Issue 2046733003: Replicate WebInsecureRequestPolicy instead of a bool for strict mixed content checks.

Issue 2046733003: Replicate WebInsecureRequestPolicy instead of a bool for strict mixed content checks. (Closed)

Created:
4 years, 6 months ago by Mike West

Modified:
4 years, 6 months ago

Reviewers:
Yoav Weiss, jochen (gone - plz use gerrit), alexmos

CC:
blink-reviews, blink-reviews-api_chromium.org, blink-reviews-dom_chromium.org, chromium-reviews, creis+watch_chromium.org, darin-cc_chromium.org, dcheng, dglazkov+blink, eae+blinkwatch, gavinp+loader_chromium.org, jam, Nate Chapin, kinuko+watch, loading-reviews_chromium.org, mkwst+moarreviews-renderer_chromium.org, mlamouri+watch-content_chromium.org, mlamouri+watch-blink_chromium.org, nasko+codewatch_chromium.org, rwlbuis, sof, site-isolation-reviews_chromium.org, tyoshino+watch_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@securitycontext

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Replicate WebInsecureRequestPolicy instead of a bool for strict mixed content checks. This patch is huge, but fairly mechanically replaces the bool sitting on the replicated frame state with WebInsecureRequestPolicy (which is currently a bitfield, but will eventually be an enum once https://crbug.com/617584 is addressed). This bitfield holds both 'upgrade-insecure-requests' and 'block-all-mixed-content' state, which means we can take care of replicating both in one shot. [Step 1]: https://codereview.chromium.org/2046523005 [Step 2]: https://codereview.chromium.org/2040133003 [Step 3]: This patch. BUG=617947 CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_site_isolation Committed: https://crrev.com/f672e7ef4c5e3227c2874447ad992dc06f48337d Cr-Commit-Position: refs/heads/master@{#399008}

Patch Set 1 #

Total comments: 14

Patch Set 2 : alexmos@ #

Created: 4 years, 6 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+179 lines, -129 lines)			Patch
M	content/browser/DEPS	View		1 chunk	+1 line, -0 lines	0 comments	Download
M	content/browser/frame_host/frame_tree_node.h	View		2 chunks	+4 lines, -3 lines	0 comments	Download
M	content/browser/frame_host/frame_tree_node.cc	View		1 chunk	+5 lines, -7 lines	0 comments	Download
M	content/browser/frame_host/navigator_impl.cc	View		1 chunk	+2 lines, -2 lines	0 comments	Download
M	content/browser/frame_host/render_frame_host_impl.h	View		2 chunks	+2 lines, -1 line	0 comments	Download
M	content/browser/frame_host/render_frame_host_impl.cc	View		2 chunks	+5 lines, -4 lines	0 comments	Download
M	content/browser/frame_host/render_frame_host_manager.h	View		1 chunk	+3 lines, -3 lines	0 comments	Download
M	content/browser/frame_host/render_frame_host_manager.cc	View		1 chunk	+4 lines, -4 lines	0 comments	Download
M	content/browser/frame_host/render_frame_host_manager_unittest.cc	View	1	6 chunks	+35 lines, -30 lines	0 comments	Download
M	content/browser/site_per_process_browsertest.cc	View	1	2 chunks	+52 lines, -12 lines	0 comments	Download
M	content/common/DEPS	View		1 chunk	+1 line, -0 lines	0 comments	Download
M	content/common/frame_messages.h	View		5 chunks	+14 lines, -15 lines	0 comments	Download
M	content/common/frame_replication_state.h	View	1	3 chunks	+6 lines, -5 lines	0 comments	Download
M	content/common/frame_replication_state.cc	View		2 chunks	+3 lines, -4 lines	0 comments	Download
M	content/renderer/render_frame_impl.h	View		1 chunk	+2 lines, -1 line	0 comments	Download
M	content/renderer/render_frame_impl.cc	View		2 chunks	+4 lines, -4 lines	0 comments	Download
M	content/renderer/render_frame_proxy.h	View	1	2 chunks	+2 lines, -1 line	0 comments	Download
M	content/renderer/render_frame_proxy.cc	View		3 chunks	+6 lines, -8 lines	0 comments	Download
A +	content/test/data/mixed-content/basic-passive-in-iframe-with-upgrade.html	View		1 chunk	+1 line, -1 line	0 comments	Download
M	content/test/test_render_frame_host.h	View		1 chunk	+1 line, -1 line	0 comments	Download
M	content/test/test_render_frame_host.cc	View		1 chunk	+3 lines, -2 lines	0 comments	Download
M	third_party/WebKit/Source/core/dom/Document.cpp	View		1 chunk	+2 lines, -3 lines	0 comments	Download
M	third_party/WebKit/Source/core/loader/FrameLoaderClient.h	View		2 chunks	+2 lines, -1 line	0 comments	Download
M	third_party/WebKit/Source/web/FrameLoaderClientImpl.h	View		2 chunks	+2 lines, -1 line	0 comments	Download
M	third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp	View		1 chunk	+2 lines, -2 lines	0 comments	Download
M	third_party/WebKit/Source/web/WebFrame.cpp	View		2 chunks	+2 lines, -3 lines	0 comments	Download
M	third_party/WebKit/Source/web/WebRemoteFrameImpl.h	View		2 chunks	+2 lines, -1 line	0 comments	Download
M	third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp	View		1 chunk	+2 lines, -4 lines	0 comments	Download
M	third_party/WebKit/public/web/WebFrame.h	View		2 chunks	+3 lines, -2 lines	0 comments	Download
M	third_party/WebKit/public/web/WebFrameClient.h	View	1	2 chunks	+3 lines, -2 lines	0 comments	Download
M	third_party/WebKit/public/web/WebRemoteFrame.h	View		2 chunks	+3 lines, -2 lines	0 comments	Download

Depends on Patchset:

Issue 2040133003 Patch 20001

Dependent Patchsets:

Issue 2053593002 Patch 1

Issue 2053693002 Patch 1

Messages

Total messages: 16 (6 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

Mike West

Description was changed from ========== Replicate WebInsecureRequestPolicy instead of a bool for strict mixed content ...

4 years, 6 months ago (2016-06-07 13:53:23 UTC) #1

Mike West

yoav@: This is the last in the series you've been looking at today. Would you ...

4 years, 6 months ago (2016-06-07 13:55:55 UTC) #3

Yoav Weiss

https://codereview.chromium.org/2046733003/diff/1/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp File third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp (right): https://codereview.chromium.org/2046733003/diff/1/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp#newcode664 third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp:664: frame()->securityContext()->setInsecureRequestPolicy(policy); Is merging of both policies no longer required?

4 years, 6 months ago (2016-06-07 14:13:14 UTC) #4

Mike West

Apparently I didn't compile all targets. *sigh* I'll fix that tomorrow. :) https://codereview.chromium.org/2046733003/diff/1/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp File third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp ...

4 years, 6 months ago (2016-06-07 15:56:24 UTC) #5

alexmos

Thanks for updating this! Just a few nits below. LGTM once the unit test compile ...

4 years, 6 months ago (2016-06-07 19:00:06 UTC) #6

Mike West

Description was changed from ========== Replicate WebInsecureRequestPolicy instead of a bool for strict mixed content ...

4 years, 6 months ago (2016-06-08 07:00:27 UTC) #7

Mike West

Thanks Alex! Addressed nits, fixed compilation error. Let's see what the bots say. https://codereview.chromium.org/2046733003/diff/1/content/browser/frame_host/render_frame_host_manager_unittest.cc File ...

4 years, 6 months ago (2016-06-08 07:21:12 UTC) #8

Yoav Weiss

On 2016/06/07 15:56:24, Mike West (OOO until 30th) wrote: > Apparently I didn't compile all ...

4 years, 6 months ago (2016-06-08 07:54:43 UTC) #9

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/2046733003/20001

4 years, 6 months ago (2016-06-09 17:54:04 UTC) #13

commit-bot: I haz the power

Description was changed from ========== Replicate WebInsecureRequestPolicy instead of a bool for strict mixed content ...

4 years, 6 months ago (2016-06-09 20:53:20 UTC) #15

commit-bot: I haz the power

4 years, 6 months ago (2016-06-09 20:53:22 UTC) #16

Message was sent while issue was closed.

Patchset 2 (id:??) landed as
https://crrev.com/f672e7ef4c5e3227c2874447ad992dc06f48337d
Cr-Commit-Position: refs/heads/master@{#399008}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages