Chromium Code Reviews
Help | Chromium Project | Gerrit Changes | Sign in
(205)

Issues Search
Open Issues | Closed Issues | All Issues | Sign in with your Google Account to create issues and add comments

Issue 1938123002: Ensure that privates are private. (Closed)

Created:
3 years, 7 months ago by robwu
Modified:
3 years, 7 months ago
Reviewers:
CC:
chromium-reviews
Base URL:
https://chromium.googlesource.com/chromium/src.git@2704
Target Ref:
refs/pending/branch-heads/2704
Project:
chromium
Visibility:
Public.

Description

Ensure that privates are private. - Remove JS code injection functionality from UtilsNativeHandler. - Ensure that utils.expose only exposes public properties. - Prevent privates from getting poisoned via arbitrary constructor invocations. - Prevent privates from leaking through prototypes. BUG=603748 Review URL: https://codereview.chromium.org/1903303002 Cr-Commit-Position: refs/heads/master@{#389292} (cherry picked from commit 77e0fbe12e32b16d5c1d7c0380b45fde363004b2) Committed: https://chromium.googlesource.com/chromium/src/+/f2b970209b08639170042334a2f1f2342f8a9113

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+285 lines, -207 lines) Patch
M chrome/renderer/resources/extensions/automation/automation_event.js View 1 chunk +15 lines, -5 lines 0 comments Download
M chrome/renderer/resources/extensions/automation/automation_node.js View 1 chunk +51 lines, -40 lines 0 comments Download
M chrome/renderer/resources/extensions/enterprise_platform_keys/key_pair.js View 1 chunk +11 lines, -3 lines 0 comments Download
M chrome/renderer/resources/extensions/enterprise_platform_keys/subtle_crypto.js View 2 chunks +12 lines, -9 lines 0 comments Download
M chrome/renderer/resources/extensions/enterprise_platform_keys/token.js View 1 chunk +11 lines, -2 lines 0 comments Download
M chrome/renderer/resources/extensions/platform_keys/key.js View 1 chunk +11 lines, -4 lines 0 comments Download
M chrome/renderer/resources/extensions/platform_keys/subtle_crypto.js View 1 chunk +12 lines, -6 lines 0 comments Download
M chrome/renderer/resources/extensions/web_view/chrome_web_view.js View 4 chunks +14 lines, -6 lines 0 comments Download
M extensions/renderer/module_system.cc View 1 chunk +4 lines, -0 lines 0 comments Download
M extensions/renderer/module_system_unittest.cc View 1 chunk +10 lines, -0 lines 0 comments Download
M extensions/renderer/resources/event.js View 1 chunk +16 lines, -11 lines 0 comments Download
M extensions/renderer/resources/messaging.js View 1 chunk +14 lines, -9 lines 0 comments Download
M extensions/renderer/resources/utils.js View 5 chunks +65 lines, -16 lines 0 comments Download
M extensions/renderer/resources/web_request_internal_custom_bindings.js View 1 chunk +14 lines, -11 lines 0 comments Download
M extensions/renderer/safe_builtins.cc View 1 chunk +1 line, -1 line 0 comments Download
M extensions/renderer/utils_native_handler.h View 1 chunk +0 lines, -5 lines 0 comments Download
M extensions/renderer/utils_native_handler.cc View 3 chunks +0 lines, -65 lines 0 comments Download
M extensions/test/data/utils_unittest.js View 2 chunks +24 lines, -14 lines 0 comments Download

Messages

Total messages: 2 (1 generated)
robwu
3 years, 7 months ago (2016-05-02 20:24:18 UTC) #2
Message was sent while issue was closed. 
Committed patchset #1 (id:1) manually as
f2b970209b08639170042334a2f1f2342f8a9113.

Powered by Google App Engine
This is Rietveld 408576698