Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(12)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2526473005: Part 4.1: Is policy list subsumed under subsuming policy? (Closed)

Created:
4 years ago by amalika
Modified:
4 years ago
CC:
blink-reviews, chromium-reviews, gavinp+loader_chromium.org, Nate Chapin, loading-reviews_chromium.org, tyoshino+watch_chromium.org
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Part 4.1: Is policy list subsumed under subsuming policy? This CL is part of an experimental feature Embedding-CSP. In particular, we add support for CSP level and layout tests. Main points: - Filter returned CSP by `enforce` type - Add check for subsumption in DocumentLoader - Set `self` for Embedding-CSP. BUG=647588 Committed: https://crrev.com/761fe2ef2f851eb9980dd1064fef65d42ef7628b Cr-Commit-Position: refs/heads/master@{#435927}

Patch Set 1 #

Total comments: 10

Patch Set 2 : Addressing comments #

Patch Set 3 : Checking selfSource is not `null` #

Patch Set 4 : Making changes to address meaning of `self` #

Patch Set 5 : Rebasing on master #

Unified diffs Side-by-side diffs Delta from patch set Stats (+598 lines, -13 lines) Patch
A third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/embeddedEnforcement/subsumption_algorithm-general.html View 1 chunk +57 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/embeddedEnforcement/subsumption_algorithm-protocols-paths.html View 1 chunk +125 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/embeddedEnforcement/subsumption_algorithm-self.html View 1 2 3 1 chunk +108 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/embeddedEnforcement/subsumption_algorithm-wildcards-in-hosts-ports.html View 1 chunk +181 lines, -0 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/resources/child-csp-test.js View 2 chunks +17 lines, -3 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/resources/respond-with-multiple-csp-headers.php View 1 chunk +40 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h View 1 1 chunk +6 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp View 1 1 chunk +16 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp View 1 1 chunk +31 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/loader/DocumentLoader.cpp View 1 2 3 4 1 chunk +17 lines, -10 lines 0 comments Download

Depends on Patchset:

Issue 2519103005 Patch 440001

Messages

Total messages: 19 (10 generated)
amalika
https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp File third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp (right): https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp#newcode1569 third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp:1569: DCHECK(m_policies.size(), 1u); Since Embedding-CSP can't be more than just ...
4 years ago (2016-11-28 11:56:22 UTC) #2
Mike West
Looks pretty good. Just minor questions. https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp File third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp (right): https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp#newcode1569 third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp:1569: DCHECK(m_policies.size(), 1u); On ...
4 years ago (2016-11-28 13:08:02 UTC) #3
amalika
https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp File third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp (right): https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp#newcode1569 third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp:1569: DCHECK(m_policies.size(), 1u); On 2016/11/28 at 13:08:02, Mike West (slow) ...
4 years ago (2016-11-29 12:43:52 UTC) #4
Mike West
On 2016/11/29 at 12:43:52, amalika wrote: > https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp > File third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp (right): > > https://codereview.chromium.org/2526473005/diff/1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp#newcode1569 ...
4 years ago (2016-11-30 10:20:47 UTC) #5
amalika
Making changes to address meaning of `self`. (only changes in the LayoutTests for `self`)
4 years ago (2016-11-30 12:24:01 UTC) #7
Mike West
LGTM. :)
4 years ago (2016-11-30 21:58:09 UTC) #8
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2526473005/100001
4 years ago (2016-12-02 13:17:21 UTC) #15
commit-bot: I haz the power
Committed patchset #5 (id:100001)
4 years ago (2016-12-02 13:22:02 UTC) #17
commit-bot: I haz the power
4 years ago (2016-12-02 13:25:53 UTC) #19
Message was sent while issue was closed. 
Patchset 5 (id:??) landed as
https://crrev.com/761fe2ef2f851eb9980dd1064fef65d42ef7628b
Cr-Commit-Position: refs/heads/master@{#435927}

Powered by Google App Engine
This is Rietveld 408576698