Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spec descendant frames' ongoing navigations block disableUntrustedNetwork promise from being resolved #210

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Spec descendant frames' ongoing navigations block disableUntrustedNetwork promise from being resolved #210

wants to merge 8 commits into from

Conversation

xiaochen-z
Copy link
Collaborator

@xiaochen-z xiaochen-z commented Feb 10, 2025
edited by pr-preview bot
Loading

fix: #205

This PR only implements the change in algorithm "recalculate the untrusted network status of all fenced frame descendants".

The part that this algorithm should be called whenever a navigation commits will be done in a follow-up PR. I'm still investigating how to spec this. See previous comment on this.

Preview | Diff

@xiaochen-z xiaochen-z added the specification Additions to specifications label Feb 10, 2025
@xiaochen-z xiaochen-z changed the title Spec descendant frame' ongoing navigations block disableUntrustedNetwork promise from being resolved Spec descendant frames' ongoing navigations block disableUntrustedNetwork promise from being resolved Feb 10, 2025
@xiaochen-z xiaochen-z requested a review from blu25 February 10, 2025 20:04
blu25
blu25 reviewed Feb 12, 2025
View reviewed changes
spec.bs Outdated Show resolved Hide resolved
spec.bs Outdated Show resolved Hide resolved
blu25
blu25 approved these changes Feb 13, 2025
View reviewed changes
Copy link
Collaborator

@blu25 blu25 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@xiaochen-z
Copy link
Collaborator Author

+@domfarolino for review, thank you.

domfarolino
domfarolino reviewed Feb 15, 2025
View reviewed changes
Copy link
Collaborator

@domfarolino domfarolino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pretty much lgtm. This covers traversals as well btw, which I think is the goal too? Does that match the implementation? And are there WPTs?

spec.bs
@@ -2099,7 +2110,8 @@ Several APIs specific to fenced frames are defined on the {{Fence}} interface.

1. [=map/Clear=] |config|'s [=fenced frame config instance/on network disabled promises=].

1. Otherwise:
1. If |networkCutoffReady| is false or |ongoingNavigation| is not null:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
1. If |networkCutoffReady| is false or |ongoingNavigation| is not null:
1. If |ongoingNavigation| is not null:

Isn't this the same, since at this point we already know that |networkCuttoffReady| is false?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The above if branch does not early return. Also the line Otherwise: is removed. So at this point |networkCuttoffReady| can be true or false here.

Even if we add the early return above, the condition |networkCutoffReady| is false is still needed. As the suggested edit, IIUC when |networkCutoffReady| is false but |ongoingNavigation| is null, the branch will not be entered, however it should.

@xiaochen-z
Copy link
Collaborator Author

Thanks!

This covers traversals as well btw, which I think is the goal too? Does that match the implementation?

From what I read from the spec, when ongoing navigation is "traversal", it means the navigable is traversing its history. For example, FF going back to a previously navigated URL. The FF may end up with a different page and having its untrusted network status reset to enabled.

This is the race condition that the PR targets: When a parent frame tries to disable untrusted networks, it checks the child frame and finds it has untrusted network disabled. Without checking descendant frames' ongoing navigations, the parent frame goes ahead marking its untrusted network also disabled. But if the child frame has an ongoing navigation, including the history traversal, it resets the child frame's untrusted network to enabled as the frame navigates to a different page.

The implementation checks this via FrameTreeNode::HasNavigation(), which is set during normal navigation as well as history traversal. So the spec matches the implementation.

And are there WPTs?

No. I'm adding WPTs for this. Tracking in bug: crbug/397377177.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@domfarolino domfarolino domfarolino left review comments

@blu25 blu25 blu25 approved these changes

Assignees
No one assigned
Labels
specification Additions to specifications
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Spec] Promise returned by disableUntrustedNetwork call is not resolved with ongoing navigation
3 participants
@xiaochen-z @blu25 @domfarolino