Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
809153004:
Mixed Content: Treat some Chrome schemes as restricting mixed content.
|
Created:
6 years ago by Mike West Modified:
5 years, 7 months ago Reviewers:
elijahtaylor1, jochen (gone - plz use gerrit), asargent_no_longer_on_chrome, not at google - send to devlin CC:
chromium-reviews Base URL:
https://chromium.googlesource.com/chromium/src.git@master Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionMixed Content: Treat some Chrome schemes as restricting mixed content.
We should not load insecure content into documents under the following
schemes:
* chrome:
* chrome-search:
* chrome-extension-resource:
* chrome-devtools:
This patch registers those schemes as restricting mixed content, which
means the renderer will treat them similarly to 'https:' URLs with
regard to insecure subresource requests.
BUG=443597
Patch Set 1 #Patch Set 2 : devtools=secure #
Total comments: 3
Patch Set 3 : Moving. #
Messages
Total messages: 28 (10 generated)
mkwst@chromium.org changed reviewers: + jochen@chromium.org
Jochen, WDYT? I don't think we can write layout tests for this... is there a reasonable way to test on the Chromium side?
not sure what chrome-devtools: is used for? can chrome-extension-resource: serve entire iframes? I'd expect that restricting this will break stuff, no? is chrome-search: only used for google, or also other search engines that might be http?
On 2014/12/19 10:31:29, jochen (slow) wrote: > not sure what chrome-devtools: is used for? The devtools interface. All that stuff down at the bottom of the window when you open the inspector is served from this scheme. (+pfeldman) > can chrome-extension-resource: serve entire iframes? I'd expect that restricting > this will break stuff, no? It doesn't look like we serve anything other than *.js over this scheme. I don't know if we have any resources meant to be served as full frame documents, but if we do, restricting it doesn't seem unreasonable. > is chrome-search: only used for google, or also other search engines that might > be http? I really hope we don't allow the NTP to serve http from any search engine. :(
mkwst@chromium.org changed reviewers: + pfeldman@chromium.org
er. +pfeldman for real.
On 2014/12/19 10:31:29, jochen (slow) wrote: > is chrome-search: only used for google, or also other search engines that might > be http? The only search engine other than Google that takes over the NTP is Bing (according to https://code.google.com/p/chromium/codesearch#chromium/src/components/search_...), and its URLs are HTTPS. Given that we enable some APIs there that we don't have elsewhere, it seems reasonable to lock it down a bit.
mkwst@chromium.org changed reviewers: + kalman@chromium.org
On 2014/12/19 10:35:59, Mike West wrote: > > can chrome-extension-resource: serve entire iframes? I'd expect that > restricting > > this will break stuff, no? > > It doesn't look like we serve anything other than *.js over this scheme. I don't > know if we have any resources meant to be served as full frame documents, but if > we do, restricting it doesn't seem unreasonable. +kalman
Lots of ChromeOS test failures, loading `http://127.0.0.1` inside `chrome://` for login. I hope that's just a problem with the tests spinning up a fake gaia server locally, and not representative of how we do login.
+bartfab: Can you point me to someone to chat with about the login tests?
On 2014/12/19 13:43:09, Mike West wrote: > +bartfab: Can you point me to someone to chat with about the login tests? rogerta@ and guohui@ are good contacts for this code.
On 2014/12/19 13:49:25, bartfab wrote: > On 2014/12/19 13:43:09, Mike West wrote: > > +bartfab: Can you point me to someone to chat with about the login tests? > > rogerta@ and guohui@ are good contacts for this code. By the way: I wrote an HTTPSForwarder class (chrome/browser/chromeos/login/test/https_forwarder.h) that I use in saml_browsertest.cc. It serves as a wrapper around FakeGaia, allowing Chrome to access FakeGaia over HTTPS in tests.
kalman@chromium.org changed reviewers: + asargent@chromium.org
pfeldman@chromium.org changed reviewers: - pfeldman@chromium.org
https://codereview.chromium.org/809153004/diff/20001/chrome/renderer/chrome_c... File chrome/renderer/chrome_content_renderer_client.cc (right): https://codereview.chromium.org/809153004/diff/20001/chrome/renderer/chrome_c... chrome/renderer/chrome_content_renderer_client.cc:422: // pages should not directly embed insecure resources. chrome: and chrome-devtools: are defined in content. I wonder whether we should register them there?
kalman@chromium.org changed reviewers: + elijahtaylor@chromium.org
lgtm, FYI +elijahtaylor for the ARC question. https://codereview.chromium.org/809153004/diff/20001/chrome/renderer/chrome_c... File chrome/renderer/chrome_content_renderer_client.cc (right): https://codereview.chromium.org/809153004/diff/20001/chrome/renderer/chrome_c... chrome/renderer/chrome_content_renderer_client.cc:430: extension_resource_scheme); Double-check with the ARC people about this, they're the main clients of chrome-extension-resource.
(lg for chrome-extension-resource that is)
https://codereview.chromium.org/809153004/diff/20001/chrome/renderer/chrome_c... File chrome/renderer/chrome_content_renderer_client.cc (right): https://codereview.chromium.org/809153004/diff/20001/chrome/renderer/chrome_c... chrome/renderer/chrome_content_renderer_client.cc:430: extension_resource_scheme); On 2015/05/18 23:08:33, kalman wrote: > Double-check with the ARC people about this, they're the main clients of > chrome-extension-resource. I don't think this should be a problem for ARC. We actually don't use chrome-extension-resource, shared module resources are delivered via reserved _modules/ paths from the normal chrome-extension:// scheme.
Patchset #3 (id:40001) has been deleted
The CQ bit was checked by mkwst@chromium.org to run a CQ dry run
The patchset sent to the CQ was uploaded after l-g-t-m from kalman@chromium.org Link to the patchset: https://codereview.chromium.org/809153004/#ps60001 (title: "Moving.")
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/809153004/60001
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: linux_chromium_chromeos_rel_ng on tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
lgtm |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
