|
|
|
.../background_fetch_manager.cc | 2 --
|
|
|
.../websockets/websocket_channel_impl.cc | 5 ++++
|
|
|
.../modules/websockets/websocket_common.cc | 27 +++++++++++++++++++
|
|
|
.../modules/websockets/websocket_common.h | 4 +++
|
|
|
- 9 files changed, 76 insertions(+), 2 deletions(-)
|
|
|
+ 9 files changed, 80 insertions(+), 2 deletions(-)
|
|
|
|
|
|
diff --git a/third_party/blink/renderer/core/loader/base_fetch_context.h b/third_party/blink/renderer/core/loader/base_fetch_context.h
|
|
|
--- a/third_party/blink/renderer/core/loader/base_fetch_context.h
|
|
@@ -28,7 +28,7 @@ diff --git a/third_party/blink/renderer/core/loader/base_fetch_context.h b/third
|
|
|
diff --git a/third_party/blink/renderer/core/loader/frame_fetch_context.cc b/third_party/blink/renderer/core/loader/frame_fetch_context.cc
|
|
|
--- a/third_party/blink/renderer/core/loader/frame_fetch_context.cc
|
|
|
+++ b/third_party/blink/renderer/core/loader/frame_fetch_context.cc
|
|
|
-@@ -566,6 +566,24 @@ bool FrameFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
|
|
|
+@@ -566,6 +566,26 @@ bool FrameFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
|
|
|
return should_block_request;
|
|
|
}
|
|
|
|
|
@@ -36,6 +36,8 @@ diff --git a/third_party/blink/renderer/core/loader/frame_fetch_context.cc b/thi
|
|
|
+ // TODO(mkwst): This only checks explicit IP addresses. We'll have to move
|
|
|
+ // all this up to //net and //content in order to have any real impact on
|
|
|
+ // gateway attacks. That turns out to be a TON of work (crbug.com/378566).
|
|
|
++ if (requestor_space == network::mojom::IPAddressSpace::kUnknown)
|
|
|
++ requestor_space = network::mojom::IPAddressSpace::kPublic;
|
|
|
+ network::mojom::IPAddressSpace target_space =
|
|
|
+ network::mojom::IPAddressSpace::kPublic;
|
|
|
+ if (network_utils::IsReservedIPAddress(request_url.Host()))
|
|
@@ -75,7 +77,7 @@ diff --git a/third_party/blink/renderer/core/loader/worker_fetch_context.cc b/th
|
|
|
#include "third_party/blink/renderer/platform/runtime_enabled_features.h"
|
|
|
#include "third_party/blink/renderer/platform/supplementable.h"
|
|
|
#include "third_party/blink/renderer/platform/weborigin/security_policy.h"
|
|
|
-@@ -90,6 +91,24 @@ bool WorkerFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
|
|
|
+@@ -90,6 +91,26 @@ bool WorkerFetchContext::ShouldBlockRequestByInspector(const KURL& url) const {
|
|
|
return should_block_request;
|
|
|
}
|
|
|
|
|
@@ -83,6 +85,8 @@ diff --git a/third_party/blink/renderer/core/loader/worker_fetch_context.cc b/th
|
|
|
+ // TODO(mkwst): This only checks explicit IP addresses. We'll have to move
|
|
|
+ // all this up to //net and //content in order to have any real impact on
|
|
|
+ // gateway attacks. That turns out to be a TON of work (crbug.com/378566).
|
|
|
++ if (requestor_space == network::mojom::IPAddressSpace::kUnknown)
|
|
|
++ requestor_space = network::mojom::IPAddressSpace::kPublic;
|
|
|
+ network::mojom::IPAddressSpace target_space =
|
|
|
+ network::mojom::IPAddressSpace::kPublic;
|
|
|
+ if (network_utils::IsReservedIPAddress(request_url.Host()))
|