Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(66)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 51603002: Request XSSI-escaped response for suggest. (Closed)

Created:
7 years, 1 month ago by Maria
Modified:
7 years, 1 month ago
CC:
chromium-reviews
Visibility:
Public.

Description

Request XSSI-escaped response for suggest. This will request the suggest response to be escaped to protect it against XSSI vulnerability and allow us to get psuggest responses without using an XSRF token. Until the corresponding GWS change goes in, the response is not modified. XSSI-escaped response will be correctly handled after https://codereview.chromium.org/45863006/ lands. BUG=312473 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=232268

Patch Set 1 #

Total comments: 2

Patch Set 2 : Update data version #

Patch Set 3 : Rebase #

Unified diffs Side-by-side diffs Delta from patch set Stats (+2 lines, -2 lines) Patch
M chrome/browser/search_engines/prepopulated_engines.json View 1 2 2 chunks +2 lines, -2 lines 0 comments Download

Messages

Total messages: 9 (0 generated)
Maria
7 years, 1 month ago (2013-10-29 22:27:50 UTC) #1
Peter Kasting
LGTM https://codereview.chromium.org/51603002/diff/1/chrome/browser/search_engines/prepopulated_engines.json File chrome/browser/search_engines/prepopulated_engines.json (right): https://codereview.chromium.org/51603002/diff/1/chrome/browser/search_engines/prepopulated_engines.json#newcode29 chrome/browser/search_engines/prepopulated_engines.json:29: "kCurrentDataVersion": 66 You need to increment this number.
7 years, 1 month ago (2013-10-29 22:29:10 UTC) #2
Anuj
https://codereview.chromium.org/51603002/diff/1/chrome/browser/search_engines/prepopulated_engines.json File chrome/browser/search_engines/prepopulated_engines.json (right): https://codereview.chromium.org/51603002/diff/1/chrome/browser/search_engines/prepopulated_engines.json#newcode490 chrome/browser/search_engines/prepopulated_engines.json:490: "suggest_url": "{google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}", &xssi is sufficient. No value (=t) required
7 years, 1 month ago (2013-10-29 22:30:59 UTC) #3
mariakhomenko
On Tue, Oct 29, 2013 at 3:30 PM, <skanuj@chromium.org> wrote: > > https://codereview.chromium.**org/51603002/diff/1/chrome/** > browser/search_engines/**prepopulated_engines.json<https://codereview.chromium.org/51603002/diff/1/chrome/browser/search_engines/prepopulated_engines.json> ...
7 years, 1 month ago (2013-10-29 22:34:27 UTC) #4
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/mariakhomenko@chromium.org/51603002/2
7 years, 1 month ago (2013-10-31 17:47:30 UTC) #5
commit-bot: I haz the power
Failed to apply patch for chrome/browser/search_engines/prepopulated_engines.json: While running patch -p1 --forward --force --no-backup-if-mismatch; patching file ...
7 years, 1 month ago (2013-10-31 17:47:31 UTC) #6
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/mariakhomenko@chromium.org/51603002/280001
7 years, 1 month ago (2013-10-31 18:24:53 UTC) #7
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/mariakhomenko@chromium.org/51603002/280001
7 years, 1 month ago (2013-10-31 23:38:17 UTC) #8
commit-bot: I haz the power
7 years, 1 month ago (2013-11-01 01:42:28 UTC) #9
Message was sent while issue was closed. 
Change committed as 232268

Powered by Google App Engine
This is Rietveld 408576698