DescriptionRevert of Set the request mode and the credentials mode of FetchEvent in the service worker correctly. (patchset #1 id:1 of https://codereview.chromium.org/1665533003/ )
Reason for revert:
This change introduced a security bug.
crbug.com/589740
Original issue's description:
> Set the request mode and the credentials mode of FetchEvent in the service worker correctly.
>
> Currently the request mode and the credentials mode of FetchEvent.request are
> not correctly set.
>
> 1. The credentials mode of no-cors resource request must be 'include', but
> currently 'same-origin'. (https://crbug.com/576534)
> ex: <img src="img.png"> <script src="test.js">
>
> 2. When fetch() is called in the page, the FetchEvent.request.mode is always
> 'cors' and the FetchEvent.request.credentials is always 'same-origin' in the
> service worker. (https://crbug.com/543895)
>
> 3. When an audio element fetches a request, the FetchEvent.request.mode is
> always 'cors' and the FetchEvent.request.credentials is always 'same-origin'
> in the service worker.
> Expected:
> - <audio>
> mode: no-cors, credentials: include
> - <audio crossOrigin='anonymous'>
> mode: cors, credentials: same-origin
> - <audio crossOrigin='use-credentials'>
> mode: cors, credentials: include
>
> This CL includes many changes in LayoutTests/http/tests/fetch/. It is because
> the credentials mode for script tag is changed from 'same-origin' to 'include'.
> And fetch's SW-thorough tests are using script tags.
>
> I will add browser_tests to check the modes which are set in
> - MimeHandlerViewContainer for <embed src="test.pdf">
> - ManifestFetcher for <link rel="manifest" href="manifest.json">
> - PepperURLLoaderHost for PPAPI's pp::URLLoader.
> https://codereview.chromium.org/1665453003/
>
> BUG=576534, 543895
>
> Committed: https://crrev.com/aac099cc134c503accc16f5b2345023acff04b9e
> Cr-Commit-Position: refs/heads/master@{#375403}
TBR=tyoshino@chromium.org,mkwst@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=576534, 543895
Committed: https://crrev.com/0a778a5336f80ad11cf019352e664d2e8d06d737
Cr-Commit-Position: refs/heads/master@{#377571}
Patch Set 1 #Patch Set 2 : rebase #Messages
Total messages: 9 (8 generated)
|