Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(236)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 438283002: Sanitize referrer in context menus. (Closed)

Created:
6 years, 4 months ago by nasko
Modified:
6 years, 4 months ago
CC:
asanka, benjhayden+dwatch_chromium.org, chromium-reviews, darin-cc_chromium.org, jam
Project:
chromium
Visibility:
Public.

Description

Sanitize referrer in context menus. This CL adds a method to content::Referrer that allows for sanitizing the referrer before making a network request and uses it to scrub the Referer header for requests originating in the context menu. It is based on work started by cbentzel@ in https://codereview.chromium.org/277903002/. BUG=357473 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=287579

Patch Set 1 #

Patch Set 2 : A bit of cleanup. #

Patch Set 3 : Fix for Save Image (As). #

Patch Set 4 : Add test for Save Image As #

Total comments: 2

Patch Set 5 : Change SerializedNavigationEntry::Sanitize and add extra check. #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+186 lines, -50 lines) Patch
M chrome/browser/download/download_browsertest.cc View 1 2 3 3 chunks +112 lines, -0 lines 0 comments Download
M chrome/browser/referrer_policy_browsertest.cc View 10 chunks +10 lines, -10 lines 0 comments Download
M chrome/browser/renderer_context_menu/render_view_context_menu.cc View 1 2 3 chunks +18 lines, -10 lines 0 comments Download
M chrome/test/data/referrer_policy/referrer-policy-start.html View 1 chunk +7 lines, -5 lines 0 comments Download
M components/sessions/serialized_navigation_entry.cc View 1 2 3 4 1 chunk +6 lines, -25 lines 2 comments Download
M content/public/common/referrer.h View 1 2 3 4 2 chunks +33 lines, -0 lines 0 comments Download

Messages

Total messages: 12 (0 generated)
nasko
Hey Jochen, Can you take a look at this CL? I've ported over Chris' sanitizer ...
6 years, 4 months ago (2014-08-05 12:01:52 UTC) #1
jochen (gone - plz use gerrit)
https://codereview.chromium.org/438283002/diff/60001/content/public/common/referrer.h File content/public/common/referrer.h (right): https://codereview.chromium.org/438283002/diff/60001/content/public/common/referrer.h#newcode32 content/public/common/referrer.h:32: sanitized_referrer.policy = referrer.policy; can you also make SerializedNavigationEntry::Sanitize use ...
6 years, 4 months ago (2014-08-05 13:27:42 UTC) #2
nasko
https://codereview.chromium.org/438283002/diff/60001/content/public/common/referrer.h File content/public/common/referrer.h (right): https://codereview.chromium.org/438283002/diff/60001/content/public/common/referrer.h#newcode32 content/public/common/referrer.h:32: sanitized_referrer.policy = referrer.policy; On 2014/08/05 13:27:42, jochen wrote: > ...
6 years, 4 months ago (2014-08-05 14:27:58 UTC) #3
jochen (gone - plz use gerrit)
lgtm https://codereview.chromium.org/438283002/diff/2/components/sessions/serialized_navigation_entry.cc File components/sessions/serialized_navigation_entry.cc (right): https://codereview.chromium.org/438283002/diff/2/components/sessions/serialized_navigation_entry.cc#newcode522 components/sessions/serialized_navigation_entry.cc:522: referrer_ = content::Referrer(); here totally clearing is fine.
6 years, 4 months ago (2014-08-05 15:16:56 UTC) #4
nasko
The CQ bit was checked by nasko@chromium.org
6 years, 4 months ago (2014-08-05 15:32:20 UTC) #5
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/nasko@chromium.org/438283002/2
6 years, 4 months ago (2014-08-05 15:33:03 UTC) #6
commit-bot: I haz the power
FYI, CQ is re-trying this CL (attempt #1). The failing builders are: linux_chromium_chromeos_rel_swarming on tryserver.chromium.linux ...
6 years, 4 months ago (2014-08-05 17:15:47 UTC) #7
commit-bot: I haz the power
The CQ bit was unchecked by commit-bot@chromium.org
6 years, 4 months ago (2014-08-05 17:57:34 UTC) #8
commit-bot: I haz the power
Try jobs failed on following builders: linux_chromium_chromeos_rel_swarming on tryserver.chromium.linux (http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_chromeos_rel_swarming/builds/1285)
6 years, 4 months ago (2014-08-05 17:57:35 UTC) #9
nasko
The CQ bit was checked by nasko@chromium.org
6 years, 4 months ago (2014-08-05 19:06:29 UTC) #10
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/nasko@chromium.org/438283002/2
6 years, 4 months ago (2014-08-05 19:07:49 UTC) #11
commit-bot: I haz the power
6 years, 4 months ago (2014-08-05 19:47:04 UTC) #12
Message was sent while issue was closed. 
Change committed as 287579

Powered by Google App Engine
This is Rietveld 408576698