Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
140073002:
<webview>: navigating to WebStore should fire a loadabort instead of crashing. (Closed)
|
Created:
6 years, 11 months ago by Fady Samuel Modified:
6 years, 10 months ago CC:
chromium-reviews, joi+watch-content_chromium.org, darin-cc_chromium.org, jam Base URL:
https://chromium.googlesource.com/chromium/src.git@master Visibility:
Public. |
Description<webview>: navigating to WebStore should fire a loadabort instead of crashing.
All top-level navigations now get plumbed through: BrowserPluginGuest::LoadURLWithParams.
URL validation now happens there. If a URL is determined to be inappropriate for a <webview>,
a loadabort event will fire instead of crashing the <webview> guest content.
BUG=334531
Test=WebViewTest.Shim_TestNavigateToWebStore
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=248828
Patch Set 1 #Patch Set 2 : Added test #
Total comments: 14
Patch Set 3 : Fixed NewWindow and External Protocol tests #Patch Set 4 : Added TODO #Patch Set 5 : Addressed comments #
Total comments: 4
Patch Set 6 : Fixed test race #
Total comments: 2
Patch Set 7 : Updated Comment + Merged with ToT #Patch Set 8 : Merge with ToT #Messages
Total messages: 53 (0 generated)
LGTM content/browser/browser_plugin/browser_plugin_guest.cc
I started looking at the test, and realized I am not really familiar with executeScript/postMessage all that much, and I don't have JS readability either. So I only looked for nits etc. instead, and punting off to lazyboy@ https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... File chrome/test/data/extensions/platform_apps/web_view/shim/inject_comm_channel.js (right): https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/inject_comm_channel.js:27: if (!embedder.processMessage(data)) { This will always be true? or does something override embedder.processMessage function above? .. I notice that it is overridden in a file. Perhaps leave a comment somewhere in this file that explains this? https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... File chrome/test/data/extensions/platform_apps/web_view/shim/main.js (right): https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1291: window.console.log('Navigation to \'' + e.url + '\' has been aborted.'); Considering the console logs show up in the test-run logs, do we really want these? https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1299: //embedder.test.succeed(); remove?
https://chromiumcodereview.appspot.com/140073002/diff/30001/chrome/test/data/... File chrome/test/data/extensions/platform_apps/web_view/shim/inject_webstore_nav_test.js (right): https://chromiumcodereview.appspot.com/140073002/diff/30001/chrome/test/data/... chrome/test/data/extensions/platform_apps/web_view/shim/inject_webstore_nav_test.js:7: case 'navigate': { nit: here and in other places, remove { .. } after case. https://chromiumcodereview.appspot.com/140073002/diff/30001/chrome/test/data/... File chrome/test/data/extensions/platform_apps/web_view/shim/main.js (right): https://chromiumcodereview.appspot.com/140073002/diff/30001/chrome/test/data/... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1315: var msg = ['navigate', CHROME_WEB_STORE]; The assumption here is that inject_webstore_nav_test.js is already loaded at this point, which is not guaranteed, right? At this point inject_comm_channel.js is only guaranteed to be loaded, wouldn't this be a race? https://chromiumcodereview.appspot.com/140073002/diff/30001/chrome/test/data/... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1331: console.log('Unexpected message: \'' + data[0] + '\''); nit: try being consistent within the file, console.log or window.console.log. https://chromiumcodereview.appspot.com/140073002/diff/30001/content/browser/b... File content/browser/browser_plugin/browser_plugin_guest.cc (right): https://chromiumcodereview.appspot.com/140073002/diff/30001/content/browser/b... content/browser/browser_plugin/browser_plugin_guest.cc:614: renderer_prefs->browser_handles_all_top_level_requests = true; I remember creis@ raising concerns doing this before, are those concerns not an issue anymore?
PTAL nasko. I have made some changes to fix tests. In particular, what are your thoughts about the RenderViewHostImpl::OnOpenURL change? https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... File chrome/test/data/extensions/platform_apps/web_view/shim/inject_comm_channel.js (right): https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/inject_comm_channel.js:27: if (!embedder.processMessage(data)) { On 2014/01/16 21:43:55, sadrul wrote: > This will always be true? or does something override embedder.processMessage > function above? > > .. I notice that it is overridden in a file. Perhaps leave a comment somewhere > in this file that explains this? Done. https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... File chrome/test/data/extensions/platform_apps/web_view/shim/inject_webstore_nav_test.js (right): https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/inject_webstore_nav_test.js:7: case 'navigate': { On 2014/01/16 22:31:24, lazyboy wrote: > nit: here and in other places, remove { .. } after case. Done. https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... File chrome/test/data/extensions/platform_apps/web_view/shim/main.js (right): https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1291: window.console.log('Navigation to \'' + e.url + '\' has been aborted.'); On 2014/01/16 21:43:55, sadrul wrote: > Considering the console logs show up in the test-run logs, do we really want > these? I feel they are useful. If a test hangs in the future, we'll know where it failed. This helps us isolate the problem. https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1299: //embedder.test.succeed(); On 2014/01/16 21:43:55, sadrul wrote: > remove? Done. https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1315: var msg = ['navigate', CHROME_WEB_STORE]; On 2014/01/16 22:31:24, lazyboy wrote: > The assumption here is that inject_webstore_nav_test.js is already loaded at > this point, which is not guaranteed, right? At this point inject_comm_channel.js > is only guaranteed to be loaded, wouldn't this be a race? Ohh, good catch! Fixed! https://codereview.chromium.org/140073002/diff/30001/chrome/test/data/extensi... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1331: console.log('Unexpected message: \'' + data[0] + '\''); On 2014/01/16 22:31:24, lazyboy wrote: > nit: try being consistent within the file, console.log or window.console.log. Done. https://codereview.chromium.org/140073002/diff/30001/content/browser/browser_... File content/browser/browser_plugin/browser_plugin_guest.cc (right): https://codereview.chromium.org/140073002/diff/30001/content/browser/browser_... content/browser/browser_plugin/browser_plugin_guest.cc:614: renderer_prefs->browser_handles_all_top_level_requests = true; On 2014/01/16 22:31:24, lazyboy wrote: > I remember creis@ raising concerns doing this before, are those concerns not an > issue anymore? Nasko? Thoughts? Charlie is on paternity leave.
On 2014/01/16 23:40:26, Fady Samuel wrote: > PTAL nasko. I have made some changes to fix tests. In particular, what are your > thoughts about the RenderViewHostImpl::OnOpenURL change? > > https://codereview.chromium.org/140073002/diff/30001/content/browser/browser_... > File content/browser/browser_plugin/browser_plugin_guest.cc (right): > > https://codereview.chromium.org/140073002/diff/30001/content/browser/browser_... > content/browser/browser_plugin/browser_plugin_guest.cc:614: > renderer_prefs->browser_handles_all_top_level_requests = true; > On 2014/01/16 22:31:24, lazyboy wrote: > > I remember creis@ raising concerns doing this before, are those concerns not > an > > issue anymore? > > Nasko? Thoughts? Charlie is on paternity leave. I'm not seeing why FilterURL will fail for the WebStore URL. It looks to me that the CanCommitURL check is the failing one. If this is correct, then the OnOpenURL check is not needed. As I mentioned in chat earlier, ideally we won't send all top level navigations to the browser process and will make the decision on which ones in the renderer process. The check we perform in ChromeContentBrowserClient::CanCommitURL can also be done in ChromeContentRendererClient::ShouldFork, which will accomplish sending only navigations to the web store URL to the browser process. Alternatively, you could try and find a way to abort the load inside the renderer process.
After offline discussion, this seems a reasonable solution for now. LGTM
Istiaque, could you please take another look at the tests? Thanks!
https://chromiumcodereview.appspot.com/140073002/diff/180001/chrome/test/data... File chrome/test/data/extensions/platform_apps/web_view/shim/main.js (right): https://chromiumcodereview.appspot.com/140073002/diff/180001/chrome/test/data... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1279: window.console.log( Here ^^^ https://chromiumcodereview.appspot.com/140073002/diff/180001/chrome/test/data... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1285: webview.contentWindow.postMessage(JSON.stringify(msg), '*'); I'd move this inside the executeScript results above ^^^
PTAL Istiaque https://chromiumcodereview.appspot.com/140073002/diff/180001/chrome/test/data... File chrome/test/data/extensions/platform_apps/web_view/shim/main.js (right): https://chromiumcodereview.appspot.com/140073002/diff/180001/chrome/test/data... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1279: window.console.log( On 2014/01/17 20:42:54, lazyboy wrote: > Here ^^^ Done. https://chromiumcodereview.appspot.com/140073002/diff/180001/chrome/test/data... chrome/test/data/extensions/platform_apps/web_view/shim/main.js:1285: webview.contentWindow.postMessage(JSON.stringify(msg), '*'); On 2014/01/17 20:42:54, lazyboy wrote: > I'd move this inside the executeScript results above ^^^ Done.
lgtm Thanks for making the changes.
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/320001
Retried try job too often on chromium_presubmit for step(s) presubmit http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=chromium_p...
+jam@: John, Charlie is OOO, could you please sign off on this as a content OWNER? Thanks!
lgtm https://codereview.chromium.org/140073002/diff/320001/content/browser/browser... File content/browser/browser_plugin/browser_plugin_guest.cc (right): https://codereview.chromium.org/140073002/diff/320001/content/browser/browser... content/browser/browser_plugin/browser_plugin_guest.cc:614: // navigations still continue to function inside the app. nit: does this need to be updated?
Addressed nits, CQ'ing now.. https://codereview.chromium.org/140073002/diff/320001/content/browser/browser... File content/browser/browser_plugin/browser_plugin_guest.cc (right): https://codereview.chromium.org/140073002/diff/320001/content/browser/browser... content/browser/browser_plugin/browser_plugin_guest.cc:614: // navigations still continue to function inside the app. On 2014/01/17 23:09:15, jam wrote: > nit: does this need to be updated? Updated comment.
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/460001
Retried try job too often on mac_rel for step(s) interactive_ui_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=mac_rel&nu...
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/460001
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/460001
Retried try job too often on win_rel for step(s) interactive_ui_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/460001
On 2014/01/20 21:48:28, I haz the power (commit-bot) wrote: > Retried try job too often on win_rel for step(s) interactive_ui_tests > http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu... I'm rechecking the CQ box on this CL. It had been unfairly stuck on a hanging compile step.
Retried try job too often on win_rel for step(s) interactive_ui_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/460001
On 2014/01/21 17:32:13, I haz the power (commit-bot) wrote: > CQ is trying da patch. Follow status at > https://chromium-status.appspot.com/cq/fsamuel%40chromium.org/140073002/460001 Is the assumption for re-running that the win_rel interactive_ui_tests failure is not related to this CL? From the results here, it appears to show up on each run on that bot with this patch.
On 2014/01/21 17:35:14, cmp wrote: > On 2014/01/21 17:32:13, I haz the power (commit-bot) wrote: > > CQ is trying da patch. Follow status at > > https://chromium-status.appspot.com/cq/fsamuel%2540chromium.org/140073002/460001 > > Is the assumption for re-running that the win_rel interactive_ui_tests failure > is not related to this CL? From the results here, it appears to show up on each > run on that bot with this patch. Yea, it appears you're right. I was hoping it was flake. I'll have to see what's going on on Windows. Mac is also failing but I'm unable to get a failure on my local run of WebViewInteractiveTest.NewWindow_WebRequestRemoveElement on my MacBook Pro...
Retried try job too often on win_rel for step(s) interactive_ui_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/460001
Retried try job too often on win_rel for step(s) browser_tests, interactive_ui_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
The CQ bit was checked by fsamuel@chromium.org
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/1000001
The CQ bit was unchecked by commit-bot@chromium.org
Retried try job too often on win_rel for step(s) browser_tests, nacl_integration, sync_integration_tests, telemetry_perf_unittests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
The CQ bit was checked by fsamuel@chromium.org
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/1000001
The CQ bit was unchecked by commit-bot@chromium.org
Retried try job too often on win for step(s) compile http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win&number...
The CQ bit was checked by fsamuel@chromium.org
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/1000001
The CQ bit was unchecked by commit-bot@chromium.org
Retried try job too often on win_rel for step(s) browser_tests, sync_integration_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
The CQ bit was checked by fsamuel@chromium.org
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/1000001
The CQ bit was unchecked by commit-bot@chromium.org
Retried try job too often on win_rel for step(s) browser_tests, sync_integration_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
The CQ bit was checked by fsamuel@chromium.org
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/1000001
Retried try job too often on win_rel for step(s) browser_tests, sync_integration_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=win_rel&nu...
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/1000001
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/fsamuel@chromium.org/140073002/1000001
Message was sent while issue was closed.
Change committed as 248828 |
