Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(864)

Issue 1889433003: Ignore 'X-Frame-Options' inside '<meta>' tags. (Closed)

Created:
4 years, 8 months ago by Mike West
Modified:
4 years, 8 months ago
CC:
blink-reviews, chromium-reviews, gavinp+loader_chromium.org, Nate Chapin, loading-reviews_chromium.org, tyoshino+watch_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Ignore 'X-Frame-Options' inside '<meta>' tags. We currently try to support 'X-Frame-Options' inside '<meta>' tags by cancelling the page load when we parse the tag, and navigating to a blank page instead. This is somewhat functional, but not exactly a reliable protection. In fact, all of our XFO implementation is somewhat unreliable, as it's all implemented in Blink. We're working on migrating it up to the browser process, but that's going to be difficult to do cleanly if we need to support the '<meta>' implementation. We'll either need implementations in both Blink and //content, or we'll need another IPC. I'd prefer to simply remove the functionality. If this lands, I'll remove the rest of the XFO plumbing in https://codereview.chromium.org/1617043002 as part of moving everything up out of Blink and into //content. Intent to Remove: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/R1gkjKZI0J8 BUG=603002 Committed: https://crrev.com/a2d5fc7049d414031a0acc39939ffff67081db17 Cr-Commit-Position: refs/heads/master@{#387381}

Patch Set 1 #

Patch Set 2 : One more. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+1 line, -240 lines) Patch
D third_party/WebKit/LayoutTests/fast/parser/x-frame-options-detached-document-crash.html View 1 chunk +0 lines, -13 lines 0 comments Download
D third_party/WebKit/LayoutTests/fast/parser/x-frame-options-detached-document-crash-expected.txt View 1 chunk +0 lines, -1 line 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/misc/onload-write-during-xframe-deny.html View 1 1 chunk +0 lines, -8 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/misc/onload-write-during-xframe-deny-expected.txt View 1 1 chunk +0 lines, -2 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe.html View 1 chunk +0 lines, -8 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe-in-body.html View 1 chunk +0 lines, -9 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe-parent-same-origin-allow.html View 1 chunk +0 lines, -8 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/resources/x-frame-options-deny-meta-tag-subframe-parent-same-origin-deny.html View 1 chunk +0 lines, -8 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag.html View 1 chunk +0 lines, -22 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-expected.txt View 1 chunk +0 lines, -16 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-in-body.html View 1 chunk +0 lines, -22 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-in-body-expected.txt View 1 chunk +0 lines, -16 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-allow.html View 1 chunk +0 lines, -10 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-allow-expected.txt View 1 chunk +0 lines, -12 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-deny.html View 1 chunk +0 lines, -22 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/XFrameOptions/x-frame-options-deny-meta-tag-parent-same-origin-deny-expected.txt View 1 chunk +0 lines, -16 lines 0 comments Download
D third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/meta-tag-http-refresh-x-frame-options.html View 1 chunk +0 lines, -22 lines 0 comments Download
M third_party/WebKit/Source/core/loader/HttpEquiv.cpp View 2 chunks +1 line, -25 lines 0 comments Download

Messages

Total messages: 10 (5 generated)
Mike West
WDYT, Jochen?
4 years, 8 months ago (2016-04-13 13:11:13 UTC) #3
jochen (gone - plz use gerrit)
lgtm once you have all three lgtms
4 years, 8 months ago (2016-04-14 13:24:49 UTC) #5
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1889433003/20001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1889433003/20001
4 years, 8 months ago (2016-04-14 19:00:01 UTC) #7
commit-bot: I haz the power
Committed patchset #2 (id:20001)
4 years, 8 months ago (2016-04-14 19:06:29 UTC) #8
commit-bot: I haz the power
4 years, 8 months ago (2016-04-14 19:08:06 UTC) #10
Message was sent while issue was closed.
Patchset 2 (id:??) landed as
https://crrev.com/a2d5fc7049d414031a0acc39939ffff67081db17
Cr-Commit-Position: refs/heads/master@{#387381}

Powered by Google App Engine
This is Rietveld 408576698