Descriptionmedia: Restrict ProtectedMediaIdentifier permission to secure origins
Currently EME is restricted to secure origins (see BUG). However, it's
possible that the renderer process is compromised and bypasses this
restriction. This CL restricts the ProtectedMediaIdentifier permission
to secure origin as well to add another layer of protection.
Origins whitelisted by the --unsafely-treat-insecure-origin-as-secure
flag will always be treated as "secure", and as such will not be
affected by this change.
BUG=672605
Review-Url: https://codereview.chromium.org/2859293003
Cr-Commit-Position: refs/heads/master@{#469866}
Committed: https://chromium.googlesource.com/chromium/src/+/fb4dd15c290ffa283c157f42f4d5abae97c3193d
Patch Set 1 #
Messages
Total messages: 15 (10 generated)
|