Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(548)

Issue 2845943003: Limit protection of clients[0-9]*.google.com to requests from browser. (Closed)

Created:
3 years, 7 months ago by battre
Modified:
3 years, 7 months ago
Reviewers:
Devlin, mmenke
CC:
chromium-reviews, chromium-apps-reviews_chromium.org, extensions-reviews_chromium.org
Target Ref:
refs/heads/master
Project:
chromium
Visibility:
Public.

Description

Limit protection of clients[0-9]*.google.com to requests from browser. The WebRequest API protected network requests to clients[0-9]*.google.com from being visible or modified by extensions. This was built under the assumption that these domains are only used by Chrome internally, which was invalid. This CL restrictes the protection to only those network requests that originate from the browser. Requests from the renderers are exposed to extensions. BUG=715184 TEST=https://crbug.com/715184#c12 Review-Url: https://codereview.chromium.org/2845943003 Cr-Commit-Position: refs/heads/master@{#470949} Committed: https://chromium.googlesource.com/chromium/src/+/14ca4ff2719095e31e2f4cc49d1d5e8d5af175ce

Patch Set 1 #

Patch Set 2 : Fix regression #

Patch Set 3 : Hide requests from WebUI #

Total comments: 20

Patch Set 4 : Addressed comments #

Patch Set 5 : Nits #

Patch Set 6 : Merged with ToT #

Patch Set 7 : Fix unittests #

Unified diffs Side-by-side diffs Delta from patch set Stats (+75 lines, -36 lines) Patch
M extensions/browser/api/web_request/web_request_permissions.h View 1 2 3 1 chunk +2 lines, -1 line 0 comments Download
M extensions/browser/api/web_request/web_request_permissions.cc View 1 2 3 4 5 5 chunks +44 lines, -16 lines 0 comments Download
M extensions/browser/api/web_request/web_request_permissions_unittest.cc View 1 2 3 4 5 6 1 chunk +29 lines, -19 lines 0 comments Download

Messages

Total messages: 50 (31 generated)
battre
Could you please review this CL? Thanks.
3 years, 7 months ago (2017-05-04 13:21:00 UTC) #13
Devlin
Thanks for looking into this! https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode64 extensions/browser/api/web_request/web_request_permissions.cc:64: base::StringPiece::size_type pos = host.rfind(kClient); ...
3 years, 7 months ago (2017-05-04 15:33:29 UTC) #16
battre
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode64 extensions/browser/api/web_request/web_request_permissions.cc:64: base::StringPiece::size_type pos = host.rfind(kClient); On 2017/05/04 15:33:29, Devlin wrote: ...
3 years, 7 months ago (2017-05-04 15:53:46 UTC) #17
mmenke
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode65 extensions/browser/api/web_request/web_request_permissions.cc:65: if (!is_request_from_renderer && pos != base::StringPiece::npos) { So we're ...
3 years, 7 months ago (2017-05-04 15:54:42 UTC) #18
mmenke
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode120 extensions/browser/api/web_request/web_request_permissions.cc:120: process_id)) { On 2017/05/04 15:53:46, battre wrote: > On ...
3 years, 7 months ago (2017-05-04 15:56:33 UTC) #19
Devlin
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode65 extensions/browser/api/web_request/web_request_permissions.cc:65: if (!is_request_from_renderer && pos != base::StringPiece::npos) { On 2017/05/04 ...
3 years, 7 months ago (2017-05-04 17:31:26 UTC) #20
mmenke
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode65 extensions/browser/api/web_request/web_request_permissions.cc:65: if (!is_request_from_renderer && pos != base::StringPiece::npos) { On 2017/05/04 ...
3 years, 7 months ago (2017-05-04 17:33:17 UTC) #21
Devlin
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode65 extensions/browser/api/web_request/web_request_permissions.cc:65: if (!is_request_from_renderer && pos != base::StringPiece::npos) { On 2017/05/04 ...
3 years, 7 months ago (2017-05-04 18:06:01 UTC) #22
mmenke
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode65 extensions/browser/api/web_request/web_request_permissions.cc:65: if (!is_request_from_renderer && pos != base::StringPiece::npos) { On 2017/05/04 ...
3 years, 7 months ago (2017-05-05 14:35:14 UTC) #23
Devlin
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode65 extensions/browser/api/web_request/web_request_permissions.cc:65: if (!is_request_from_renderer && pos != base::StringPiece::npos) { On 2017/05/05 ...
3 years, 7 months ago (2017-05-05 16:16:04 UTC) #24
mmenke
https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode65 extensions/browser/api/web_request/web_request_permissions.cc:65: if (!is_request_from_renderer && pos != base::StringPiece::npos) { On 2017/05/05 ...
3 years, 7 months ago (2017-05-05 16:18:03 UTC) #25
battre
PTAL. Thanks! https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc File extensions/browser/api/web_request/web_request_permissions.cc (right): https://codereview.chromium.org/2845943003/diff/40001/extensions/browser/api/web_request/web_request_permissions.cc#newcode64 extensions/browser/api/web_request/web_request_permissions.cc:64: base::StringPiece::size_type pos = host.rfind(kClient); On 2017/05/04 15:53:46, ...
3 years, 7 months ago (2017-05-10 09:18:38 UTC) #28
Devlin
It looks like there's a patch failure, but assuming no significant changes are needed, this ...
3 years, 7 months ago (2017-05-10 15:02:06 UTC) #33
mmenke
On 2017/05/10 15:02:06, Devlin (OOO until May 12) wrote: > It looks like there's a ...
3 years, 7 months ago (2017-05-10 15:23:24 UTC) #34
mmenke
On 2017/05/10 15:23:24, mmenke wrote: > On 2017/05/10 15:02:06, Devlin (OOO until May 12) wrote: ...
3 years, 7 months ago (2017-05-10 15:24:42 UTC) #35
commit-bot: I haz the power
CQ is trying da patch. Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2845943003/100001
3 years, 7 months ago (2017-05-11 10:50:15 UTC) #38
commit-bot: I haz the power
Try jobs failed on following builders: win_chromium_rel_ng on master.tryserver.chromium.win (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_rel_ng/builds/441825)
3 years, 7 months ago (2017-05-11 11:40:44 UTC) #40
commit-bot: I haz the power
CQ is trying da patch. Follow status at: https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2845943003/120001
3 years, 7 months ago (2017-05-11 14:24:02 UTC) #47
commit-bot: I haz the power
3 years, 7 months ago (2017-05-11 14:32:04 UTC) #50
Message was sent while issue was closed.
Committed patchset #7 (id:120001) as
https://chromium.googlesource.com/chromium/src/+/14ca4ff2719095e31e2f4cc49d1d...

Powered by Google App Engine
This is Rietveld 408576698