Chromium Code Reviews
Help | Chromium Project | Gerrit Changes | Sign in
(29)

Issue 1454003003: [CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker. (Closed)

Created:
4 years ago by horo
Modified:
3 years, 12 months ago
Reviewers:
Mike West
CC:
blink-reviews, chromium-reviews, gavinp+loader_chromium.org, Nate Chapin, loading-reviews_chromium.org, loading-reviews+fetch_chromium.org, serviceworker-reviews, tyoshino+watch_chromium.org, Yoav Weiss
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

[CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker. In ResourceFetcher::didReceiveResponse() we check the response URL when the response is fetched via ServiceWorker. But the match algorithm should ignore the path component of the URL. BUG=542060 Committed: https://crrev.com/114b8b13ab4fd5c83eb42986946b0051fdd10127 Cr-Commit-Position: refs/heads/master@{#360733}

Patch Set 1 : #

Total comments: 2

Messages

Total messages: 14 (8 generated)
horo
mkwst@ Could you please review this?
3 years, 12 months ago (2015-11-19 07:15:03 UTC) #8
Mike West
LGTM, thanks for this! https://codereview.chromium.org/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp File third_party/WebKit/Source/core/loader/FrameFetchContext.cpp (right): https://codereview.chromium.org/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp#newcode348 third_party/WebKit/Source/core/loader/FrameFetchContext.cpp:348: ContentSecurityPolicy::RedirectStatus redirectStatus = resourceRequest.followedRedirect() ? ...
3 years, 12 months ago (2015-11-19 09:46:25 UTC) #9
horo
https://chromiumcodereview.appspot.com/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp File third_party/WebKit/Source/core/loader/FrameFetchContext.cpp (right): https://chromiumcodereview.appspot.com/1454003003/diff/40001/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp#newcode348 third_party/WebKit/Source/core/loader/FrameFetchContext.cpp:348: ContentSecurityPolicy::RedirectStatus redirectStatus = resourceRequest.followedRedirect() ? ContentSecurityPolicy::DidRedirect : ContentSecurityPolicy::DidNotRedirect; On ...
3 years, 12 months ago (2015-11-20 02:17:07 UTC) #10
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1454003003/40001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1454003003/40001
3 years, 12 months ago (2015-11-20 02:18:12 UTC) #12
commit-bot: I haz the power
Committed patchset #1 (id:40001)
3 years, 12 months ago (2015-11-20 03:15:04 UTC) #13
commit-bot: I haz the power
3 years, 12 months ago (2015-11-20 03:16:15 UTC) #14
Message was sent while issue was closed.
Patchset 1 (id:??) landed as
https://crrev.com/114b8b13ab4fd5c83eb42986946b0051fdd10127
Cr-Commit-Position: refs/heads/master@{#360733}

Powered by Google App Engine
This is Rietveld 408576698