mirror of
https://github.com/klzgrad/naiveproxy.git
synced 2024-11-28 00:06:09 +03:00
net, grpc_support: Set NetworkIsolationKey from header
If BidirectionalStream request contains a -network-isolation-key header, it is used to set the network isolation key of the stream. The header itself is removed and not transmitted. The header value should be a valid URL with different host and port for each different network isolation key. Invalid header value is reported by returning error from bidirectional_stream_start. Network isolation takes effect only if it is enabled by experimental option of "feature_list": { "enable-features": "PartitionConnectionsByNetworkIsolationKey" }
This commit is contained in:
parent
1ed8af10e2
commit
ce15c3dddc
@ -21,6 +21,7 @@
|
|||||||
#include "net/base/io_buffer.h"
|
#include "net/base/io_buffer.h"
|
||||||
#include "net/base/net_errors.h"
|
#include "net/base/net_errors.h"
|
||||||
#include "net/base/request_priority.h"
|
#include "net/base/request_priority.h"
|
||||||
|
#include "net/base/schemeful_site.h"
|
||||||
#include "net/http/bidirectional_stream.h"
|
#include "net/http/bidirectional_stream.h"
|
||||||
#include "net/http/bidirectional_stream_request_info.h"
|
#include "net/http/bidirectional_stream_request_info.h"
|
||||||
#include "net/http/http_network_session.h"
|
#include "net/http/http_network_session.h"
|
||||||
@ -96,8 +97,20 @@ int BidirectionalStream::Start(const char* url,
|
|||||||
request_info->priority = static_cast<net::RequestPriority>(priority);
|
request_info->priority = static_cast<net::RequestPriority>(priority);
|
||||||
// Http method is a token, just as header name.
|
// Http method is a token, just as header name.
|
||||||
request_info->method = method;
|
request_info->method = method;
|
||||||
if (!net::HttpUtil::IsValidHeaderName(request_info->method))
|
if (!net::HttpUtil::IsValidHeaderName(request_info->method)) {
|
||||||
|
LOG(ERROR) << "Invalid method " << request_info->method;
|
||||||
return -1;
|
return -1;
|
||||||
|
}
|
||||||
|
std::string network_isolation_key_header;
|
||||||
|
if (headers.GetHeader("-network-isolation-key",
|
||||||
|
&network_isolation_key_header)) {
|
||||||
|
net::SchemefulSite site(GURL{network_isolation_key_header});
|
||||||
|
if (site.opaque()) {
|
||||||
|
LOG(ERROR) << "Invalid -network-isolation-key "
|
||||||
|
<< network_isolation_key_header;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
request_info->extra_headers.CopyFrom(headers);
|
request_info->extra_headers.CopyFrom(headers);
|
||||||
request_info->end_stream_on_headers = end_of_stream;
|
request_info->end_stream_on_headers = end_of_stream;
|
||||||
write_end_of_stream_ = end_of_stream;
|
write_end_of_stream_ = end_of_stream;
|
||||||
|
@ -205,6 +205,14 @@ void BidirectionalStream::StartRequest(const SSLConfig& ssl_config) {
|
|||||||
HttpRequestInfo http_request_info;
|
HttpRequestInfo http_request_info;
|
||||||
http_request_info.url = request_info_->url;
|
http_request_info.url = request_info_->url;
|
||||||
http_request_info.method = request_info_->method;
|
http_request_info.method = request_info_->method;
|
||||||
|
std::string network_isolation_key_header;
|
||||||
|
if (request_info_->extra_headers.GetHeader("-network-isolation-key",
|
||||||
|
&network_isolation_key_header)) {
|
||||||
|
request_info_->extra_headers.RemoveHeader("-network-isolation-key");
|
||||||
|
net::SchemefulSite site(GURL{network_isolation_key_header});
|
||||||
|
CHECK(!site.opaque());
|
||||||
|
http_request_info.network_isolation_key = NetworkIsolationKey(site, site);
|
||||||
|
}
|
||||||
http_request_info.extra_headers = request_info_->extra_headers;
|
http_request_info.extra_headers = request_info_->extra_headers;
|
||||||
http_request_info.socket_tag = request_info_->socket_tag;
|
http_request_info.socket_tag = request_info_->socket_tag;
|
||||||
stream_request_ =
|
stream_request_ =
|
||||||
|
Loading…
Reference in New Issue
Block a user