Navigation API: fix traversal + sandboxing interactions
Previous behavior: navigation API's traversal methods can ignore
sandboxing flags in some situations, because we didn't pass them
through in NavigateToNavigationApiKey.
Current behavior with this CL: navigation API's traversal methods
now return never-settled promises when sandboxing prevents the
navigation.
Desired behavior: navigation API's traversal methods return promises
rejected with a "SecurityError" DOMException when sandboxing prevents
the navigation.
Fixed: 1234117
Bug: 1311786
Change-Id: Ib9a10113a11a419569534f07a1a56434d528da54
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3561323
Reviewed-by: Domenic Denicola <[email protected]>
Reviewed-by: Charlie Reis <[email protected]>
Commit-Queue: Nate Chapin <[email protected]>
Cr-Commit-Position: refs/heads/main@{#987711}
diff --git a/content/browser/renderer_host/navigation_controller_impl.cc b/content/browser/renderer_host/navigation_controller_impl.cc
index 1f037cd..56f33c3 100644
--- a/content/browser/renderer_host/navigation_controller_impl.cc
+++ b/content/browser/renderer_host/navigation_controller_impl.cc
@@ -4467,6 +4467,7 @@
void NavigationControllerImpl::NavigateToNavigationApiKey(
FrameTreeNode* node,
+ int sandboxed_source_frame_tree_node_id,
const std::string& key) {
FrameNavigationEntry* current_entry =
GetLastCommittedEntry()->GetFrameEntry(node);
@@ -4482,7 +4483,7 @@
if (result == HistoryNavigationAction::kStopLooking)
break;
if (result != HistoryNavigationAction::kKeepLooking) {
- GoToIndex(i, FrameTreeNode::kFrameTreeNodeInvalidId,
+ GoToIndex(i, sandboxed_source_frame_tree_node_id,
false /* is_browser_initiated*/);
return;
}
@@ -4493,7 +4494,7 @@
if (result == HistoryNavigationAction::kStopLooking)
break;
if (result != HistoryNavigationAction::kKeepLooking) {
- GoToIndex(i, FrameTreeNode::kFrameTreeNodeInvalidId,
+ GoToIndex(i, sandboxed_source_frame_tree_node_id,
false /* is_browser_initiated*/);
return;
}
