[ServiceWorker] Set setSkipServiceWorker flag of the request from plugins with private permission.
The plugins with private permission such as Flash plugin can bypass same origin checking by calling URLLoaderResource::GrantUniversalAccess().
They have their own origin checking logic (ex:cross-origin.xml).
If ServiceWorker can intercept the HTTP requests from them, they can be misled.
So ServiceWorker must be disabled for such plugins.
These plugins have PERMISSION_PRIVATE permissions.
- PDF Viewer
- Google Talk Plugin Video Renderer
- Google Talk Effects Plugin
- Google Talk Plugin
- Chrome Remote Desktop Viewer
- Pepper Flash
- Widevine Cdm Plugin
BUG=413094
Review URL: https://codereview.chromium.org/606993002
Cr-Commit-Position: refs/heads/master@{#297396}
1 file changed
