Chromium Code Reviews

Issue 1454003003: [CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker. (Closed)

Created:
5 years, 1 month ago by horo
Modified:
5 years, 1 month ago
Reviewers:
Mike West
CC:
blink-reviews, chromium-reviews, gavinp+loader_chromium.org, Nate Chapin, loading-reviews_chromium.org, loading-reviews+fetch_chromium.org, serviceworker-reviews, tyoshino+watch_chromium.org, Yoav Weiss
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

[CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker. In ResourceFetcher::didReceiveResponse() we check the response URL when the response is fetched via ServiceWorker. But the match algorithm should ignore the path component of the URL. BUG=542060 Committed: https://crrev.com/114b8b13ab4fd5c83eb42986946b0051fdd10127 Cr-Commit-Position: refs/heads/master@{#360733}

Patch Set 1 : #

Total comments: 2
Unified diffs Side-by-side diffs Stats (+130 lines, -100 lines)
M third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-csp.html View 1 chunk +98 lines, -18 lines 0 comments
M third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-csp-expected.txt View 1 chunk +0 lines, -1 line 0 comments
M third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html View 1 chunk +9 lines, -71 lines 0 comments
M third_party/WebKit/Source/core/fetch/FetchContext.h View 1 chunk +1 line, -0 lines 0 comments
M third_party/WebKit/Source/core/fetch/ResourceFetcher.cpp View 1 chunk +3 lines, -3 lines 0 comments
M third_party/WebKit/Source/core/loader/FrameFetchContext.h View 3 chunks +3 lines, -1 line 0 comments
M third_party/WebKit/Source/core/loader/FrameFetchContext.cpp View 3 chunks +16 lines, -6 lines 2 comments

Messages

Total messages: 14 (8 generated)
horo
mkwst@ Could you please review this?
5 years, 1 month ago (2015-11-19 07:15:03 UTC) #8
Mike West
LGTM, thanks for this! https://codereview.chromium.org/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp File third_party/WebKit/Source/core/loader/FrameFetchContext.cpp (right): https://codereview.chromium.org/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp#newcode348 third_party/WebKit/Source/core/loader/FrameFetchContext.cpp:348: ContentSecurityPolicy::RedirectStatus redirectStatus = resourceRequest.followedRedirect() ? ...
5 years, 1 month ago (2015-11-19 09:46:25 UTC) #9
horo
https://chromiumcodereview.appspot.com/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp File third_party/WebKit/Source/core/loader/FrameFetchContext.cpp (right): https://chromiumcodereview.appspot.com/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp#newcode348 third_party/WebKit/Source/core/loader/FrameFetchContext.cpp:348: ContentSecurityPolicy::RedirectStatus redirectStatus = resourceRequest.followedRedirect() ? ContentSecurityPolicy::DidRedirect : ContentSecurityPolicy::DidNotRedirect; On ...
5 years, 1 month ago (2015-11-20 02:17:07 UTC) #10
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1454003003/40001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1454003003/40001
5 years, 1 month ago (2015-11-20 02:18:12 UTC) #12
commit-bot: I haz the power
Committed patchset #1 (id:40001)
5 years, 1 month ago (2015-11-20 03:15:04 UTC) #13
commit-bot: I haz the power
5 years, 1 month ago (2015-11-20 03:16:15 UTC) #14
Message was sent while issue was closed.
Patchset 1 (id:??) landed as
https://crrev.com/114b8b13ab4fd5c83eb42986946b0051fdd10127
Cr-Commit-Position: refs/heads/master@{#360733}

Powered by Google App Engine