|
|
@@ -0,0 +1,31 @@
|
|
|
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
+From: Chris Bookholt <[email protected]>
|
|
|
+Date: Tue, 11 Jan 2022 00:33:53 +0000
|
|
|
+Subject: ServiceWorkerContainerHost::EnsureFileAccess: abort request
|
|
|
+ processing if the requesting process lacks file access
|
|
|
+
|
|
|
+Bug: 1282354
|
|
|
+Change-Id: Ia37ef5b97eedb0d2ad25ffe2869844a40e5be862
|
|
|
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3379268
|
|
|
+Reviewed-by: Hiroki Nakagawa <[email protected]>
|
|
|
+Commit-Queue: Chris Bookholt <[email protected]>
|
|
|
+Cr-Commit-Position: refs/heads/main@{#957344}
|
|
|
+
|
|
|
+diff --git a/content/browser/service_worker/service_worker_container_host.cc b/content/browser/service_worker/service_worker_container_host.cc
|
|
|
+index 5aca9f432a9efdb9739363e80b52233339529a1c..8b15f204e457904423da33b01bead1b03b59597a 100644
|
|
|
+--- a/content/browser/service_worker/service_worker_container_host.cc
|
|
|
++++ b/content/browser/service_worker/service_worker_container_host.cc
|
|
|
+@@ -375,10 +375,12 @@ void ServiceWorkerContainerHost::EnsureFileAccess(
|
|
|
+ ChildProcessSecurityPolicyImpl* policy =
|
|
|
+ ChildProcessSecurityPolicyImpl::GetInstance();
|
|
|
+ for (const auto& file : file_paths) {
|
|
|
+- if (!policy->CanReadFile(process_id_, file))
|
|
|
++ if (!policy->CanReadFile(process_id_, file)) {
|
|
|
+ mojo::ReportBadMessage(
|
|
|
+ "The renderer doesn't have access to the file "
|
|
|
+ "but it tried to grant access to the controller.");
|
|
|
++ return;
|
|
|
++ }
|
|
|
+
|
|
|
+ if (!policy->CanReadFile(controller_process_id, file))
|
|
|
+ policy->GrantReadFile(controller_process_id, file);
|
Cheng Zhao