CSP source *.x.y should not match host x.y

CSP source *.x.y should not match host x.y

This fixes a minor CSP bug where a source in a source list with a
wildcard was matching more liberally than it should have. It was
matching a source of the form *.x.y to host x.y when, in fact, it should
only be matching subdomains.

BUG=534542
R=mkwst@chromium.org

[jww, 2015-09-22 23:53:23]

jww@chromium.org changed reviewers:
+ mkwst@chromium.org

[jww, 2015-09-22 23:53:24]

Mike, can you take a look? Thanks!

[Mike West, 2015-09-23 04:36:49]

LGTM % counter.

https://codereview.chromium.org/1362813002/diff/1/Source/core/frame/csp/CSPSo...
File Source/core/frame/csp/CSPSource.cpp (right):

https://codereview.chromium.org/1362813002/diff/1/Source/core/frame/csp/CSPSo...
Source/core/frame/csp/CSPSource.cpp:49: return host.endsWith("." + m_host,
TextCaseInsensitive);
Can you add a counter here as well, tracking the number of times the old style
would match, but this style doesn't? I worry a bit that we've poisoned the well
with the existing behavior, and might need to revert this (or reach out to folks
to change their sites) if the numbers are high.

[jww, 2015-09-23 05:33:10]

https://codereview.chromium.org/1362813002/diff/1/Source/core/frame/csp/CSPSo...
File Source/core/frame/csp/CSPSource.cpp (right):

https://codereview.chromium.org/1362813002/diff/1/Source/core/frame/csp/CSPSo...
Source/core/frame/csp/CSPSource.cpp:49: return host.endsWith("." + m_host,
TextCaseInsensitive);
On 2015/09/23 04:36:49, Mike West (slow) wrote:
> Can you add a counter here as well, tracking the number of times the old style
> would match, but this style doesn't? I worry a bit that we've poisoned the
well
> with the existing behavior, and might need to revert this (or reach out to
folks
> to change their sites) if the numbers are high.

Done.

[jww, 2015-09-23 05:33:17]

The CQ bit was checked by jww@chromium.org

[jww, 2015-09-23 05:33:18]

The patchset sent to the CQ was uploaded after l-g-t-m from mkwst@chromium.org
Link to the patchset: https://codereview.chromium.org/1362813002/#ps20001
(title: "Use counter for old matching behavior")

[commit-bot: I haz the power, 2015-09-23 05:33:30]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1362813002/20001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1362813002/20001

[commit-bot: I haz the power, 2015-09-23 06:33:27]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2015-09-23 06:33:27]

Try jobs failed on following builders:
  win_chromium_rel_ng on tryserver.chromium.win (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_rel_...)

[jww, 2015-09-25 13:49:37]

On 2015/09/23 06:33:27, commit-bot: I haz the power wrote:
> Try jobs failed on following builders:
>   win_chromium_rel_ng on tryserver.chromium.win (JOB_FAILED,
>
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_rel_...)

This has been superceded by the post-Blink-merge CL
https://codereview.chromium.org/1367933003/. Closing this issue.