Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2209113002:
Change wildcard source expression matching to conform latest spec (Closed)
|
Created:
4 years, 4 months ago by Sergey Shekyan Modified:
4 years, 4 months ago CC:
achuith+watch_chromium.org, apacible+watch_chromium.org, arv+watch_chromium.org, blink-reviews, chromium-reviews, dzhioev+watch_chromium.org, media-router+watch_chromium.org, oshima+watch_chromium.org Base URL:
https://chromium.googlesource.com/chromium/src.git@master Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionChange wildcard source expression matching to conform latest spec
This patch changes wildcard source expression matching to require
schemes other than http/https/ws/wss be explicitly present
in the source list to match, per
https://w3c.github.io/webappsec-csp/#match-url-to-source-expression
This also updates CSP injected in inline_login_ui.cc to explicitly allow
`chrome:` as in `connect-src * chrome:` to fix failing tests.
This also changes Content Security Policy in manifests of Feedback and
PDF Viewer extensions to allow objects from `file:`.
BUG=611314
R=mkwst@chromium.org
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation
Committed: https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b
Cr-Commit-Position: refs/heads/master@{#410566}
Patch Set 1 #Patch Set 2 : Change wildcard source expression matching to conform latest spec #Patch Set 3 : Test to ensure PDF loads from URL with `file:` scheme #
Total comments: 5
Patch Set 4 : Test to ensure PDF loads from URL with `file:` scheme + addressed comments #Patch Set 5 : Renamed a variable to stay consistent with the rest of the file #
Total comments: 3
Patch Set 6 : Addressed comment on introducing `test_data_file` #Patch Set 7 : Adjust CSP of feedback extension #
Messages
Total messages: 53 (24 generated)
Description was changed from ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org ========== to ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation ==========
The CQ bit was checked by shekyan@gmail.com to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Mike, I'd be happy to write tests for extensions, but can you please suggest on where is it better be tested?
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
mkwst@chromium.org changed reviewers: + jam@chromium.org, jochen@chromium.org
+jochen@, jam@, who might have a good idea where to land a test for PDFium. Relanding the actual change LGTM.
Description was changed from ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation ========== to ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation ==========
jam@chromium.org changed reviewers: + thestig@chromium.org - jam@chromium.org
On 2016/08/04 11:24:00, Mike West wrote: > +jochen@, jam@, who might have a good idea where to land a test for PDFium. Adding thestig. I'm not sure what kind of test you're looking for (i.e. unit? browser_test?) so hard to say. > > Relanding the actual change LGTM.
On 2016/08/04 18:13:15, jam wrote: > On 2016/08/04 11:24:00, Mike West wrote: > > +jochen@, jam@, who might have a good idea where to land a test for PDFium. > > I'm not sure what kind of test you're looking for (i.e. unit? browser_test?) so > hard to say. I'm guessing you want a test for the Chrome PDF Viewer to load a PDF off disk? If yes, try chrome/browser/pdf/pdf_extension_test.cc. Right now all the test cases there are loading PDFs off disk indirectly via an EmbeddedTestServer. Should be easy to add a new test case to load off disk directly.
BTW, for future CLs - when relanding, upload the reverted CL as patch set 1, and the new CL as patch set 2. Then reviewers can easily see the difference.
lgtm
On 2016/08/04 18:21:17, Lei Zhang wrote: > I'm guessing you want a test for the Chrome PDF Viewer to load a PDF off disk? > If yes, try chrome/browser/pdf/pdf_extension_test.cc. Right now all the test > cases there are loading PDFs off disk indirectly via an EmbeddedTestServer. > Should be easy to add a new test case to load off disk directly. And If you would like me to write a load PDF off disk test, please say so.
On 2016/08/05 19:04:06, Lei Zhang wrote: > On 2016/08/04 18:21:17, Lei Zhang wrote: > > I'm guessing you want a test for the Chrome PDF Viewer to load a PDF off disk? > > If yes, try chrome/browser/pdf/pdf_extension_test.cc. Right now all the test > > cases there are loading PDFs off disk indirectly via an EmbeddedTestServer. > > Should be easy to add a new test case to load off disk directly. > > And If you would like me to write a load PDF off disk test, please say so. Thank you for suggestions and the advice. I am traveling now and will be back tomorrow and hope to write tests down tomorrow. I'll let you know if I am stuck.
The CQ bit was checked by shekyan@gmail.com to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
I don't think there are any tests around feedback component.
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
On 2016/08/04 18:21:17, Lei Zhang wrote: > On 2016/08/04 18:13:15, jam wrote: > > On 2016/08/04 11:24:00, Mike West wrote: > > > +jochen@, jam@, who might have a good idea where to land a test for PDFium. > > > > I'm not sure what kind of test you're looking for (i.e. unit? browser_test?) > so > > hard to say. > > I'm guessing you want a test for the Chrome PDF Viewer to load a PDF off disk? > If yes, try chrome/browser/pdf/pdf_extension_test.cc. Right now all the test > cases there are loading PDFs off disk indirectly via an EmbeddedTestServer. > Should be easy to add a new test case to load off disk directly. Added the test for loading PDF from 'file:'.
Thanks for adding the test. https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... File chrome/browser/pdf/pdf_extension_test.cc (right): https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:470: ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &test_dir)); You can do PathService::Get(chrome::DIR_TEST_DATA, ...) and skip the next 3 lines. https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:475: test_dir = test_dir.AppendASCII("test.pdf"); Please sanity check and make sure the final FilePath exists.
https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... File chrome/browser/pdf/pdf_extension_test.cc (right): https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:470: ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &test_dir)); On 2016/08/08 23:16:24, Lei Zhang wrote: > You can do PathService::Get(chrome::DIR_TEST_DATA, ...) and skip the next 3 > lines. I assumed so too, but unfortunately, path set by PathService::Get(chrome::DIR_TEST_DATA, ...) is like `file:///path_to_my_chromium_source_code/src/base/test/data/pdf/test.pdf`, where `base` doesn't exist. What would you suggest? https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:475: test_dir = test_dir.AppendASCII("test.pdf"); On 2016/08/08 23:16:24, Lei Zhang wrote: > Please sanity check and make sure the final FilePath exists. Acknowledged.
https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... File chrome/browser/pdf/pdf_extension_test.cc (right): https://codereview.chromium.org/2209113002/diff/40001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:470: ASSERT_TRUE(PathService::Get(base::DIR_SOURCE_ROOT, &test_dir)); On 2016/08/08 23:55:42, Sergey Shekyan wrote: > On 2016/08/08 23:16:24, Lei Zhang wrote: > > You can do PathService::Get(chrome::DIR_TEST_DATA, ...) and skip the next 3 > > lines. > > I assumed so too, but unfortunately, path set by > PathService::Get(chrome::DIR_TEST_DATA, ...) is like > `file:///path_to_my_chromium_source_code/src/base/test/data/pdf/test.pdf`, where > `base` doesn't exist. > > What would you suggest? Really? Because we use just that in several places above. Did you putin base::DIR_TEST_DATA instead of chrome::DIR_TEST_DATA?
On 2016/08/08 23:57:16, Lei Zhang wrote: > Really? Because we use just that in several places above. Did you putin > base::DIR_TEST_DATA instead of chrome::DIR_TEST_DATA? s/putin/put in/ :)
On 2016/08/08 23:57:37, Lei Zhang wrote: > On 2016/08/08 23:57:16, Lei Zhang wrote: > > Really? Because we use just that in several places above. Did you putin > > base::DIR_TEST_DATA instead of chrome::DIR_TEST_DATA? > > s/putin/put in/ :) You are right, I missed the `chrome::` part and used `base::` .
On 2016/08/09 00:00:22, Sergey Shekyan wrote: > You are right, I missed the `chrome::` part and used `base::` . Great. Looking forward to patch set 4.
On 2016/08/09 00:02:20, Lei Zhang wrote: > On 2016/08/09 00:00:22, Sergey Shekyan wrote: > > You are right, I missed the `chrome::` part and used `base::` . > > Great. Looking forward to patch set 4. 4 and 5 :)
On 2016/08/09 00:07:04, Sergey Shekyan wrote: > On 2016/08/09 00:02:20, Lei Zhang wrote: > > On 2016/08/09 00:00:22, Sergey Shekyan wrote: > > > You are right, I missed the `chrome::` part and used `base::` . > > > > Great. Looking forward to patch set 4. > > 4 and 5 :) In patch set 5, I renamed `test_dir` to `test_data_dir` to be consistent.
Just double checking locally to make sure the new PDF test fails when the reverted CL is applied. https://codereview.chromium.org/2209113002/diff/80001/chrome/browser/pdf/pdf_... File chrome/browser/pdf/pdf_extension_test.cc (right): https://codereview.chromium.org/2209113002/diff/80001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:472: test_data_dir = test_data_dir.AppendASCII("test.pdf"); Maybe make a new base::FilePath test_data_file variable here, so the 2 lines below can refer to test_data_file and it reads a little bit better.
On 2016/08/09 00:28:45, Lei Zhang wrote: > Just double checking locally to make sure the new PDF test fails when the > reverted CL is applied. Verified locally -> new test case LGTM.
https://codereview.chromium.org/2209113002/diff/80001/chrome/browser/pdf/pdf_... File chrome/browser/pdf/pdf_extension_test.cc (right): https://codereview.chromium.org/2209113002/diff/80001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:472: test_data_dir = test_data_dir.AppendASCII("test.pdf"); On 2016/08/09 00:28:45, Lei Zhang wrote: > Maybe make a new base::FilePath test_data_file variable here, so the 2 lines > below can refer to test_data_file and it reads a little bit better. Acknowledged. https://codereview.chromium.org/2209113002/diff/80001/chrome/browser/pdf/pdf_... chrome/browser/pdf/pdf_extension_test.cc:472: test_data_dir = test_data_dir.AppendASCII("test.pdf"); On 2016/08/09 00:28:45, Lei Zhang wrote: > Maybe make a new base::FilePath test_data_file variable here, so the 2 lines > below can refer to test_data_file and it reads a little bit better. Done.
The CQ bit was checked by shekyan@gmail.com
The patchset sent to the CQ was uploaded after l-g-t-m from jochen@chromium.org, mkwst@chromium.org, thestig@chromium.org Link to the patchset: https://codereview.chromium.org/2209113002/#ps100001 (title: "Addressed comment on introducing `test_data_file`")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: chromeos_amd64-generic_chromium_compile_only_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/chromeos_amd64-...)
The CQ bit was checked by shekyan@gmail.com to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
The CQ bit was checked by shekyan@gmail.com
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Description was changed from ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation ========== to ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation ==========
Message was sent while issue was closed.
Committed patchset #6 (id:100001)
Message was sent while issue was closed.
Description was changed from ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation ========== to ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation Committed: https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b Cr-Commit-Position: refs/heads/master@{#410566} ==========
Message was sent while issue was closed.
Patchset 6 (id:??) landed as https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b Cr-Commit-Position: refs/heads/master@{#410566}
Message was sent while issue was closed.
Description was changed from ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation Committed: https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b Cr-Commit-Position: refs/heads/master@{#410566} ========== to ========== Change wildcard source expression matching to conform latest spec This patch changes wildcard source expression matching to require schemes other than http/https/ws/wss be explicitly present in the source list to match, per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression This also updates CSP injected in inline_login_ui.cc to explicitly allow `chrome:` as in `connect-src * chrome:` to fix failing tests. This also changes Content Security Policy in manifests of Feedback and PDF Viewer extensions to allow objects from `file:`. BUG=611314 R=mkwst@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:closure_compilation Committed: https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b Cr-Commit-Position: refs/heads/master@{#410566} ==========
Message was sent while issue was closed.
shekyan@gmail.com changed reviewers: + jww@chromium.org
Message was sent while issue was closed.
On 2016/08/09 03:42:05, commit-bot: I haz the power wrote: > Patchset 6 (id:??) landed as > https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b > Cr-Commit-Position: refs/heads/master@{#410566} jww@, all other reviewers are OOO, can you please take a look? I am not sure if I can update already landed CL, or I need to revert and land again with the last patch set.
Message was sent while issue was closed.
On 2016/08/10 17:05:06, Sergey Shekyan wrote: > On 2016/08/09 03:42:05, commit-bot: I haz the power wrote: > > Patchset 6 (id:??) landed as > > https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b > > Cr-Commit-Position: refs/heads/master@{#410566} > > jww@, all other reviewers are OOO, can you please take a look? I am not sure if > I can update already landed CL, or I need to revert and land again with the last > patch set. Just start a new CL for the changes in patch set 7.
Message was sent while issue was closed.
On 2016/08/10 17:12:51, Lei Zhang (Soon to be OOO) wrote: > On 2016/08/10 17:05:06, Sergey Shekyan wrote: > > On 2016/08/09 03:42:05, commit-bot: I haz the power wrote: > > > Patchset 6 (id:??) landed as > > > https://crrev.com/39d12f5665910578d2e18251a0225a7aebe6964b > > > Cr-Commit-Position: refs/heads/master@{#410566} > > > > jww@, all other reviewers are OOO, can you please take a look? I am not sure > if > > I can update already landed CL, or I need to revert and land again with the > last > > patch set. > > Just start a new CL for the changes in patch set 7. Indeed, as thestig@ says, that's the best approach. Happy to take a look at that patch set once it's up. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
