From 9c38743a3aa5388579628317a61f812cb11ab477 Mon Sep 17 00:00:00 2001 From: Mehmet Fidanboylu Date: Fri, 10 Apr 2020 22:27:18 -0700 Subject: [PATCH 1/4] Add support for setting allow http flag in Dart VM --- common/settings.h | 4 ++++ lib/io/dart_io.cc | 14 ++++++++++---- lib/io/dart_io.h | 2 +- runtime/dart_isolate.cc | 5 +++-- runtime/dart_isolate.h | 1 + shell/common/switches.cc | 3 +++ shell/common/switches.h | 6 ++++++ 7 files changed, 28 insertions(+), 7 deletions(-) diff --git a/common/settings.h b/common/settings.h index c0914ae9970a7..45f851d3543a8 100644 --- a/common/settings.h +++ b/common/settings.h @@ -99,6 +99,10 @@ struct Settings { bool endless_trace_buffer = false; bool enable_dart_profiling = false; bool disable_dart_asserts = false; + + // Used to signal the embedder whether HTTP connections are disabled. + bool disable_http = false; + // Used as the script URI in debug messages. Does not affect how the Dart code // is executed. std::string advisory_script_uri = "main.dart"; diff --git a/lib/io/dart_io.cc b/lib/io/dart_io.cc index 70dd8d1f1c630..83b3ee5dc90d7 100644 --- a/lib/io/dart_io.cc +++ b/lib/io/dart_io.cc @@ -12,13 +12,19 @@ using tonic::ToDart; namespace flutter { -void DartIO::InitForIsolate() { +void DartIO::InitForIsolate(bool disable_http) { Dart_Handle result = Dart_SetNativeResolver( Dart_LookupLibrary(ToDart("dart:io")), dart::bin::LookupIONative, dart::bin::LookupIONativeSymbol); - if (Dart_IsError(result)) { - Dart_PropagateError(result); - } + FML_CHECK(!tonic::LogIfError(result)); + + // The SDK expects this field to represent "allow http" so we switch the + // value. + Dart_Handle allow_http_value = disable_http ? Dart_False() : Dart_True(); + Dart_Handle set_field_result = + Dart_SetField(Dart_LookupLibrary(ToDart("dart:_http")), + ToDart("_embedderAllowsHttp"), allow_http_value); + FML_CHECK(!tonic::LogIfError(set_field_result)); } } // namespace flutter diff --git a/lib/io/dart_io.h b/lib/io/dart_io.h index 10fe07b514744..27ce7aa65baeb 100644 --- a/lib/io/dart_io.h +++ b/lib/io/dart_io.h @@ -13,7 +13,7 @@ namespace flutter { class DartIO { public: - static void InitForIsolate(); + static void InitForIsolate(bool disable_http); private: FML_DISALLOW_IMPLICIT_CONSTRUCTORS(DartIO); diff --git a/runtime/dart_isolate.cc b/runtime/dart_isolate.cc index c8d7940c7baed..3e78de7473e38 100644 --- a/runtime/dart_isolate.cc +++ b/runtime/dart_isolate.cc @@ -137,7 +137,8 @@ DartIsolate::DartIsolate(const Settings& settings, settings.log_tag, settings.unhandled_exception_callback, DartVMRef::GetIsolateNameServer()), - is_root_isolate_(is_root_isolate) { + is_root_isolate_(is_root_isolate), + disable_http_(settings.disable_http) { phase_ = Phase::Uninitialized; } @@ -261,7 +262,7 @@ bool DartIsolate::LoadLibraries() { tonic::DartState::Scope scope(this); - DartIO::InitForIsolate(); + DartIO::InitForIsolate(disable_http_); DartUI::InitForIsolate(IsRootIsolate()); diff --git a/runtime/dart_isolate.h b/runtime/dart_isolate.h index 22f6ea5b98bd0..4a045d38d422c 100644 --- a/runtime/dart_isolate.h +++ b/runtime/dart_isolate.h @@ -402,6 +402,7 @@ class DartIsolate : public UIDartState { std::vector> shutdown_callbacks_; fml::RefPtr message_handling_task_runner_; const bool is_root_isolate_; + const bool disable_http_; DartIsolate(const Settings& settings, TaskRunners task_runners, diff --git a/shell/common/switches.cc b/shell/common/switches.cc index 885763a107557..0f0c7fc145a78 100644 --- a/shell/common/switches.cc +++ b/shell/common/switches.cc @@ -237,6 +237,9 @@ Settings SettingsFromCommandLine(const fml::CommandLine& command_line) { } } + settings.disable_http = + command_line.HasOption(FlagForSwitch(Switch::DisableHttp)); + // Disable need for authentication codes for VM service communication, if // specified. settings.disable_service_auth_codes = diff --git a/shell/common/switches.h b/shell/common/switches.h index abf1b3ae2997a..f261a76e141e1 100644 --- a/shell/common/switches.h +++ b/shell/common/switches.h @@ -174,6 +174,12 @@ DEF_SWITCH(DisableDartAsserts, "disabled. This flag may be specified if the user wishes to run " "with assertions disabled in the debug product mode (i.e. with JIT " "or DBC).") +DEF_SWITCH(DisableHttp, + "disable-http", + "Dart VM has a master switch that can be set to disable insecure " + "HTTP and WebSocket protocols. Localhost or loopback addresses are " + "exempted. This flag can be specified if the embedder wants this " + "for a particular platform.") DEF_SWITCH( ForceMultithreading, "force-multithreading", From 2ce103fa5b5087d168bab30b63b86150c0b4c9cc Mon Sep 17 00:00:00 2001 From: Mehmet Fidanboylu Date: Fri, 10 Apr 2020 22:40:57 -0700 Subject: [PATCH 2/4] Fix imports --- lib/io/dart_io.cc | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/io/dart_io.cc b/lib/io/dart_io.cc index 83b3ee5dc90d7..c24029b04b872 100644 --- a/lib/io/dart_io.cc +++ b/lib/io/dart_io.cc @@ -4,11 +4,15 @@ #include "flutter/lib/io/dart_io.h" +#include "flutter/fml/logging.h" + #include "third_party/dart/runtime/include/bin/dart_io_api.h" #include "third_party/dart/runtime/include/dart_api.h" #include "third_party/tonic/converter/dart_converter.h" +#include "third_party/tonic/logging/dart_error.h" using tonic::ToDart; +using tonic::LogIfError; namespace flutter { @@ -16,7 +20,7 @@ void DartIO::InitForIsolate(bool disable_http) { Dart_Handle result = Dart_SetNativeResolver( Dart_LookupLibrary(ToDart("dart:io")), dart::bin::LookupIONative, dart::bin::LookupIONativeSymbol); - FML_CHECK(!tonic::LogIfError(result)); + FML_CHECK(!LogIfError(result)); // The SDK expects this field to represent "allow http" so we switch the // value. @@ -24,7 +28,7 @@ void DartIO::InitForIsolate(bool disable_http) { Dart_Handle set_field_result = Dart_SetField(Dart_LookupLibrary(ToDart("dart:_http")), ToDart("_embedderAllowsHttp"), allow_http_value); - FML_CHECK(!tonic::LogIfError(set_field_result)); + FML_CHECK(!LogIfError(set_field_result)); } } // namespace flutter From f2a0f47835aa42eed6b3c7d3d1f370d46d455d3a Mon Sep 17 00:00:00 2001 From: Mehmet Fidanboylu Date: Fri, 10 Apr 2020 22:58:18 -0700 Subject: [PATCH 3/4] Fix build deps too --- lib/io/BUILD.gn | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/io/BUILD.gn b/lib/io/BUILD.gn index 27cdc99eaa429..529872c30d23c 100644 --- a/lib/io/BUILD.gn +++ b/lib/io/BUILD.gn @@ -9,6 +9,7 @@ source_set("io") { ] deps = [ + "//flutter/fml", "//flutter/third_party/tonic", "//third_party/dart/runtime:dart_api", "//third_party/dart/runtime/bin:dart_io_api", From aed53b266ea0096b7f52a7e4da9b15137c7c74b1 Mon Sep 17 00:00:00 2001 From: Mehmet Fidanboylu Date: Sat, 11 Apr 2020 09:21:42 -0700 Subject: [PATCH 4/4] Make formatter happy --- lib/io/dart_io.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/io/dart_io.cc b/lib/io/dart_io.cc index c24029b04b872..6e5e538d74da0 100644 --- a/lib/io/dart_io.cc +++ b/lib/io/dart_io.cc @@ -11,8 +11,8 @@ #include "third_party/tonic/converter/dart_converter.h" #include "third_party/tonic/logging/dart_error.h" -using tonic::ToDart; using tonic::LogIfError; +using tonic::ToDart; namespace flutter {