Issue 319183008: Revert of Implementing mixed content for forms posting to insecure location from secure ones

Issue 319183008: Revert of Implementing mixed content for forms posting to insecure location from secure ones (Closed)

Created:
6 years, 6 months ago by abarth-chromium

Modified:
6 years, 6 months ago

Reviewers:
jww, Mike West, mhm

CC:
blink-reviews, dglazkov+blink, blink-reviews-html_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/blink.git@master

Visibility:
Public.

More Reviews

Description

Revert of Implementing mixed content for forms posting to insecure location from secure ones (https://codereview.chromium.org/311033003/) Reason for revert: This CL incorrectly integrates with the inspector. Notice that in Element::didModifyAttribute, InspectorInstrumentation::didModifyDOMAttr will be called with the original value, not the mutated value. Original issue's description: > Implementing mixed content for forms posting to insecure location from secure ones. > > When a form "action" attribute is pointing to insecure location from a secure one, this is flagged as mixed content. This is even checked if the pages dynamically changes the "action" attribute after the initial loading. The mixed content is non-blocking by default, however, this can be overridden in the preferences, and this will cause a submit to silently fail, other than a console message. > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=175714 TBR=jww@chromium.org,mkwst@chromium.org,mohammed@chromium.org NOTREECHECKS=true NOTRY=true Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=175715

Patch Set 1 #

Created: 6 years, 6 months ago

(Patch set is too large to download)

	Unified diffs	Side-by-side diffs	Stats (+17 lines, -173 lines)			Patch
D	LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame.html	View	1 chunk	+0 lines, -24 lines	0 comments	Download
D	LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-allowed.html	View	1 chunk	+0 lines, -25 lines	0 comments	Download
D	LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-allowed-expected.txt	View	1 chunk	+0 lines, -3 lines	0 comments	Download
D	LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-blocked.html	View	1 chunk	+0 lines, -24 lines	0 comments	Download
D	LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-blocked-expected.txt	View	1 chunk	+0 lines, -3 lines	0 comments	Download
D	LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-expected.txt	View	1 chunk	+0 lines, -3 lines	0 comments	Download
D	LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-formSubmission.html	View	1 chunk	+0 lines, -9 lines	0 comments	Download
M	LayoutTests/http/tests/security/originHeader/resources/origin-header-post-to-http.html	View	1 chunk	+1 line, -1 line	0 comments	Download
M	Source/core/frame/UseCounter.h	View	1 chunk	+0 lines, -2 lines	0 comments	Download
M	Source/core/html/HTMLFormElement.h	View	1 chunk	+0 lines, -3 lines	0 comments	Download
M	Source/core/html/HTMLFormElement.cpp	View	4 chunks	+4 lines, -35 lines	0 comments	Download
M	Source/core/loader/MixedContentChecker.h	View	1 chunk	+5 lines, -22 lines	0 comments	Download
M	Source/core/loader/MixedContentChecker.cpp	View	3 chunks	+7 lines, -19 lines	0 comments	Download

Messages

Total messages: 3 (0 generated)

Expand Messages | Collapse Messages

abarth-chromium

Created Revert of Implementing mixed content for forms posting to insecure location from secure ones

6 years, 6 months ago (2014-06-06 22:53:01 UTC) #1

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/abarth@chromium.org/319183008/1

6 years, 6 months ago (2014-06-06 22:54:16 UTC) #2

Message was sent while issue was closed.

Change committed as 175715

Expand Messages | Collapse Messages