commit | cd87dfc6f638a6d64b2311d35a58cb1969116915 | [log] [tgz] |
---|---|---|
author | mkwst <mkwst@chromium.org> | Tue Jan 17 13:42:25 2017 |
committer | Commit bot <commit-bot@chromium.org> | Tue Jan 17 13:42:25 2017 |
tree | c8f99a73586acf7fc213431a0743f5b0a705dd45 | |
parent | 51d4cf487be9accac21945f3ec095f5d7df49dc0 [diff] |
Experiment with blocking resolution of HTTP URLs containing '\n' and '<'. Following up on the metrics added in https://codereview.chromium.org/2629393002, this patch adds a flag that will prevent URL resolution if the URL string contains a raw newline and less than sign. It also refines the metrics by excluding non-HTTP (e.g. `data:`, `javascript:`, `file:`) URLs, as those are quite likely to contain `<`, and quite unlikely to result in exfiltration (as they don't hit the network). Let's see how the data looks. Intent to Implement: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/rOs6YRyBEpw/D3pzVwGJAgAJ BUG=680970 Review-Url: https://codereview.chromium.org/2634893003 Cr-Commit-Position: refs/heads/master@{#444040}