Issue 1351313002: Allow 'chrome-extension:' URLs to bypass content settings (1/2)

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 1351313002: Allow 'chrome-extension:' URLs to bypass content settings (1/2) (Closed)

Created:
5 years, 3 months ago by Mike West

Modified:
5 years, 3 months ago

Reviewers:
jochen (gone - plz use gerrit)

CC:
chromium-apps-reviews_chromium.org, chromium-reviews, extensions-reviews_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@2490

Target Ref:
refs/pending/branch-heads/2490

Project:
chromium

Visibility:
Public.

More Reviews

Description

Merge "Allow 'chrome-extension:' URLs to bypass content settings (1/2)" to M46. > We changed the behavior of 'Document::firstPartyForCookies' to return an > empty URL in the case where any URL in the ancestor chain doesn't match > the current document's URL. Previously, we'd simply return the top-level > document's URL. > > This means that the content-settings bypass check in > 'ContentSettingsObserver::IsWhitelistedForContentSettings' sees an empty > URL as opposed to a 'chrome-extension://' URL for cases in which an > extension loads a resource, so content settings are applied as per usual. > This breaks things fairly badly for folks who have turned on third-party > cookie blocking. > > In these patches, we introduce a new scheme registry for those schemes > which ought to override Blink's concept of "first-party" when they're > loaded into the top-level browsing context. > > Patch 1 (Blink): https://codereview.chromium.org/1305253012 > Patch 2 (Chromium): [This patch] > > BUG=527963 > R=jochen@chromium.org > > Review URL: https://codereview.chromium.org/1332563006 Cr-Commit-Position: refs/heads/master@{#348194} (cherry picked from commit cfed7a300606c5eedb858433b37db5ffadf3b2cc) Note: Moved the call of this method from Dispatcher::WebKitInitialized() to Dispatcher::Dispatcher(), which is where the similar methods were at this point in history. TBR=amineer@chromium.org Committed: https://chromium.googlesource.com/chromium/src/+/c82b0ab685fef68670557b095dfc960f2086417f

Patch Set 1 #

Created: 5 years, 3 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+7 lines, -0 lines)			Patch
	M	extensions/renderer/dispatcher.cc	View		1 chunk	+7 lines, -0 lines	0 comments	Download

Messages

Total messages: 1 (0 generated)

Expand Messages | Collapse Messages

Mike West

5 years, 3 months ago (2015-09-18 09:03:07 UTC) #1

Message was sent while issue was closed.

Committed patchset #1 (id:1) manually as
c82b0ab685fef68670557b095dfc960f2086417f (presubmit successful).

Expand Messages | Collapse Messages