Skip to content

fix: constrain AllowUniversalAccessFromFileURLs to file: origins in agent cluster key assignment#50789

Merged
jkleinsc merged 3 commits into
mainfrom
clavin/fix-coi-agent-cluster-key
Apr 30, 2026
Merged

fix: constrain AllowUniversalAccessFromFileURLs to file: origins in agent cluster key assignment#50789
jkleinsc merged 3 commits into
mainfrom
clavin/fix-coi-agent-cluster-key

Conversation

@clavin
Copy link
Copy Markdown
Member

@clavin clavin commented Apr 7, 2026
edited
Loading

Description of Change

tl;dr: Adds a patch that fixes window.crossOriginIsolated for non-file: origins. I intend to upstream it.

HasPotentialUniversalAccessPrivilege() was treating the AllowUniversalAccessFromFileURLs setting as unconditional, returning true for all origins regardless of scheme. This caused non-file origins (http://, https://, and custom schemes) to lose their browser-provided AgentClusterKey when the setting was enabled, overriding it with a universal file agent key and routing them to universal_access_agent_ which carries no key.

Electron enables AllowUniversalAccessFromFileURLs in all renderers via the grant_file_protocol_extra_privileges fuse (on by default). After CL 7079680 moved cross-origin isolation status to the renderer's per-context agent cluster key, this caused self.crossOriginIsolated to return false even with COOP + COEP headers correctly set on non-file origins.

The fix splits the single has_potential_universal_access_privilege boolean in WindowAgentFactory::GetAgentForAgentClusterKey() into two separate parameters:

  • web_security_disabled: applies to all origins when web security is off (--disable-web-security, --run-web-tests).
  • allow_universal_access_from_file_urls: only takes effect for file: scheme origins (those with IsUniversalFileAgent() agent cluster keys), preserving their existing routing to universal_access_agent_.

This aligns the agent assignment logic with the origin privilege granting code in the same file (DocumentLoader::CalculateOrigin), which already correctly gates AllowUniversalAccessFromFileURLs behind origin->IsLocal().

This patch should be upstreamed, with updates to surrounding doc comments + tests.

Fixes #50242

Credit to @deepak1556 for identifying the regression source and suggesting the split approach in #50242

Verification

Tested with the gist repro from the issue. Also verified programmatically (red/green testing): a recent v43 nightly reports crossOriginIsolated: false, the patched build reports true.

Checklist

Release Notes

Notes: Fixed cross-origin isolation failing for non-file origins.

@clavin clavin added semver/patch backwards-compatible bug fixes target/41-x-y PR should also be added to the "41-x-y" branch. target/42-x-y PR should also be added to the "42-x-y" branch. labels Apr 7, 2026
@electron-cation electron-cation Bot added new-pr 🌱 PR opened recently and removed new-pr 🌱 PR opened recently labels Apr 7, 2026
@clavin clavin force-pushed the clavin/fix-coi-agent-cluster-key branch 2 times, most recently from c44f2d2 to 2f71022 Compare April 13, 2026 04:34
@clavin clavin marked this pull request as ready for review April 13, 2026 19:49
@clavin clavin requested a review from a team as a code owner April 13, 2026 19:49
@electron-cation electron-cation Bot added the new-pr 🌱 PR opened recently label Apr 13, 2026
deepak1556
deepak1556 approved these changes Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@deepak1556 deepak1556 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@deepak1556
Copy link
Copy Markdown
Member

deepak1556 commented Apr 13, 2026

Possible to add a regression test on our end based on the gist from the issue ?

@electron-cation electron-cation Bot removed the new-pr 🌱 PR opened recently label Apr 14, 2026
codebytere
codebytere reviewed Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@codebytere codebytere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@clavin could you also link the CL so we know what upstream thinks before we merge this?

jkleinsc
jkleinsc previously requested changes Apr 16, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@jkleinsc jkleinsc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

requesting changes until a test is added and an upstream CL is linked.

@clavin
Copy link
Copy Markdown
Member Author

clavin commented Apr 22, 2026

crbug filed: https://crbug.com/505299810

CL soon

@clavin
Copy link
Copy Markdown
Member Author

clavin commented Apr 27, 2026

CL: https://chromium-review.googlesource.com/c/chromium/src/+/7795303

next up: rebasing on main to resolve the merge conflict, linking to the CL in the patch description

@clavin clavin force-pushed the clavin/fix-coi-agent-cluster-key branch 2 times, most recently from b4cfe20 to d970d5b Compare April 28, 2026 19:52
@clavin clavin requested a review from jkleinsc April 29, 2026 14:46
@clavin
Copy link
Copy Markdown
Member Author

clavin commented Apr 29, 2026
edited
Loading

mergers: ready to land! edit: test added too!

clavin and others added 3 commits April 29, 2026 18:41
@clavin @claude
fix: constrain AllowUniversalAccessFromFileURLs to file: origins in a…
f235e4e 
…gent cluster key assignment

Fixes #50242

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@clavin
sync patch with upstream CL
ce2f70a
@clavin
add test
c79bb99
@clavin clavin force-pushed the clavin/fix-coi-agent-cluster-key branch from d8198f5 to c79bb99 Compare April 29, 2026 22:42
@clavin clavin dismissed jkleinsc’s stale review April 29, 2026 22:43

added CL & test

@jkleinsc jkleinsc merged commit 212b53c into main Apr 30, 2026
70 checks passed
@jkleinsc jkleinsc deleted the clavin/fix-coi-agent-cluster-key branch April 30, 2026 13:36
@release-clerk
Copy link
Copy Markdown

release-clerk Bot commented Apr 30, 2026

Release Notes Persisted

Fixed cross-origin isolation failing for non-file origins.

@trop trop Bot mentioned this pull request Apr 30, 2026
Merged
@trop
Copy link
Copy Markdown
Contributor

trop Bot commented Apr 30, 2026

I have automatically backported this PR to "41-x-y", please check out #51403

@trop trop Bot mentioned this pull request Apr 30, 2026
Merged
@trop trop Bot removed the target/41-x-y PR should also be added to the "41-x-y" branch. label Apr 30, 2026
@trop
Copy link
Copy Markdown
Contributor

trop Bot commented Apr 30, 2026

I have automatically backported this PR to "42-x-y", please check out #51404

@trop trop Bot added in-flight/42-x-y and removed target/42-x-y PR should also be added to the "42-x-y" branch. labels Apr 30, 2026
jkleinsc added a commit that referenced this pull request May 1, 2026
@jkleinsc
Revert "fix: constrain AllowUniversalAccessFromFileURLs to file: orig…
128a9f1 
…ins in agent cluster key assignment (#50789)"

This reverts commit b40ba2e.
@trop trop Bot added merged/42-x-y PR was merged to the "42-x-y" branch. merged/41-x-y PR was merged to the "41-x-y" branch. and removed in-flight/42-x-y in-flight/41-x-y labels May 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@codebytere codebytere codebytere left review comments

@ckerr ckerr ckerr approved these changes

@jkleinsc jkleinsc jkleinsc approved these changes

@deepak1556 deepak1556 deepak1556 approved these changes

@dsanders11 dsanders11 dsanders11 approved these changes

Assignees

No one assigned

Labels

merged/41-x-y PR was merged to the "41-x-y" branch. merged/42-x-y PR was merged to the "42-x-y" branch. semver/patch backwards-compatible bug fixes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Setting relevant headers no longer makes the document cross-origin isolated

6 participants

@clavin @deepak1556 @ckerr @jkleinsc @codebytere @dsanders11