Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(286)

Issue 2625773002: Reenable framebusting (Closed)

Created:
3 years, 11 months ago by Nate Chapin
Modified:
3 years, 11 months ago
Reviewers:
alexmos, dcheng, ojan
CC:
blink-reviews, blink-reviews-dom_chromium.org, chromium-reviews, darin-cc_chromium.org, dcheng, dglazkov+blink, eae+blinkwatch, gavinp+loader_chromium.org, jam, kinuko+watch, loading-reviews_chromium.org, mlamouri+watch-blink_chromium.org, rwlbuis, sof, tyoshino+watch_chromium.org
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Reenable framebusting Change user gesture tracking from per-document to per-frame. This allows user gesture state to survive navigation. BUG=624061 CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation Review-Url: https://codereview.chromium.org/2625773002 Cr-Commit-Position: refs/heads/master@{#444920} Committed: https://chromium.googlesource.com/chromium/src/+/61835ae17fb417e72d42d7e4829c755c5abdb578

Patch Set 1 #

Total comments: 3

Patch Set 2 : Replumbing #

Patch Set 3 : Fix unit tests #

Total comments: 1

Patch Set 4 : Rebase #

Patch Set 5 : Pass through FrameReplicationState #

Unified diffs Side-by-side diffs Delta from patch set Stats (+121 lines, -87 lines) Patch
M content/browser/frame_host/frame_tree_node.h View 1 2 3 4 1 chunk +2 lines, -0 lines 0 comments Download
M content/browser/frame_host/frame_tree_node.cc View 1 2 3 4 2 chunks +7 lines, -1 line 0 comments Download
M content/browser/frame_host/render_frame_host_impl.h View 1 2 3 1 chunk +1 line, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_host_impl.cc View 1 2 3 4 2 chunks +6 lines, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_host_manager.h View 1 1 chunk +2 lines, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_host_manager.cc View 1 2 3 1 chunk +7 lines, -0 lines 0 comments Download
M content/browser/frame_host/render_frame_proxy_host.h View 1 1 chunk +0 lines, -1 line 0 comments Download
M content/browser/frame_host/render_frame_proxy_host.cc View 1 2 chunks +0 lines, -6 lines 0 comments Download
M content/common/frame_messages.h View 1 2 3 2 chunks +3 lines, -3 lines 0 comments Download
M content/common/frame_replication_state.h View 1 2 3 4 2 chunks +5 lines, -1 line 0 comments Download
M content/common/frame_replication_state.cc View 1 2 3 4 3 chunks +6 lines, -3 lines 0 comments Download
M content/public/common/content_features.cc View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
M content/renderer/render_frame_impl.h View 1 2 3 2 chunks +1 line, -1 line 0 comments Download
M content/renderer/render_frame_impl.cc View 1 2 3 3 chunks +4 lines, -7 lines 0 comments Download
M content/renderer/render_frame_proxy.h View 1 2 3 2 chunks +1 line, -1 line 0 comments Download
M content/renderer/render_frame_proxy.cc View 1 2 3 4 4 chunks +8 lines, -4 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html View 1 chunk +3 lines, -3 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-user-gesture-in-parent-expected.txt View 1 chunk +5 lines, -2 lines 0 comments Download
M third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture-expected.txt View 1 chunk +7 lines, -3 lines 0 comments Download
M third_party/WebKit/Source/core/dom/Document.h View 1 2 3 2 chunks +0 lines, -5 lines 0 comments Download
M third_party/WebKit/Source/core/dom/Document.cpp View 1 2 3 1 chunk +0 lines, -1 line 0 comments Download
M third_party/WebKit/Source/core/dom/DocumentUserGestureToken.h View 1 2 2 chunks +5 lines, -6 lines 0 comments Download
M third_party/WebKit/Source/core/dom/DocumentUserGestureTokenTest.cpp View 2 chunks +5 lines, -5 lines 0 comments Download
M third_party/WebKit/Source/core/dom/Element.cpp View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
M third_party/WebKit/Source/core/frame/Frame.h View 1 2 3 3 chunks +4 lines, -2 lines 0 comments Download
M third_party/WebKit/Source/core/frame/Frame.cpp View 1 2 3 2 chunks +7 lines, -2 lines 0 comments Download
M third_party/WebKit/Source/core/frame/LocalFrame.h View 1 2 3 1 chunk +0 lines, -1 line 0 comments Download
M third_party/WebKit/Source/core/frame/LocalFrame.cpp View 1 2 3 1 chunk +0 lines, -5 lines 0 comments Download
M third_party/WebKit/Source/core/frame/RemoteFrame.h View 1 2 3 1 chunk +0 lines, -1 line 0 comments Download
M third_party/WebKit/Source/core/frame/RemoteFrame.cpp View 1 2 3 1 chunk +0 lines, -4 lines 0 comments Download
M third_party/WebKit/Source/core/frame/RemoteFrameClient.h View 1 2 3 1 chunk +0 lines, -2 lines 0 comments Download
M third_party/WebKit/Source/core/loader/EmptyClients.h View 1 2 3 4 1 chunk +0 lines, -1 line 0 comments Download
M third_party/WebKit/Source/core/loader/FrameLoader.cpp View 1 2 3 2 chunks +3 lines, -2 lines 0 comments Download
M third_party/WebKit/Source/core/loader/FrameLoaderClient.h View 1 2 3 1 chunk +2 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/platform/RuntimeEnabledFeatures.in View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
M third_party/WebKit/Source/web/FrameLoaderClientImpl.h View 1 2 3 1 chunk +2 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp View 1 2 3 1 chunk +5 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/RemoteFrameClientImpl.h View 1 2 3 1 chunk +0 lines, -1 line 0 comments Download
M third_party/WebKit/Source/web/RemoteFrameClientImpl.cpp View 1 2 3 1 chunk +0 lines, -4 lines 0 comments Download
M third_party/WebKit/Source/web/WebFrame.cpp View 1 1 chunk +3 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/WebLocalFrameImpl.cpp View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
M third_party/WebKit/Source/web/WebRemoteFrameImpl.h View 1 2 3 1 chunk +2 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp View 1 2 3 1 chunk +4 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/web/WebUserGestureIndicator.cpp View 1 chunk +1 line, -2 lines 0 comments Download
M third_party/WebKit/Source/web/WebViewImpl.cpp View 1 2 3 1 chunk +1 line, -1 line 0 comments Download
M third_party/WebKit/public/web/WebFrameClient.h View 1 2 3 1 chunk +3 lines, -0 lines 0 comments Download
M third_party/WebKit/public/web/WebRemoteFrame.h View 1 1 chunk +2 lines, -0 lines 0 comments Download
M third_party/WebKit/public/web/WebRemoteFrameClient.h View 1 2 3 1 chunk +0 lines, -2 lines 0 comments Download

Messages

Total messages: 40 (24 generated)
Nate Chapin
ojan: WDYT? dcheng: PTAL, especially for the cross-process question. https://codereview.chromium.org/2625773002/diff/1/third_party/WebKit/Source/core/frame/LocalFrame.h File third_party/WebKit/Source/core/frame/LocalFrame.h (right): https://codereview.chromium.org/2625773002/diff/1/third_party/WebKit/Source/core/frame/LocalFrame.h#newcode274 third_party/WebKit/Source/core/frame/LocalFrame.h:274: ...
3 years, 11 months ago (2017-01-11 19:01:40 UTC) #7
ojan
https://codereview.chromium.org/2625773002/diff/1/third_party/WebKit/Source/core/frame/LocalFrame.h File third_party/WebKit/Source/core/frame/LocalFrame.h (right): https://codereview.chromium.org/2625773002/diff/1/third_party/WebKit/Source/core/frame/LocalFrame.h#newcode274 third_party/WebKit/Source/core/frame/LocalFrame.h:274: bool m_hasReceivedUserGesture; On 2017/01/11 at 19:01:40, Nate Chapin wrote: ...
3 years, 11 months ago (2017-01-11 19:15:48 UTC) #8
dcheng
+alexmos who's done a lot of replication stuff To make sure I'm understanding correctly, this ...
3 years, 11 months ago (2017-01-12 10:41:00 UTC) #9
Nate Chapin
Ok, I think I've got the replumb done more-or-less as requested.
3 years, 11 months ago (2017-01-18 20:20:46 UTC) #19
Nate Chapin
https://codereview.chromium.org/2625773002/diff/40001/third_party/WebKit/Source/core/dom/DocumentUserGestureToken.h File third_party/WebKit/Source/core/dom/DocumentUserGestureToken.h (right): https://codereview.chromium.org/2625773002/diff/40001/third_party/WebKit/Source/core/dom/DocumentUserGestureToken.h#newcode42 third_party/WebKit/Source/core/dom/DocumentUserGestureToken.h:42: document->frame()->setDocumentHasReceivedUserGesture(); Doing this here rather than in FrameLoaderClientImpl so ...
3 years, 11 months ago (2017-01-18 20:21:37 UTC) #20
dcheng
Overall, looks good. I think there's one potential issue though: if we create a local ...
3 years, 11 months ago (2017-01-19 06:15:11 UTC) #21
alexmos
On 2017/01/19 06:15:11, dcheng wrote: > Overall, looks good. > > I think there's one ...
3 years, 11 months ago (2017-01-19 17:53:17 UTC) #22
alexmos
On 2017/01/19 17:53:17, alexmos wrote: > On 2017/01/19 06:15:11, dcheng wrote: > > Overall, looks ...
3 years, 11 months ago (2017-01-19 17:55:50 UTC) #23
ojan
As per the current design of the feature, we won't ever need to set it ...
3 years, 11 months ago (2017-01-19 19:19:40 UTC) #24
Nate Chapin
On 2017/01/19 06:15:11, dcheng wrote: > Overall, looks good. > > I think there's one ...
3 years, 11 months ago (2017-01-19 20:40:32 UTC) #25
dcheng
I think PS5 fixes all the remote frame proxy cases. It doesn't address createProvisional() directly, ...
3 years, 11 months ago (2017-01-19 21:53:42 UTC) #28
dcheng
+alexmos again as well since rietveld randomly dropped some reviewers
3 years, 11 months ago (2017-01-19 21:54:19 UTC) #30
dcheng
We chatted and we believe that we actually want to ignore frame replication state for ...
3 years, 11 months ago (2017-01-19 23:10:15 UTC) #33
alexmos
content/ LGTM
3 years, 11 months ago (2017-01-19 23:37:40 UTC) #34
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2625773002/80001
3 years, 11 months ago (2017-01-19 23:40:51 UTC) #37
commit-bot: I haz the power
3 years, 11 months ago (2017-01-20 01:26:43 UTC) #40
Message was sent while issue was closed.
Committed patchset #5 (id:80001) as
https://chromium.googlesource.com/chromium/src/+/61835ae17fb417e72d42d7e4829c...

Powered by Google App Engine
This is Rietveld 408576698