Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(53)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1275513006: Check for empty security info when sending security info to devtools (Closed)

Created:
5 years, 4 months ago by estark
Modified:
5 years, 4 months ago
Reviewers:
davidben
CC:
chromium-reviews, darin-cc_chromium.org, jam, lgarron
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Check for empty security info when sending security info to devtools Currently, some responses (notably, redirects) can come in to WebURLLoader without any security info attached. DeserializeSecurityInfo() does not treat empty strings as a deserialization error, so in this case we end up trying to extract SSL information from a connection status of 0. Instead, check for the empty string upfront and just tell devtools that the security state is unknown. Hopefully, we will soon be attaching security info to redirect responses (https://codereview.chromium.org/1275743005/). BUG=519120 TBR=davidben@chromium.org Committed: https://crrev.com/4c45ed01617e021bad654ff89e47fdcfc6c9ea18 Cr-Commit-Position: refs/heads/master@{#342794}

Patch Set 1 #

Total comments: 1
Unified diffs Side-by-side diffs Delta from patch set Stats (+7 lines, -0 lines) Patch
M content/child/web_url_loader_impl.cc View 1 chunk +7 lines, -0 lines 1 comment Download

Messages

Total messages: 9 (2 generated)
estark
davidben: I'm TBRing this because it's a pretty simple fix for a problem that's causing ...
5 years, 4 months ago (2015-08-11 05:57:23 UTC) #2
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1275513006/1 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1275513006/1
5 years, 4 months ago (2015-08-11 05:57:36 UTC) #4
estark
+lgarron
5 years, 4 months ago (2015-08-11 05:58:07 UTC) #5
commit-bot: I haz the power
Committed patchset #1 (id:1)
5 years, 4 months ago (2015-08-11 06:43:30 UTC) #6
commit-bot: I haz the power
Patchset 1 (id:??) landed as https://crrev.com/4c45ed01617e021bad654ff89e47fdcfc6c9ea18 Cr-Commit-Position: refs/heads/master@{#342794}
5 years, 4 months ago (2015-08-11 06:44:17 UTC) #7
davidben
lgtm https://codereview.chromium.org/1275513006/diff/1/content/child/web_url_loader_impl.cc File content/child/web_url_loader_impl.cc (right): https://codereview.chromium.org/1275513006/diff/1/content/child/web_url_loader_impl.cc#newcode299 content/child/web_url_loader_impl.cc:299: // info attached (such as a redirect response). ...
5 years, 4 months ago (2015-08-11 12:17:10 UTC) #8
estark
5 years, 4 months ago (2015-08-11 14:08:37 UTC) #9
Message was sent while issue was closed. 
On 2015/08/11 12:17:10, David Benjamin wrote:
> lgtm

Thanks!

> 
>
https://codereview.chromium.org/1275513006/diff/1/content/child/web_url_loade...
> File content/child/web_url_loader_impl.cc (right):
> 
>
https://codereview.chromium.org/1275513006/diff/1/content/child/web_url_loade...
> content/child/web_url_loader_impl.cc:299: // info attached (such as a redirect
> response).
> (Huh, we don't send down security info in this case? An extension-simulated
> redirect certainly would do it, but I would have thought it'd be available for
> redirects.)

Yeah, that is my understanding from looking at the code. Security info seems to
get attached in ResourceLoader::CompleteResponseStarted()
https://code.google.com/p/chromium/codesearch#chromium/src/content/browser/lo...)
but not in ResourceLoader::OnReceivedRedirect(). See
https://codereview.chromium.org/1275743005/ where I'm proposing we add it there.

Powered by Google App Engine
This is Rietveld 408576698