| commit | e10716b701e5f584a3eae7d99c7cf94bb4a1df0f | [log] [tgz] |
|---|---|---|
| author | Titouan Rigoudy <[email protected]> | Tue Sep 29 13:29:55 2020 |
| committer | Commit Bot <[email protected]> | Tue Sep 29 13:29:55 2020 |
| tree | da80211529484226b8221dc9818d57ebdd4dc924 | |
| parent | bd156ab4d429ff7a94e37d84168d699ee1ac3053 [diff] [blame] |
[CORS-RFC1918] Block insecure navigation requests. For subresource URL requests, the renderer URLLoader uses its factory's parameters to determine the client security state of the request initiator. Navigations however use a central URLLoaderFactory in the browser process. This change propagates the client security state in the ResourceRequest to the URLLoader as a trusted parameter, and acts on this state in URLLoader. It only improves the situation for non-top-level navigation requests. The latter need some thought given to the UX first, see: https://crbug.com/1129326. Bug: chromium:1124346 Change-Id: I8736706ef402831375f34f9c7f2a96d3059c25be Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2410406 Reviewed-by: Arthur Sonzogni <[email protected]> Reviewed-by: Matt Menke <[email protected]> Commit-Queue: Titouan Rigoudy <[email protected]> Cr-Commit-Position: refs/heads/master@{#811670}
diff --git a/content/browser/renderer_host/navigation_request_info.h b/content/browser/renderer_host/navigation_request_info.h index ea285de..c52014a 100644 --- a/content/browser/renderer_host/navigation_request_info.h +++ b/content/browser/renderer_host/navigation_request_info.h
@@ -95,6 +95,9 @@ // Specifies the security state applying to the navigation. For iframes, this // is the security state of their parent. Nullptr otherwise. + // + // TODO(https://crbug.com/1129326): Set this for top-level navigation requests + // too once the UX story is sorted out. const network::mojom::ClientSecurityStatePtr client_security_state; };