Google Git
Sign in
chromium / chromium / src / f1eb79c5305e19ceee013af158dd853e80e9d312
commitf1eb79c5305e19ceee013af158dd853e80e9d312[log] [tgz]
authorMatt Falkenhagen <falken@chromium.org>Fri Feb 16 07:25:55 2018
committerCommit Bot <commit-bot@chromium.org>Fri Feb 16 07:25:55 2018
treeade7dbb2b4abd2265ed5409ec4bb202a5c93cdfc
parentf73729069287840409d64ecd95667febf658388e [diff]
service worker: Disallow interception for EMBED and OBJECT requests.

This matches the service worker specification and Firefox.

This change itself is probably not enough to skip all EMBED/OBJECT
requests, as some requests get initiated by PepperURLLoaderHost or
MimeHandlerViewContainer.

In implementor concerns:
https://w3c.github.io/ServiceWorker/#implementer-concerns
"Plug-ins should not load via service workers. As plug-ins may get their
security origins from their own urls, the embedding service worker cannot
handle it. For this reason, the Handle Fetch algorithm makes the
potential-navigation-or-subresource request (whose context is either <embed> or
<object>) immediately fallback to the network without dispatching fetch event."

In Handle Fetch:
https://w3c.github.io/ServiceWorker/#handle-fetch
"If request is a potential-navigation-or-subresource request, then:
Return null."


R=kinuko, yhirano

Bug: 771933
Change-Id: Ia04ae8dec8c968de6a73dca088aa88a67b21718a
Reviewed-on: https://chromium-review.googlesource.com/923445
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Matt Falkenhagen <falken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#537245}
7 files changed
tree: ade7dbb2b4abd2265ed5409ec4bb202a5c93cdfc
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. blink/
  6. build/
  7. build_overrides/
  8. cc/
  9. chrome/
  10. chrome_cleaner/
  11. chrome_elf/
  12. chromecast/
  13. chromeos/
  14. cloud_print/
  15. components/
  16. content/
  17. courgette/
  18. crypto/
  19. dbus/
  20. device/
  21. docs/
  22. extensions/
  23. gin/
  24. google_apis/
  25. google_update/
  26. gpu/
  27. headless/
  28. infra/
  29. ios/
  30. ipc/
  31. jingle/
  32. mash/
  33. media/
  34. mojo/
  35. native_client_sdk/
  36. net/
  37. notification_helper/
  38. pdf/
  39. ppapi/
  40. printing/
  41. remoting/
  42. rlz/
  43. sandbox/
  44. services/
  45. skia/
  46. sql/
  47. storage/
  48. styleguide/
  49. testing/
  50. third_party/
  51. tools/
  52. ui/
  53. url/
  54. .clang-format
  55. .eslintrc.js
  56. .git-blame-ignore-revs
  57. .gitattributes
  58. .gitignore
  59. .gn
  60. .vpython
  61. AUTHORS
  62. BUILD.gn
  63. CODE_OF_CONDUCT.md
  64. codereview.settings
  65. DEPS
  66. ENG_REVIEW_OWNERS
  67. LICENSE
  68. LICENSE.chromium_os
  69. OWNERS
  70. PRESUBMIT.py
  71. PRESUBMIT_test.py
  72. PRESUBMIT_test_mocks.py
  73. README.md
  74. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .