| commit | e4cfac9d67e1b30d60f84def4a7c7cb5f4883c66 | [log] [tgz] |
|---|---|---|
| author | mkwst <mkwst@chromium.org> | Tue Feb 21 06:30:40 2017 |
| committer | Commit bot <commit-bot@chromium.org> | Tue Feb 21 06:30:40 2017 |
| tree | c19cacb8c8121303344ac7aeb6fa2319093f7f73 | |
| parent | c49d32e2554c23beb02be20061c0b9784476fe98 [diff] |
Block 'ftp:' subresource requests from non-'ftp:' pages. Usage of the 'ftp:' protocol when requesting subresources from non-'ftp:' clients has slowly declined over the last few years to the point where it represents a [negligable amount of traffic][1]. The protocol does not support modern requirements, like encryption, and we're interested in removing support from //net. To that end, this patch alters Fetch to block FTP subresources from webby clients. That is, a page delivered from `http://example.com/` will receive a network error response to requests like those generated from `<img src='ftp://example.com/image.png'>`. Intent: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/bIJdwwoQ98U/-F1aL2FgBAAJ PR against Fetch: https://github.com/whatwg/fetch/pull/464. BUG=435547 Review-Url: https://codereview.chromium.org/2656443005 Cr-Commit-Position: refs/heads/master@{#451709}