CREDENTIAL: Tighten the behavior of 'requireUserMediation()'

CREDENTIAL: Tighten the behavior of 'requireUserMediation()'

Currently, we're looking for an exact origin match between a stored
PasswordForm and the page which called 'requireUserMediation()'. We ought
to be looking for a match between their registrable domains, given that
we allow credentials to flow ~freely between these origins.

This patch tightens the check accordingly.

BUG=607858
R=vabr@chromium.org

Review-Url: https://codereview.chromium.org/1928323002
Cr-Commit-Position: refs/heads/master@{#390618}
(cherry picked from commit 3aa4344859e35071117a4278663eecf4f3ea9d17)

Committed: https://chromium.googlesource.com/chromium/src/+/fe25aa3b45a73b0fe824a0657dba755195d44e39

[vabr (Chromium), 2016-05-02 09:18:55]

vabr@chromium.org changed reviewers:
+ mkwst@chromium.org

[vabr (Chromium), 2016-05-02 09:18:55]

Hi Mike,

This is your https://codereview.chromium.org/1928323002 being berged to 2704. I
manually merged the unittest, which changed name since 2704, the rest was
automatic.

Going to land this and observe the builders.

Cheers,
Vaclav

[Mike West, 2016-05-02 09:19:39]

Thank you, LGTM.

[vabr (Chromium), 2016-05-02 09:21:47]

Description was changed from

==========
CREDENTIAL: Tighten the behavior of 'requireUserMediation()'

Currently, we're looking for an exact origin match between a stored
PasswordForm and the page which called 'requireUserMediation()'. We ought
to be looking for a match between their registrable domains, given that
we allow credentials to flow ~freely between these origins.

This patch tightens the check accordingly.

BUG=607858
R=vabr@chromium.org

Review-Url: https://codereview.chromium.org/1928323002
Cr-Commit-Position: refs/heads/master@{#390618}
(cherry picked from commit 3aa4344859e35071117a4278663eecf4f3ea9d17)
==========

to

==========
CREDENTIAL: Tighten the behavior of 'requireUserMediation()'

Currently, we're looking for an exact origin match between a stored
PasswordForm and the page which called 'requireUserMediation()'. We ought
to be looking for a match between their registrable domains, given that
we allow credentials to flow ~freely between these origins.

This patch tightens the check accordingly.

BUG=607858
R=vabr@chromium.org

Review-Url: https://codereview.chromium.org/1928323002
Cr-Commit-Position: refs/heads/master@{#390618}
(cherry picked from commit 3aa4344859e35071117a4278663eecf4f3ea9d17)

Committed:
https://chromium.googlesource.com/chromium/src/+/fe25aa3b45a73b0fe824a0657dba...
==========

[vabr (Chromium), 2016-05-02 09:21:48]

Committed patchset #1 (id:1) manually as
fe25aa3b45a73b0fe824a0657dba755195d44e39.