Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(657)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2557063002: Upgrade Insecure Requests: bugfixes, tests, and support for OOPIF.

Created:
4 years ago by arthursonzogni
Modified:
4 years ago
Reviewers:
Mike West, nasko
CC:
chromium-reviews, mlamouri+watch-content_chromium.org, tyoshino+watch_chromium.org, sof, creis+watch_chromium.org, mlamouri+watch-blink_chromium.org, eae+blinkwatch, nasko+codewatch_chromium.org, jam, dcheng, blink-reviews-api_chromium.org, blink-reviews-dom_chromium.org, dglazkov+blink, darin-cc_chromium.org, gavinp+loader_chromium.org, blink-reviews, kinuko+watch, Nate Chapin, loading-reviews_chromium.org, rwlbuis, clamy, site-isolation-reviews_chromium.org
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Upgrade Insecure Requests: bugfixes, tests, and support for OOPIF. This CL fixes several bugs with Upgrade Insecure Requests. The main one is that URL were compared against the 'upgrade insecure navigation set' of the frame that is navigating instead of the frame that initiated the navigation. 8 new tests are added to ensure that regressions won't happen. Finally, it adds the support for OOPIF. The 'upgrade insecure navigations set' is now replicated across the different processes. CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation BUG=670219

Patch Set 1 : Upgrade Insecure Requests: bugfixes, tests, and support for OOPIF. #

Total comments: 5

Patch Set 2 : Addressed comments (@nasko). #

Total comments: 4

Patch Set 3 : Addressed comments (@nasko #2). #

Unified diffs Side-by-side diffs Delta from patch set Stats (+391 lines, -34 lines) Patch
M content/browser/frame_host/frame_tree_node.h View 1 1 chunk +2 lines, -0 lines 0 comments Download
M content/browser/frame_host/frame_tree_node.cc View 1 2 2 chunks +11 lines, -0 lines 0 comments Download
M content/browser/frame_host/navigator_impl.cc View 1 chunk +3 lines, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_host_impl.h View 1 1 chunk +1 line, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_host_impl.cc View 1 2 chunks +7 lines, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_host_manager.h View 1 1 chunk +5 lines, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_host_manager.cc View 1 1 chunk +11 lines, -0 lines 0 comments Download
M content/common/frame_messages.h View 1 2 4 chunks +18 lines, -0 lines 0 comments Download
M content/common/frame_replication_state.h View 1 2 chunks +13 lines, -6 lines 0 comments Download
M content/common/frame_replication_state.cc View 1 2 chunks +2 lines, -0 lines 0 comments Download
M content/renderer/render_frame_impl.h View 1 1 chunk +2 lines, -0 lines 0 comments Download
M content/renderer/render_frame_impl.cc View 1 2 chunks +6 lines, -0 lines 0 comments Download
M content/renderer/render_frame_proxy.h View 1 1 chunk +1 line, -0 lines 0 comments Download
M content/renderer/render_frame_proxy.cc View 1 3 chunks +9 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/basic-link-no-upgrade.https.php View 1 chunk +25 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/basic-link-no-upgrade.https-expected.txt View 1 chunk +1 line, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/basic-link-upgrade.https.php View 1 chunk +26 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/basic-link-upgrade.https-expected.txt View 1 chunk +1 line, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-no-upgrade-2.https.php View 1 chunk +22 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-no-upgrade-2.https-expected.txt View 1 chunk +1 line, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-no-upgrade.https.php View 1 chunk +25 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-no-upgrade.https-expected.txt View 1 chunk +1 line, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-upgrade-2.https.php View 1 chunk +23 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-upgrade-2.https-expected.txt View 1 chunk +1 line, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-upgrade.https.php View 1 chunk +26 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/iframe-top-navigation-upgrade.https-expected.txt View 1 chunk +1 line, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/resources/navigate-top-frame.php View 1 chunk +8 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/http/tests/security/upgrade-insecure-requests/resources/navigate-top-frame-upgrade.php View 1 chunk +11 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/dom/Document.h View 1 chunk +1 line, -0 lines 0 comments Download
M third_party/WebKit/Source/core/dom/Document.cpp View 1 chunk +11 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/dom/SecurityContext.h View 2 chunks +7 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/dom/SecurityContext.cpp View 1 chunk +13 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/frame/Frame.h View 1 chunk +2 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/frame/Frame.cpp View 2 chunks +26 lines, -1 line 0 comments Download
M third_party/WebKit/Source/core/frame/LocalFrame.cpp View 1 chunk +4 lines, -1 line 0 comments Download
M third_party/WebKit/Source/core/frame/RemoteFrame.cpp View 1 chunk +4 lines, -1 line 0 comments Download
M third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp View 1 chunk +2 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/loader/FrameLoader.h View 2 chunks +2 lines, -2 lines 0 comments Download
M third_party/WebKit/Source/core/loader/FrameLoader.cpp View 3 chunks +24 lines, -23 lines 0 comments Download
M third_party/WebKit/Source/core/loader/FrameLoaderClient.h View 1 chunk +1 line, -0 lines 0 comments Download
M third_party/WebKit/Source/web/FrameLoaderClientImpl.h View 1 chunk +1 line, -0 lines 0 comments Download
M third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp View 1 chunk +7 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/WebFrame.cpp View 1 chunk +7 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/WebRemoteFrameImpl.h View 1 chunk +2 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp View 1 chunk +6 lines, -0 lines 0 comments Download
M third_party/WebKit/public/web/WebFrame.h View 1 chunk +3 lines, -0 lines 0 comments Download
M third_party/WebKit/public/web/WebFrameClient.h View 1 chunk +3 lines, -0 lines 0 comments Download
M third_party/WebKit/public/web/WebRemoteFrame.h View 1 chunk +2 lines, -0 lines 0 comments Download

Messages

Total messages: 12 (6 generated)
arthursonzogni
Hi @mkwst and @nasko, @mkwst: Contrary to what I told you, it isn't a PlzNavigate-only ...
4 years ago (2016-12-07 13:51:26 UTC) #4
nasko
The content bits look good overall with a couple of minor comments. However, I don't ...
4 years ago (2016-12-08 22:45:44 UTC) #5
arthursonzogni
Thanks Nasko! https://codereview.chromium.org/2557063002/diff/40001/content/browser/frame_host/frame_tree_node.h File content/browser/frame_host/frame_tree_node.h (right): https://codereview.chromium.org/2557063002/diff/40001/content/browser/frame_host/frame_tree_node.h#newcode171 content/browser/frame_host/frame_tree_node.h:171: const std::vector<unsigned>& insecure_navigations_set); On 2016/12/08 22:45:44, nasko ...
4 years ago (2016-12-09 11:06:50 UTC) #8
nasko
On 2016/12/09 11:06:50, arthursonzogni wrote: > Thanks Nasko! > > https://codereview.chromium.org/2557063002/diff/40001/content/browser/frame_host/frame_tree_node.h > File content/browser/frame_host/frame_tree_node.h (right): ...
4 years ago (2016-12-09 15:39:54 UTC) #9
nasko
content/ LGTM with a couple of nits. https://codereview.chromium.org/2557063002/diff/100001/content/browser/frame_host/frame_tree_node.cc File content/browser/frame_host/frame_tree_node.cc (right): https://codereview.chromium.org/2557063002/diff/100001/content/browser/frame_host/frame_tree_node.cc#newcode105 content/browser/frame_host/frame_tree_node.cc:105: std::vector<uint32_t>() /* ...
4 years ago (2016-12-12 23:11:30 UTC) #10
arthursonzogni
4 years ago (2016-12-13 10:43:37 UTC) #12 
Thanks Nasko!

Now, it remains @mkwst's review for the remaining files in /third_party/Webkit.
It's essentially checking the tests and that the two functions
* FrameLoader::upgradeInsecureRequest(originDocument)
* Frame::UpgradeInsecureRequest(url)
are corrects.

https://codereview.chromium.org/2557063002/diff/100001/content/browser/frame_...
File content/browser/frame_host/frame_tree_node.cc (right):

https://codereview.chromium.org/2557063002/diff/100001/content/browser/frame_...
content/browser/frame_host/frame_tree_node.cc:105: std::vector<uint32_t>() /*
insecure url to upgrade */,
On 2016/12/12 23:11:30, nasko (very slow til Dec 13th) wrote:
> nit: since this is a vector, shouldn't url be plural? "urls"

Done.

https://codereview.chromium.org/2557063002/diff/100001/content/common/frame_m...
File content/common/frame_messages.h (right):

https://codereview.chromium.org/2557063002/diff/100001/content/common/frame_m...
content/common/frame_messages.h:752: std::vector<uint32_t>)
On 2016/12/12 23:11:30, nasko (very slow til Dec 13th) wrote:
> nit: The parameter name should be added as a comment - /* param_name */

Done.

Powered by Google App Engine
This is Rietveld 408576698