Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(237)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 898613004: Sanitize referrers before we create them (Closed)

Created:
5 years, 10 months ago by jochen (gone - plz use gerrit)
Modified:
5 years, 10 months ago
Reviewers:
Mike West, jam
CC:
cbentzel+watch_chromium.org, chromium-apps-reviews_chromium.org, chromium-reviews, cmumford, darin-cc_chromium.org, davidben+watch_chromium.org, dgrogan, extensions-reviews_chromium.org, gavinp+prer_chromium.org, horo+watch_chromium.org, jkarlin+watch_chromium.org, jsbell+serviceworker_chromium.org, jsbell+idb_chromium.org, kinuko+serviceworker, kinuko+watch, michaeln, nhiroki, serviceworker-reviews, tburkard+watch_chromium.org, tzik
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Sanitize referrers before we create them Unless we reconstruct an already sanitized referrer from the referrer url and the referrer policy, we should always sanitize it before constructing a request from it. BUG=454621, 422871 R=mkwst@chromium.org,jam@chromium.org Committed: https://crrev.com/8dcfbfdca890446d10a601414fe240bf6e07f70d Cr-Commit-Position: refs/heads/master@{#315360}

Patch Set 1 #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+42 lines, -33 lines) Patch
M chrome/browser/extensions/extension_web_ui.cc View 1 chunk +2 lines, -1 line 2 comments Download
M chrome/browser/extensions/webstore_inline_installer.cc View 1 chunk +5 lines, -4 lines 0 comments Download
M chrome/browser/extensions/webstore_installer.cc View 1 chunk +3 lines, -3 lines 0 comments Download
M chrome/browser/plugins/plugin_observer.cc View 1 chunk +4 lines, -2 lines 0 comments Download
M chrome/browser/ui/extensions/application_launch.cc View 1 chunk +4 lines, -4 lines 0 comments Download
M chrome/renderer/prerender/prerender_dispatcher.cc View 1 chunk +3 lines, -2 lines 0 comments Download
M components/navigation_interception/intercept_navigation_resource_throttle.cc View 1 chunk +3 lines, -1 line 0 comments Download
M components/pdf/renderer/pepper_pdf_host.cc View 1 chunk +3 lines, -2 lines 0 comments Download
M components/pdf/renderer/ppb_pdf_impl.cc View 1 chunk +3 lines, -2 lines 0 comments Download
M components/sessions/content/content_serialized_navigation_builder.cc View 1 chunk +5 lines, -5 lines 0 comments Download
M content/browser/indexed_db/indexed_db_internals_ui.cc View 1 chunk +2 lines, -2 lines 0 comments Download
M content/browser/service_worker/service_worker_version.cc View 1 chunk +5 lines, -5 lines 0 comments Download

Messages

Total messages: 9 (1 generated)
jochen (gone - plz use gerrit)
ptal Mike, everything John, rubberstamp as top-level OWNER
5 years, 10 months ago (2015-02-09 11:03:19 UTC) #1
Mike West
LGTM % nit. https://codereview.chromium.org/898613004/diff/1/chrome/browser/extensions/extension_web_ui.cc File chrome/browser/extensions/extension_web_ui.cc (right): https://codereview.chromium.org/898613004/diff/1/chrome/browser/extensions/extension_web_ui.cc#newcode83 chrome/browser/extensions/extension_web_ui.cc:83: url, content::Referrer::SanitizeForRequest( Nit: Might be worth ...
5 years, 10 months ago (2015-02-09 11:07:38 UTC) #2
jochen (gone - plz use gerrit)
https://codereview.chromium.org/898613004/diff/1/chrome/browser/extensions/extension_web_ui.cc File chrome/browser/extensions/extension_web_ui.cc (right): https://codereview.chromium.org/898613004/diff/1/chrome/browser/extensions/extension_web_ui.cc#newcode83 chrome/browser/extensions/extension_web_ui.cc:83: url, content::Referrer::SanitizeForRequest( On 2015/02/09 11:07:38, Mike West wrote: > ...
5 years, 10 months ago (2015-02-09 12:00:03 UTC) #3
jam
On 2015/02/09 11:03:19, jochen (slow) wrote: > ptal > > Mike, everything > John, rubberstamp ...
5 years, 10 months ago (2015-02-09 18:32:18 UTC) #4
jochen (gone - plz use gerrit)
On 2015/02/09 at 18:32:18, jam wrote: > On 2015/02/09 11:03:19, jochen (slow) wrote: > > ...
5 years, 10 months ago (2015-02-09 18:40:29 UTC) #5
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/898613004/1
5 years, 10 months ago (2015-02-09 18:41:45 UTC) #7
commit-bot: I haz the power
Committed patchset #1 (id:1)
5 years, 10 months ago (2015-02-09 19:15:44 UTC) #8
commit-bot: I haz the power
5 years, 10 months ago (2015-02-09 19:16:27 UTC) #9
Message was sent while issue was closed. 
Patchset 1 (id:??) landed as
https://crrev.com/8dcfbfdca890446d10a601414fe240bf6e07f70d
Cr-Commit-Position: refs/heads/master@{#315360}

Powered by Google App Engine
This is Rietveld 408576698