01 跨域访问的一种另类解决方案
chromium浏览器的安全性越来越高,跨域访问也越来越复杂。如果是自己的浏览器,就可以做一些简单的域名白名单来支持跨越访问。下面介绍一种不考虑效率,用白名单方式支持跨域访问的方式。
适用版本 89.0.4389.70
02 需要修改内容
假设需要为 testdomain.com
域名访问的 request header
增加 cookie
。可以尝试修改以下两个文件。
src\net\url_request\url_request.cc
void URLRequest::set_allow_credentials(bool allow_credentials) {
// 增加内容 begin
if (this->url().DomainIs("testdomain.com")) {
//allow_credentials = true;
load_flags_ &= ~LOAD_DO_NOT_SAVE_COOKIES;
return;
}
// 增加内容 end
allow_credentials_ = allow_credentials;
if (allow_credentials) {
load_flags_ &= ~LOAD_DO_NOT_SAVE_COOKIES;
} else {
load_flags_ |= LOAD_DO_NOT_SAVE_COOKIES;
}
}
src\net\url_request\url_request_http_job.cc
void URLRequestHttpJob::SetCookieHeaderAndStart(
const CookieOptions& options,
const CookieAccessResultList& cookies_with_access_result_list,
const CookieAccessResultList& excluded_list) {
DCHECK(request_->maybe_sent_cookies().empty());
bool can_get_cookies =
(request_info_.privacy_mode == PRIVACY_MODE_DISABLED && CanGetCookies());
// 增加内容 begin
std::string kgcookie = "";
if (request_->url().DomainIs("testdomain.com")) {
std::string cookie_line1 = CanonicalCookie::BuildCookieLine(cookies_with_access_result_list);
std::string cookie_line2 = CanonicalCookie::BuildCookieLine(excluded_list);
if (cookie_line1.size() > 0 && cookie_line2.size() > 0) {
kgcookie = cookie_line1 + "; " + cookie_line2;
}
else if (cookie_line1.size() > 0) {
kgcookie = cookie_line1;
}
else if (cookie_line2.size() > 0) {
kgcookie = cookie_line2;
}
}
// 增加内容 end
if (!cookies_with_access_result_list.empty() && can_get_cookies) {
std::string cookie_line =
CanonicalCookie::BuildCookieLine(cookies_with_access_result_list);
UMA_HISTOGRAM_COUNTS_10000("Cookie.HeaderLength", cookie_line.length());
request_info_.extra_headers.SetHeader(HttpRequestHeaders::kCookie,
cookie_line);
// TODO(crbug.com/1031664): Reduce the number of times the cookie list is
// iterated over. Get metrics for every cookie which is included.
for (const auto& c : cookies_with_access_result_list) {
bool request_is_secure = request_->url().SchemeIsCryptographic();
net::CookieSourceScheme cookie_scheme = c.cookie.SourceScheme();
CookieRequestScheme cookie_request_schemes;
switch (cookie_scheme) {
case net::CookieSourceScheme::kSecure:
cookie_request_schemes =
request_is_secure
? CookieRequestScheme::kSecureSetSecureRequest
: CookieRequestScheme::kSecureSetNonsecureRequest;
break;
case net::CookieSourceScheme::kNonSecure:
cookie_request_schemes =
request_is_secure
? CookieRequestScheme::kNonsecureSetSecureRequest
: CookieRequestScheme::kNonsecureSetNonsecureRequest;
break;
case net::CookieSourceScheme::kUnset:
cookie_request_schemes = CookieRequestScheme::kUnsetCookieScheme;
break;
}
UMA_HISTOGRAM_ENUMERATION("Cookie.CookieSchemeRequestScheme",
cookie_request_schemes);
}
}
// Report status for things in |excluded_list| and
// |cookies_with_access_result_list|
// after the delegate got a chance to block them.
CookieAccessResultList maybe_sent_cookies = excluded_list;
if (!can_get_cookies) {
for (CookieAccessResultList::iterator it = maybe_sent_cookies.begin();
it != maybe_sent_cookies.end(); ++it) {
it->access_result.status.AddExclusionReason(
CookieInclusionStatus::EXCLUDE_USER_PREFERENCES);
}
}
for (const auto& cookie_with_access_result :
cookies_with_access_result_list) {
CookieAccessResult access_result = cookie_with_access_result.access_result;
if (!can_get_cookies) {
access_result.status.AddExclusionReason(
CookieInclusionStatus::EXCLUDE_USER_PREFERENCES);
}
maybe_sent_cookies.push_back(
{cookie_with_access_result.cookie, access_result});
}
if (request_->net_log().IsCapturing()) {
for (const auto& cookie_with_access_result : maybe_sent_cookies) {
request_->net_log().AddEvent(
NetLogEventType::COOKIE_INCLUSION_STATUS,
[&](NetLogCaptureMode capture_mode) {
return CookieInclusionStatusNetLogParams(
"send", cookie_with_access_result.cookie.Name(),
cookie_with_access_result.cookie.Domain(),
cookie_with_access_result.cookie.Path(),
cookie_with_access_result.access_result.status, capture_mode);
});
}
}
request_->set_maybe_sent_cookies(std::move(maybe_sent_cookies));
// 增加内容 begin
if (request_->url().DomainIs("testdomain.com")) {
std::string out;
request_info_.extra_headers.GetHeader(HttpRequestHeaders::kCookie, &out);
if (kgcookie.length() > 0 && out.length() == 0) {
request_info_.extra_headers.SetHeader(HttpRequestHeaders::kCookie, kgcookie);
//request_info_.extra_headers.SetHeader("Set-Cookie", kgcookie);
}
}
// 增加内容 end
StartTransaction();
}