Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(345)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1607433007: Add 'OriginAccessEntry::matchDomain'. (Closed)

Created:
4 years, 11 months ago by Mike West
Modified:
4 years, 11 months ago
CC:
blink-reviews, blink-reviews-dom_chromium.org, chromium-reviews, dglazkov+blink, eae+blinkwatch, kinuko+watch, rwlbuis, sof
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Add 'OriginAccessEntry::matchDomain'. We need to ignore protocol shifts when calculating the first party for cookies, as we're otherwise breaking sites that embed secure login forms into insecure pages. It's better to weaken the check than to force those sites to put everything into plaintext. BUG=534749 R=jochen@chromium.org Committed: https://crrev.com/2cd11de2ba88e31413b0a38649f039d41206470b Cr-Commit-Position: refs/heads/master@{#370098}

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+60 lines, -20 lines) Patch
M third_party/WebKit/Source/core/dom/Document.cpp View 1 chunk +3 lines, -1 line 0 comments Download
M third_party/WebKit/Source/platform/weborigin/OriginAccessEntry.h View 1 chunk +4 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/platform/weborigin/OriginAccessEntry.cpp View 1 chunk +6 lines, -1 line 0 comments Download
M third_party/WebKit/Source/platform/weborigin/OriginAccessEntryTest.cpp View 2 chunks +21 lines, -18 lines 0 comments Download
M third_party/WebKit/Source/web/tests/WebDocumentTest.cpp View 5 chunks +17 lines, -0 lines 0 comments Download
A third_party/WebKit/Source/web/tests/data/first_party/nested-originSecureA.html View 1 chunk +9 lines, -0 lines 0 comments Download

Messages

Total messages: 7 (2 generated)
Mike West
Mind taking a look at this, Jochen?
4 years, 11 months ago (2016-01-19 11:03:16 UTC) #1
jochen (gone - plz use gerrit)
lgtm
4 years, 11 months ago (2016-01-19 11:33:47 UTC) #2
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1607433007/1 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1607433007/1
4 years, 11 months ago (2016-01-19 11:43:23 UTC) #4
commit-bot: I haz the power
Committed patchset #1 (id:1)
4 years, 11 months ago (2016-01-19 12:16:46 UTC) #5
commit-bot: I haz the power
4 years, 11 months ago (2016-01-19 12:17:46 UTC) #7
Message was sent while issue was closed. 
Patchset 1 (id:??) landed as
https://crrev.com/2cd11de2ba88e31413b0a38649f039d41206470b
Cr-Commit-Position: refs/heads/master@{#370098}

Powered by Google App Engine
This is Rietveld 408576698