Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(328)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 356843006: Add "lax mixed content checking" runtime flag. (Closed)

Created:
6 years, 5 months ago by Mike West
Modified:
6 years, 5 months ago
CC:
arv+blink, blink-reviews, Inactive, gavinp+loader_chromium.org, Nate Chapin, saswat, watchdog-blink-watchlist_google.com
Project:
blink
Visibility:
Public.

Description

Add "lax mixed content checking" runtime flag. For the same reasons that we're delaying the complete removal of ShowModalDialog, we need to slow-walk the progress of tightening our mixed content checks. This runtime-enabled setting will allow us to set up a policy hook in order to provide enterprises with time to adapt to the new-to-Chrome behavior of blocking mixed WebSockets and XMLHttpRequest. BUG=389089 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=177110

Patch Set 1 #

Patch Set 2 : Test. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+58 lines, --1 lines) Patch
M LayoutTests/http/tests/security/mixedContent/insecure-sync-post-xhr-allowed.html View 1 chunk +3 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/insecure-sync-post-xhr-blocked.html View 1 chunk +3 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/insecure-xhr-in-main-frame.html View 1 chunk +3 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/insecure-sync-post-xhr-allowed.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/insecure-sync-post-xhr-allowed-expected.txt View 1 chunk +1 line, -1 line 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/insecure-sync-post-xhr-blocked.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A LayoutTests/http/tests/security/mixedContent/laxChecking/insecure-sync-post-xhr-blocked-expected.txt View 1 chunk +6 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/insecure-xhr-in-main-frame.html View 1 chunk +0 lines, -1 line 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/insecure-xhr-in-main-frame-expected.txt View 1 chunk +2 lines, -2 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page-allowed.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page-allowed-expected.txt View 0 chunks +-1 lines, --1 lines 0 comments Download
A LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page-expected.txt View 1 chunk +7 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page-worker.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page-worker-allowed.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page-worker-allowed-expected.txt View 0 chunks +-1 lines, --1 lines 0 comments Download
A LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/insecure-websocket-in-secure-page-worker-expected.txt View 1 chunk +7 lines, -0 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/resources/expect-successful-construction.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/resources/expect-successful-construction.js View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/resources/expect-successful-construction-worker.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/resources/expect-throw-on-construction.html View 0 chunks +-1 lines, --1 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/resources/expect-throw-on-construction.js View 1 1 chunk +1 line, -3 lines 0 comments Download
A + LayoutTests/http/tests/security/mixedContent/laxChecking/websocket/resources/expect-throw-on-construction-worker.html View 0 chunks +-1 lines, --1 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/websocket/insecure-websocket-in-sandbox-in-secure-page.html View 1 1 chunk +2 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/websocket/insecure-websocket-in-secure-page.html View 1 chunk +3 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/websocket/insecure-websocket-in-secure-page-allowed.html View 1 chunk +3 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/websocket/insecure-websocket-in-secure-page-worker.html View 1 chunk +3 lines, -0 lines 0 comments Download
M LayoutTests/http/tests/security/mixedContent/websocket/insecure-websocket-in-secure-page-worker-allowed.html View 1 chunk +3 lines, -0 lines 0 comments Download
M Source/core/loader/MixedContentChecker.h View 1 chunk +2 lines, -4 lines 0 comments Download
M Source/core/loader/MixedContentChecker.cpp View 2 chunks +8 lines, -0 lines 0 comments Download
M Source/core/testing/InternalSettings.h View 2 chunks +2 lines, -0 lines 0 comments Download
M Source/core/testing/InternalSettings.cpp View 3 chunks +7 lines, -0 lines 0 comments Download
M Source/core/testing/InternalSettings.idl View 1 chunk +1 line, -0 lines 0 comments Download
M Source/core/xml/XMLHttpRequest.cpp View 1 chunk +1 line, -1 line 0 comments Download
M Source/platform/RuntimeEnabledFeatures.in View 1 1 chunk +3 lines, -0 lines 0 comments Download

Messages

Total messages: 10 (0 generated)
Mike West
Hey Jochen, mind taking a look at this CL? -mike +saswat, FYI.
6 years, 5 months ago (2014-06-27 11:04:29 UTC) #1
jochen (gone - plz use gerrit)
lgtm
6 years, 5 months ago (2014-06-27 11:08:27 UTC) #2
Mike West
The CQ bit was checked by mkwst@chromium.org
6 years, 5 months ago (2014-06-27 11:12:28 UTC) #3
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/mkwst@chromium.org/356843006/1
6 years, 5 months ago (2014-06-27 11:13:09 UTC) #4
commit-bot: I haz the power
FYI, CQ is re-trying this CL (attempt #1). The failing builders are: linux_blink_dbg on tryserver.blink ...
6 years, 5 months ago (2014-06-27 12:08:18 UTC) #5
Mike West
The CQ bit was unchecked by mkwst@chromium.org
6 years, 5 months ago (2014-06-27 12:13:12 UTC) #6
Mike West
The CQ bit was checked by mkwst@chromium.org
6 years, 5 months ago (2014-06-27 13:44:33 UTC) #7
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/mkwst@chromium.org/356843006/40001
6 years, 5 months ago (2014-06-27 13:45:48 UTC) #8
commit-bot: I haz the power
FYI, CQ is re-trying this CL (attempt #1). The failing builders are: linux_gpu_triggered_tests on tryserver.chromium.gpu ...
6 years, 5 months ago (2014-06-27 14:58:44 UTC) #9
commit-bot: I haz the power
6 years, 5 months ago (2014-06-27 15:39:24 UTC) #10
Message was sent while issue was closed. 
Change committed as 177110

Powered by Google App Engine
This is Rietveld 408576698