Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(346)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2551893002: Upgrade-Insecure-Requests: Split CSP checks into pre-upgrade and post-upgrade.

Created:
4 years ago by Mike West
Modified:
4 years ago
Reviewers:
elawrence
CC:
chromium-reviews, kinuko+worker_chromium.org, jsbell+serviceworker_chromium.org, tyoshino+watch_chromium.org, tzik, shimazu+serviceworker_chromium.org, tfarina, serviceworker-reviews, Yoav Weiss, nhiroki, shimazu+worker_chromium.org, haraken, loading-reviews_chromium.org, michaeln, kinuko+serviceworker, gavinp+loader_chromium.org, horo+watch_chromium.org, blink-reviews, loading-reviews+fetch_chromium.org, falken+watch_chromium.org, Nate Chapin, blink-worker-reviews_chromium.org
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Upgrade-Insecure-Requests: Split CSP checks into pre-upgrade and post-upgrade. Currently, we're only sending reports if a resource upgraded through 'Upgrade-Insecure-Requests' violates a policy after it's upgraded. As spelled out in [1], we ought to be sending reports on the pre-upgraded URL in order to facilitate finding/fixing bugs. [1]: https://w3c.github.io/webappsec-upgrade-insecure-requests/#reporting-upgrades BUG=625156 R=elawrence@chromium.org

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+270 lines, -120 lines) Patch
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/import-multiple-blocked.php View 1 chunk +2 lines, -8 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/import-reportonly-allowed.php View 1 chunk +1 line, -7 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-blocked-uri-cross-origin-expected.txt View 2 chunks +2 lines, -2 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-blocked-uri-expected.txt View 2 chunks +2 lines, -2 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-multiple-violations-01-expected.txt View 1 chunk +2 lines, -2 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-original-url.php View 3 chunks +34 lines, -3 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-uri-multiple-expected.txt View 1 chunk +2 lines, -2 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-uri-multiple-reversed-expected.txt View 1 chunk +2 lines, -2 lines 0 comments Download
M third_party/WebKit/Source/core/fetch/FetchContext.h View 2 chunks +10 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/fetch/ResourceFetcher.cpp View 3 chunks +12 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h View 3 chunks +47 lines, -20 lines 0 comments Download
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp View 9 chunks +88 lines, -48 lines 0 comments Download
M third_party/WebKit/Source/core/loader/FrameFetchContext.h View 2 chunks +8 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/loader/FrameFetchContext.cpp View 3 chunks +43 lines, -20 lines 0 comments Download
M third_party/WebKit/Source/core/workers/AbstractWorker.cpp View 1 chunk +9 lines, -2 lines 0 comments Download
M third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp View 1 chunk +6 lines, -2 lines 0 comments Download

Messages

Total messages: 4 (4 generated)
Mike West
The CQ bit was checked by mkwst@chromium.org to run a CQ dry run
4 years ago (2016-12-05 14:04:34 UTC) #1
commit-bot: I haz the power
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2551893002/1
4 years ago (2016-12-05 14:04:47 UTC) #2
commit-bot: I haz the power
The CQ bit was unchecked by commit-bot@chromium.org
4 years ago (2016-12-05 15:16:32 UTC) #3
commit-bot: I haz the power
4 years ago (2016-12-05 15:16:33 UTC) #4 
Dry run: Try jobs failed on following builders:
  linux_chromium_rel_ng on master.tryserver.chromium.linux (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)

Powered by Google App Engine
This is Rietveld 408576698