Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1291613010: Implement referrerpolicy attribute for img elements (Closed)

Created:
5 years, 4 months ago by estark
Modified:
5 years, 3 months ago
Reviewers:
Yoav Weiss, Mike West
CC:
blink-reviews, vivekg_samsung, blink-reviews-html_chromium.org, tyoshino+watch_chromium.org, vivekg, dglazkov+blink, Inactive, kinuko+watch, Nate Chapin, gavinp+loader_chromium.org, jochen (gone - plz use gerrit)
Base URL:
https://chromium.googlesource.com/chromium/blink.git@master
Target Ref:
refs/heads/master
Project:
blink
Visibility:
Public.

Description

Implement referrerpolicy attribute for img elements The 'referrerpolicy' attribute controls the referrer for the outgoing request when an image is loaded. BUG=490608 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=200940

Patch Set 1 #

Patch Set 2 : fix up no-referrer test #

Total comments: 4

Patch Set 3 : yoav comments #

Total comments: 16

Patch Set 4 : yoav comments round 2 #

Total comments: 8

Patch Set 5 : yoav comments round 3 #

Patch Set 6 : unwrap comments #

Patch Set 7 : update webexposed tests #

Patch Set 8 : rebase #

Patch Set 9 : actually fix webexposed test this time #

Unified diffs Side-by-side diffs Delta from patch set Stats (+227 lines, -48 lines) Patch
D LayoutTests/http/tests/security/referrer-policy-attribute-anchor-no-policy.html View 1 chunk +0 lines, -18 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer.html View 1 2 1 chunk +8 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-expected.html View 1 2 3 1 chunk +7 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-when-downgrade.html View 1 chunk +22 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-when-downgrade-expected.html View 1 2 3 1 chunk +2 lines, -2 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-origin.html View 1 chunk +9 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/referrer-policy-attribute-img-origin-expected.html View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-origin-when-crossorigin.html View 1 chunk +11 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-origin-when-crossorigin-expected.html View 1 2 3 1 chunk +9 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-picture.html View 1 2 3 4 1 chunk +16 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-picture-expected.html View 1 2 3 1 chunk +9 lines, -0 lines 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-removeattr.html View 1 2 1 chunk +18 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/referrer-policy-attribute-img-removeattr-expected.html View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
A LayoutTests/http/tests/security/referrer-policy-attribute-img-unsafe-url.html View 1 chunk +9 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/referrer-policy-attribute-img-unsafe-url-expected.html View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
A + LayoutTests/http/tests/security/referrer-policy-attribute-no-policy.html View 1 2 3 1 chunk +7 lines, -1 line 0 comments Download
A + LayoutTests/http/tests/security/resources/green-if-referrer-is-full-url.php View 1 chunk +2 lines, -2 lines 0 comments Download
A + LayoutTests/http/tests/security/resources/green-if-referrer-is-full-url-origin-when-crossorigin.php View 1 chunk +2 lines, -2 lines 0 comments Download
A + LayoutTests/http/tests/security/resources/green-if-referrer-is-origin.php View 1 chunk +1 line, -1 line 0 comments Download
M LayoutTests/http/tests/security/resources/referrer-attr-anchor-target.html View 1 chunk +1 line, -1 line 0 comments Download
M LayoutTests/webexposed/element-instance-property-listing-expected.txt View 1 2 3 4 5 6 1 chunk +1 line, -0 lines 0 comments Download
M LayoutTests/webexposed/global-interface-listing-expected.txt View 1 2 3 4 5 6 7 8 2 chunks +2 lines, -0 lines 0 comments Download
M Source/core/html/HTMLImageElement.h View 1 2 3 4 5 6 7 1 chunk +2 lines, -0 lines 0 comments Download
M Source/core/html/HTMLImageElement.cpp View 1 2 3 4 5 6 7 6 chunks +9 lines, -3 lines 0 comments Download
M Source/core/html/HTMLImageElement.idl View 1 2 3 4 1 chunk +1 line, -0 lines 0 comments Download
M Source/core/html/parser/HTMLPreloadScanner.cpp View 1 2 3 4 5 6 7 5 chunks +10 lines, -1 line 0 comments Download
M Source/core/html/parser/HTMLPreloadScannerTest.cpp View 1 2 3 4 5 4 chunks +44 lines, -0 lines 0 comments Download
M Source/core/html/parser/PreloadRequest.h View 1 2 3 4 1 chunk +1 line, -0 lines 0 comments Download
M Source/core/loader/ImageLoader.h View 3 chunks +3 lines, -3 lines 0 comments Download
M Source/core/loader/ImageLoader.cpp View 1 2 3 9 chunks +18 lines, -11 lines 0 comments Download

Messages

Total messages: 32 (10 generated)
estark
Mike, do you think you might be able to take a look at this in ...
5 years, 4 months ago (2015-08-18 00:17:28 UTC) #2
Yoav Weiss
Hi estark :) I can review that. All in all, looks good, but there are ...
5 years, 4 months ago (2015-08-18 07:22:17 UTC) #4
estark
Thanks, Yoav! Addressed your comments and added the <picture> test. https://codereview.chromium.org/1291613010/diff/20001/Source/core/html/HTMLImageElement.cpp File Source/core/html/HTMLImageElement.cpp (right): https://codereview.chromium.org/1291613010/diff/20001/Source/core/html/HTMLImageElement.cpp#newcode771 ...
5 years, 4 months ago (2015-08-18 17:34:26 UTC) #5
Yoav Weiss
All in all looks good :) A few more comments though https://codereview.chromium.org/1291613010/diff/40001/LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-expected.txt File LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-expected.txt (right): ...
5 years, 4 months ago (2015-08-18 21:09:21 UTC) #6
estark
https://codereview.chromium.org/1291613010/diff/40001/LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-expected.txt File LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-expected.txt (right): https://codereview.chromium.org/1291613010/diff/40001/LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-expected.txt#newcode1 LayoutTests/http/tests/security/referrer-policy-attribute-img-no-referrer-expected.txt:1: layer at (0,0) size 800x600 On 2015/08/18 21:09:21, Yoav ...
5 years, 4 months ago (2015-08-19 02:53:22 UTC) #7
Yoav Weiss
Last round of comments, hopefully. I missed it earlier, but can you please also add ...
5 years, 4 months ago (2015-08-19 06:23:04 UTC) #8
estark
https://codereview.chromium.org/1291613010/diff/60001/LayoutTests/http/tests/security/referrer-policy-attribute-img-picture.html File LayoutTests/http/tests/security/referrer-policy-attribute-img-picture.html (right): https://codereview.chromium.org/1291613010/diff/60001/LayoutTests/http/tests/security/referrer-policy-attribute-img-picture.html#newcode4 LayoutTests/http/tests/security/referrer-policy-attribute-img-picture.html:4: <picture> On 2015/08/19 06:23:04, Yoav Weiss wrote: > Nit: ...
5 years, 4 months ago (2015-08-19 16:17:01 UTC) #9
estark
On 2015/08/19 06:23:04, Yoav Weiss wrote: > Last round of comments, hopefully. > I missed ...
5 years, 4 months ago (2015-08-19 16:17:21 UTC) #10
Yoav Weiss
On 2015/08/19 16:17:21, estark wrote: > On 2015/08/19 06:23:04, Yoav Weiss wrote: > > Last ...
5 years, 4 months ago (2015-08-19 16:26:21 UTC) #11
estark
Thanks, Yoav! Mike, do you want to take a look before I land this? On ...
5 years, 4 months ago (2015-08-19 17:00:29 UTC) #12
Yoav Weiss
On 2015/08/19 17:00:29, estark wrote: > > One last nit: comments don't have to be ...
5 years, 4 months ago (2015-08-19 20:19:38 UTC) #13
estark
Mike, I'm going to take your silence as a lack of objections. :) Going to ...
5 years, 4 months ago (2015-08-20 17:33:02 UTC) #14
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1291613010/100001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1291613010/100001
5 years, 4 months ago (2015-08-20 17:33:46 UTC) #17
commit-bot: I haz the power
Try jobs failed on following builders: linux_chromium_rel_ng on tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_rel_ng/builds/101281)
5 years, 4 months ago (2015-08-20 18:44:54 UTC) #19
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1291613010/120001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1291613010/120001
5 years, 4 months ago (2015-08-20 18:52:01 UTC) #22
commit-bot: I haz the power
Try jobs failed on following builders: linux_chromium_rel_ng on tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_rel_ng/builds/101332)
5 years, 4 months ago (2015-08-20 19:59:58 UTC) #24
Yoav Weiss
On 2015/08/20 19:59:58, commit-bot: I haz the power wrote: > Try jobs failed on following ...
5 years, 4 months ago (2015-08-20 20:09:17 UTC) #25
Yoav Weiss
On 2015/08/20 20:09:17, Yoav Weiss wrote: > On 2015/08/20 19:59:58, commit-bot: I haz the power ...
5 years, 4 months ago (2015-08-20 20:11:52 UTC) #26
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1291613010/160001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1291613010/160001
5 years, 4 months ago (2015-08-20 22:01:30 UTC) #29
commit-bot: I haz the power
Committed patchset #9 (id:160001) as https://src.chromium.org/viewvc/blink?view=rev&revision=200940
5 years, 4 months ago (2015-08-21 00:23:10 UTC) #30
Yoav Weiss
On 2015/08/21 00:23:10, commit-bot: I haz the power wrote: > Committed patchset #9 (id:160001) as ...
5 years, 4 months ago (2015-08-21 10:57:39 UTC) #31
estark
5 years, 4 months ago (2015-08-21 17:16:57 UTC) #32
Message was sent while issue was closed. 
On 2015/08/21 10:57:39, Yoav Weiss wrote:
> On 2015/08/21 00:23:10, commit-bot: I haz the power wrote:
> > Committed patchset #9 (id:160001) as
> > https://src.chromium.org/viewvc/blink?view=rev&revision=200940
> 
> A huge oversight on my part, but this change should have been added behind a
> runtime flag :/
> (As there's an intent to implement, but no intent to ship).
> 
> estark - Can you please add a runtime flag that prevents this from running by
> default?

Oh no, my bad! I already had the runtime flag for anchor elements and used it in
my original patch for this CL but accidentally dropped it somewhere along the
way. Please see https://codereview.chromium.org/1302403005/

Powered by Google App Engine
This is Rietveld 408576698