From b1144896d87acb846bf2c7cfdfadaee9d9a57431 Mon Sep 17 00:00:00 2001 From: Mark Pilgrim Date: Fri, 7 Oct 2022 14:00:38 -0400 Subject: [PATCH] Change debounce behavior to never debounce to same eTLD+1 --- browser/debounce/debounce_browsertest.cc | 5 +++-- components/debounce/browser/debounce_rule.cc | 10 +++++++++- components/debounce/browser/debounce_rule.h | 1 + 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/browser/debounce/debounce_browsertest.cc b/browser/debounce/debounce_browsertest.cc index ba168a6d575b..d0d43cb88321 100644 --- a/browser/debounce/debounce_browsertest.cc +++ b/browser/debounce/debounce_browsertest.cc @@ -230,7 +230,8 @@ IN_PROC_BROWSER_TEST_F(DebounceBrowserTest, QuadRedirect) { } // Test a redirect chain that bounces from a tracker to a final URL in the -// tracker's domain. +// tracker's domain. This should NOT be debounced, because the tracker and +// the final URL share an eTLD+1. IN_PROC_BROWSER_TEST_F(DebounceBrowserTest, SameSiteTracker) { ASSERT_TRUE(InstallMockExtension()); GURL final_url = embedded_test_server()->GetURL("z.com", "/"); @@ -238,7 +239,7 @@ IN_PROC_BROWSER_TEST_F(DebounceBrowserTest, SameSiteTracker) { embedded_test_server()->GetURL("tracker.z.com", "/"), final_url); GURL start_url = add_redirect_param( embedded_test_server()->GetURL("origin.h.com", "/"), intermediate_url); - NavigateToURLAndWaitForRedirects(start_url, final_url); + NavigateToURLAndWaitForRedirects(start_url, intermediate_url); } // Test a long redirect chain that bounces through the original URL's domain, diff --git a/components/debounce/browser/debounce_rule.cc b/components/debounce/browser/debounce_rule.cc index e57d3e1fd0ca..4177c4ff31d8 100644 --- a/components/debounce/browser/debounce_rule.cc +++ b/components/debounce/browser/debounce_rule.cc @@ -119,6 +119,14 @@ const std::string DebounceRule::GetETLDForDebounce(const std::string& host) { EXCLUDE_PRIVATE_REGISTRIES); } +// static +bool DebounceRule::IsSameETLDForDebounce(const GURL& url1, const GURL& url2) { + return net::registry_controlled_domains::SameDomainOrHost( + url1, url2, + net::registry_controlled_domains::PrivateRegistryFilter:: + EXCLUDE_PRIVATE_REGISTRIES); +} + // static base::expected>, base::flat_set>, @@ -308,7 +316,7 @@ bool DebounceRule::Apply(const GURL& original_url, return false; // Failsafe: never redirect to the same site. - if (url::IsSameOriginWith(original_url, new_url)) + if (IsSameETLDForDebounce(original_url, new_url)) return false; *final_url = new_url; diff --git a/components/debounce/browser/debounce_rule.h b/components/debounce/browser/debounce_rule.h index 41d68ceac1d3..b9ea6a9c7474 100644 --- a/components/debounce/browser/debounce_rule.h +++ b/components/debounce/browser/debounce_rule.h @@ -54,6 +54,7 @@ class DebounceRule { std::string> ParseRules(const std::string& contents); static const std::string GetETLDForDebounce(const std::string& host); + static bool IsSameETLDForDebounce(const GURL& url1, const GURL& url2); static bool GetURLPatternSetFromValue(const base::Value* value, extensions::URLPatternSet* result);