// Copyright 2023 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "content/browser/interest_group/ad_auction_headers_util.h" #include <cstddef> #include <functional> #include <map> #include <string> #include <vector> #include "base/base64url.h" #include "base/feature_list.h" #include "base/memory/scoped_refptr.h" #include "base/metrics/histogram_functions.h" #include "base/strings/string_split.h" #include "content/browser/interest_group/ad_auction_page_data.h" #include "content/browser/interest_group/interest_group_features.h" #include "content/browser/renderer_host/frame_tree.h" #include "content/browser/renderer_host/frame_tree_node.h" #include "content/browser/renderer_host/render_frame_host_impl.h" #include "content/public/browser/page.h" #include "content/public/browser/page_user_data.h" #include "content/public/browser/render_frame_host.h" #include "net/http/http_response_headers.h" #include "services/network/public/cpp/is_potentially_trustworthy.h" #include "services/network/public/cpp/resource_request.h" #include "third_party/blink/public/common/features.h" #include "third_party/blink/public/common/permissions_policy/permissions_policy.h" #include "third_party/blink/public/mojom/permissions_policy/permissions_policy_feature.mojom-shared.h" #include "url/origin.h" namespace content { const char kAdAuctionRequestHeaderKey[] = …; const char kAdAuctionResultResponseHeaderKey[] = …; const char kAdAuctionSignalsResponseHeaderKey[] = …; const char kAdAuctionAdditionalBidResponseHeaderKey[] = …; namespace { // Common conditions checked for eligibility in both //`IsAdAuctionHeadersEligible` and `IsAdAuctionHeadersEligibleForNavigation`. bool IsAdAuctionHeadersEligibleInternal(Page& page, RenderFrameHost* render_frame_host, const url::Origin& top_frame_origin, const url::Origin& request_origin) { … } } // namespace bool IsAdAuctionHeadersEligible( RenderFrameHostImpl& initiator_rfh, const network::ResourceRequest& resource_request) { … } bool IsAdAuctionHeadersEligibleForNavigation( const FrameTreeNode& frame, const url::Origin& navigation_request_origin) { … } // Please note: before modifying this function, please acknowledge this is // processing untrusted content from a non sandboxed process. So please keep // this function simple and avoid adding custom logic. // // Fuzzer: ad_auction_headers_util_fuzzer std::vector<std::string> ParseAdAuctionResultResponseHeader( const std::string& ad_auction_results) { … } // Please note: before modifying this function, please acknowledge this is // processing untrusted content from a non sandboxed process. So please keep // this function simple and avoid adding custom logic. // // Fuzzer: ad_auction_headers_util_fuzzer void ParseAdAuctionAdditionalBidResponseHeader( const std::string& header_line, std::map<std::string, std::vector<std::string>>& nonce_additional_bids_map) { … } // NOTE: This function processes untrusted content, in an unsafe language, from // an unsandboxed process. As such, minimize the amount of parsing done in this // function, and instead separate it into distinct functions that are covered // by fuzz tests. void ProcessAdAuctionResponseHeaders( const url::Origin& request_origin, Page& page, scoped_refptr<net::HttpResponseHeaders> headers) { … } void RemoveAdAuctionResponseHeaders( scoped_refptr<net::HttpResponseHeaders> headers) { … } } // namespace content
Codebase Browser
chromium