Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add rules for GetVisibleEntry, InProcessBrowserTest and WebContentsUs… #736

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add rules for GetVisibleEntry, InProcessBrowserTest and WebContentsUs… #736

wants to merge 1 commit into from
+135 −0

Conversation

bridiver
Copy link
Collaborator

@bridiver bridiver commented Feb 5, 2025

…erData and browser dependency inversion

@bridiver bridiver requested a review from thypon as a code owner February 5, 2025 00:21
github-actions[bot]
github-actions bot reviewed Feb 5, 2025
View reviewed changes
assets/semgrep_rules/client/browser-dependency-inversion.cc
@@ -0,0 +1,8 @@
// ruleid: browser-dependency-injection
chrome::FindBrowserWithTab(web_contents);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] There are several global functions that facilitate dependency inversion. It will not be possible to call them from modularized features (no dependency cycles), and their usage in non-modularized features is considered a red flag

Don't use Browser*. This is functionally a container of hundreds of other pointers. It is impossible to specify dependencies, since Browser* functionally depends on everything. Instead, pass in the relevant pointers, e.g. Profile*, FooFeatureController, etc

References:
- https://chromium.googlesource.com/chromium/src/+/main/docs/chrome_browser_design_principles.md#structure_modularity


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/browser-dependency-inversion.yaml


Cc @goodov @cdesouza-chromium @bridiver

assets/semgrep_rules/client/browser-dependency-inversion.cc
// ruleid: browser-dependency-injection
chrome::FindBrowserWithTab(web_contents);
// ruleid: browser-dependency-injection
FindBrowserWithTab(web_contents);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] There are several global functions that facilitate dependency inversion. It will not be possible to call them from modularized features (no dependency cycles), and their usage in non-modularized features is considered a red flag

Don't use Browser*. This is functionally a container of hundreds of other pointers. It is impossible to specify dependencies, since Browser* functionally depends on everything. Instead, pass in the relevant pointers, e.g. Profile*, FooFeatureController, etc

References:
- https://chromium.googlesource.com/chromium/src/+/main/docs/chrome_browser_design_principles.md#structure_modularity


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/browser-dependency-inversion.yaml


Cc @goodov @cdesouza-chromium @bridiver

assets/semgrep_rules/client/browser-dependency-inversion.cc
// ruleid: browser-dependency-injection
FindBrowserWithTab(web_contents);
// ruleid: browser-dependency-injection
BrowserView::GetBrowserViewForNativeWindow();
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] There are several global functions that facilitate dependency inversion. It will not be possible to call them from modularized features (no dependency cycles), and their usage in non-modularized features is considered a red flag

Don't use Browser*. This is functionally a container of hundreds of other pointers. It is impossible to specify dependencies, since Browser* functionally depends on everything. Instead, pass in the relevant pointers, e.g. Profile*, FooFeatureController, etc

References:
- https://chromium.googlesource.com/chromium/src/+/main/docs/chrome_browser_design_principles.md#structure_modularity


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/browser-dependency-inversion.yaml


Cc @goodov @cdesouza-chromium @bridiver

assets/semgrep_rules/client/browser-dependency-inversion.cc
// ruleid: browser-dependency-injection
BrowserView::GetBrowserViewForNativeWindow();
// ruleid: browser-dependency-injection
void MyClass::MyMethod(Browser* browser, bool test) { }
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] There are several global functions that facilitate dependency inversion. It will not be possible to call them from modularized features (no dependency cycles), and their usage in non-modularized features is considered a red flag

Don't use Browser*. This is functionally a container of hundreds of other pointers. It is impossible to specify dependencies, since Browser* functionally depends on everything. Instead, pass in the relevant pointers, e.g. Profile*, FooFeatureController, etc

References:
- https://chromium.googlesource.com/chromium/src/+/main/docs/chrome_browser_design_principles.md#structure_modularity


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/browser-dependency-inversion.yaml


Cc @goodov @cdesouza-chromium @bridiver

github-actions[bot]
github-actions bot reviewed Feb 5, 2025
View reviewed changes
assets/semgrep_rules/client/get-visible-entry.cc
@@ -0,0 +1,14 @@
// ruleid: get-visible-entry
web_contents->GetController().GetVisibleEntry();
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] GetVisibleEntry usages should be vet by the security-team. Most of the time you want the last committed entry/url


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/get-visible-entry.yaml


Cc @thypon @diracdeltas @bridiver

assets/semgrep_rules/client/get-visible-entry.cc
web_contents->GetController().GetVisibleEntry();

// ruleid: get-visible-entry
web_contents->GetVisibleURL();
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] GetVisibleURL usages should be vet by the security-team. Most of the time you want the last committed entry/url


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/get-visible-entry.yaml


Cc @thypon @diracdeltas @bridiver

assets/semgrep_rules/client/web-contents-user-data.cc
@@ -0,0 +1,9 @@
// ruleid: web-contents-user-data
class MyTest : public WebContentsUserData {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Prefer dependency injection

References:
- https://chromium.googlesource.com/chromium/src/+/main/docs/chrome_browser_design_principles.md#structure_modularity


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/in-process-browser-test.yaml


Cc @goodov @cdesouza-chromium @bridiver

assets/semgrep_rules/client/web-contents-user-data.cc
class MyTest : public WebContentsUserData {
}
// ruleid: web-contents-user-data
class MyTest : public content::WebContentsUserData {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Prefer dependency injection

References:
- https://chromium.googlesource.com/chromium/src/+/main/docs/chrome_browser_design_principles.md#structure_modularity


Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/in-process-browser-test.yaml


Cc @goodov @cdesouza-chromium @bridiver

assets/semgrep_rules/client/in-process-browser-test.cc
@@ -0,0 +1,7 @@
// ruleid: in-process-browser-test
class MyTest : public InProcessBrowserTest {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reported by reviewdog 🐶
[semgrep] Most browser tests should be PlatformBrowserTest so they can run on android.

Source: https://github.com/brave/security-action/blob/main/assets/semgrep_rules/client/in-process-browser-test.yaml


Cc @goodov @cdesouza-chromium @bridiver

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@thypon thypon Awaiting requested review from thypon thypon is a code owner

Assignees

@bridiver bridiver

@diracdeltas diracdeltas

@thypon thypon

@goodov goodov

@cdesouza-chromium cdesouza-chromium

Labels
needs-security-review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@bridiver @diracdeltas @thypon @goodov @cdesouza-chromium