Google Git
Sign in
chromium / chromium / src / 2d3f85193a309457c923e1edc053c5d7a9d214e6
commit2d3f85193a309457c923e1edc053c5d7a9d214e6[log] [tgz]
authorLukasz Anforowicz <lukasza@chromium.org>Thu Jan 03 06:39:30 2019
committerCommit Bot <commit-bot@chromium.org>Thu Jan 03 06:39:30 2019
tree92a98c8841118423c2127274438bc18245f77e4f
parent29ac4289d27a7510d2ff15f94aa2f716be673bfc [diff]
Enforce |request_initiator_site_lock| for Cross-Origin Read Blocking.

In the long-term we want |request_initiator_site_lock| to take
precedence over |request_initiator| everywhere in the NetworkService.
This is risky however, because there are known cases where
|request_initiator| may differ from |request_initiator_site_lock| even
without a malicious/compromised renderer in the picture (e.g. HTML
Imports).  Therefore, in the short-term, we start with enforcing
|request_initiator_site_lock| only for Cross-Origin Read Blocking
(CORB) - this is safer because:
- CORB only applies to a subset of requests and so this approach seems
  safer and okay to enable by default (while measuring the impact via UMA
  and having a kill switch ready).
- CORB is only web-observable when blocking subresource requests
  trigerred by XHR/fetch API (and these requests seem to always use a
  |request_initiator| compatible with |request_initiator_site_lock|;
  this is covered by new tests added by this CL).

Bug: 871827
Change-Id: If9459bfbd09411d70c3547de0e50a58832e75503
Reviewed-on: https://chromium-review.googlesource.com/c/1377385
Commit-Queue: Ɓukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Ilya Sherman <isherman@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#619597}
24 files changed
tree: 92a98c8841118423c2127274438bc18245f77e4f
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. cc/
  8. chrome/
  9. chrome_elf/
  10. chromecast/
  11. chromeos/
  12. cloud_print/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. gin/
  22. google_apis/
  23. google_update/
  24. gpu/
  25. headless/
  26. infra/
  27. ios/
  28. ipc/
  29. jingle/
  30. mash/
  31. media/
  32. mojo/
  33. native_client_sdk/
  34. net/
  35. pdf/
  36. ppapi/
  37. printing/
  38. remoting/
  39. rlz/
  40. sandbox/
  41. services/
  42. skia/
  43. sql/
  44. storage/
  45. styleguide/
  46. testing/
  47. third_party/
  48. tools/
  49. ui/
  50. url/
  51. webrunner/
  52. .clang-format
  53. .eslintrc.js
  54. .git-blame-ignore-revs
  55. .gitattributes
  56. .gitignore
  57. .gn
  58. .vpython
  59. AUTHORS
  60. BUILD.gn
  61. CODE_OF_CONDUCT.md
  62. codereview.settings
  63. DEPS
  64. ENG_REVIEW_OWNERS
  65. LICENSE
  66. LICENSE.chromium_os
  67. OWNERS
  68. PRESUBMIT.py
  69. PRESUBMIT_test.py
  70. PRESUBMIT_test_mocks.py
  71. README.md
  72. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .