Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(64)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 348853009: Refactor mixed content checks against the top frame into MixedContentChecker. (Closed)

Created:
6 years, 5 months ago by Mike West
Modified:
6 years, 5 months ago
CC:
blink-reviews, gavinp+loader_chromium.org, Nate Chapin
Project:
blink
Visibility:
Public.

Description

Refactor mixed content checks against the top frame into MixedContentChecker. We shouldn't force the callsites to understand that they need to check the top-level frame. It leads to bugs and oversights, at least one of which is fixed by this patch. BUG=390123 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=177285

Patch Set 1 #

Patch Set 2 : WSS. #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+33 lines, -30 lines) Patch
M LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe.html View 1 chunk +1 line, -2 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-expected.txt View 1 chunk +3 lines, -1 line 0 comments Download
M Source/core/fetch/ResourceFetcher.cpp View 1 chunk +5 lines, -18 lines 0 comments Download
M Source/core/loader/MixedContentChecker.cpp View 2 chunks +24 lines, -0 lines 0 comments Download
M Source/core/loader/PingLoader.cpp View 1 chunk +0 lines, -3 lines 1 comment Download
M Source/modules/websockets/MainThreadWebSocketChannel.cpp View 1 1 chunk +0 lines, -3 lines 1 comment Download
M Source/modules/websockets/NewWebSocketChannelImpl.cpp View 1 1 chunk +0 lines, -3 lines 0 comments Download

Messages

Total messages: 9 (0 generated)
Mike West
Hey Jochen, WDYT about this refactoring? -mike
6 years, 5 months ago (2014-06-30 10:29:07 UTC) #1
jochen (gone - plz use gerrit)
not sure I understand this. in the ping loader case, where is the check now? ...
6 years, 5 months ago (2014-06-30 11:54:54 UTC) #2
Mike West
https://codereview.chromium.org/348853009/diff/20001/Source/core/loader/PingLoader.cpp File Source/core/loader/PingLoader.cpp (right): https://codereview.chromium.org/348853009/diff/20001/Source/core/loader/PingLoader.cpp#newcode123 Source/core/loader/PingLoader.cpp:123: if (!frame->loader().mixedContentChecker()->canRunInsecureContent(frame->document()->securityOrigin(), request.url())) The PingLoader check is here. We ...
6 years, 5 months ago (2014-06-30 12:24:37 UTC) #3
Mike West
Ping.
6 years, 5 months ago (2014-07-01 06:18:57 UTC) #4
jochen (gone - plz use gerrit)
lgtm
6 years, 5 months ago (2014-07-01 07:26:11 UTC) #5
Mike West
The CQ bit was checked by mkwst@chromium.org
6 years, 5 months ago (2014-07-01 07:47:12 UTC) #6
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/mkwst@chromium.org/348853009/20001
6 years, 5 months ago (2014-07-01 07:48:24 UTC) #7
commit-bot: I haz the power
FYI, CQ is re-trying this CL (attempt #1). The failing builders are: linux_blink_dbg on tryserver.blink ...
6 years, 5 months ago (2014-07-01 08:52:51 UTC) #8
commit-bot: I haz the power
6 years, 5 months ago (2014-07-01 09:57:10 UTC) #9
Message was sent while issue was closed. 
Change committed as 177285

Powered by Google App Engine
This is Rietveld 408576698