This page details the security aspects of the NavigationRequest class, including the application of various security policies and checks during the navigation process.
- Incorrect application of security policies, such as Content Security Policy (CSP), Cross-Origin Opener Policy (COOP), and Cross-Origin Embedder Policy (COEP).
- Failure to properly validate the origin and other security-related parameters during redirects and cross-origin navigations.
- Potential bypasses of security checks due to incorrect state management or handling of edge cases.
- Vulnerabilities related to the interaction between
NavigationRequestand other security mechanisms, such as sandboxing and process isolation.
The NavigationRequest class is responsible for enforcing various security policies and performing security checks during the navigation process. These include:
- Content Security Policy (CSP): The
CheckCSPDirectivesandCheckContentSecurityPolicymethods are used to enforce CSP, including theframe-srcandfenced-frame-srcdirectives. - Cross-Origin Opener Policy (COOP): The
ShouldRequestSiteIsolationForCOOPmethod determines if a site should be isolated due to COOP. Thecoop_statusmember variable tracks the COOP status for the navigation. - Cross-Origin Embedder Policy (COEP): The
ComputeCrossOriginEmbedderPolicyandCheckResponseAdherenceToCoepmethods are used to compute and enforce COEP. Thecoep_reporter_member variable is used to report COEP violations. - Origin-Agent-Cluster Header: The
AddOriginAgentClusterStateIfNecessaryandDetermineOriginAgentClusterEndResultmethods handle the Origin-Agent-Cluster header and its impact on site isolation. - Sandboxing: The
sandbox_flags_initiator_andsandbox_flags_inherited_member variables track the sandbox flags for the navigation. - Private Network Requests: The
private_network_request_policy_member variable tracks the private network request policy for the navigation. - Secure Contexts: The
NavigationRequestensures that navigations to secure contexts are handled correctly and that appropriate security checks are performed.
The NavigationRequest plays a crucial role in determining the origin and site isolation for a navigation. The following methods are particularly important:
GetOriginForURLLoaderFactoryBeforeResponse: Determines the origin for the navigation before the response is received.GetOriginForURLLoaderFactoryAfterResponse: Determines the origin for the navigation after the response is received.ComputeCrossOriginIsolationKey: Computes theCrossOriginIsolationKeyfor the navigation.GetSiteInfoForURL: Determines theSiteInfofor the navigation, which is used for process allocation decisions.
The NavigationRequest handles redirects and cross-origin navigations, ensuring that security policies are correctly applied and that sensitive information is not leaked across origins. The OnRequestRedirected method is called when a redirect occurs, and it updates the navigation state accordingly.
- The detailed logic of the various security checks performed by
NavigationRequest. - The interaction between
NavigationRequestand other security-related classes, such asChildProcessSecurityPolicyImplandContentSecurityPolicy. - The handling of edge cases and potential bypasses of security checks.
- The impact of incorrect origin handling on cross-origin communication and data access.
- The role of
NavigationRequestin preventing cross-site scripting (XSS) and other web security vulnerabilities.
content/browser/renderer_host/navigation_request.hcontent/browser/renderer_host/navigation_request.cccontent/browser/renderer_host/navigation_request_core.mdcontent/browser/renderer_host/navigation_request_lifecycle.mdcontent/browser/child_process_security_policy_impl.hcontent/browser/child_process_security_policy_impl.cc