[wpt-sync] Sync PR 18887 - Re-land: Fix `Referer` for descendant module scripts and worklets
Categories
(Core :: DOM: Core & HTML, task, P4)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox71 | --- | fixed |
People
(Reporter: mozilla.org, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream])
Sync web-platform-tests PR 18887 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/18887
Details from upstream follow.
Dominic Farolino <dom@chromium.org> wrote:
Re-land: Fix
Refererfor descendant module scripts and workletsThis CL addresses a problem with SecurityPolicy::GenerateReferrer
when it comes to checking the same-origin-ness of a request. The
WebAppSec Referrer Policy Standard defines a same-origin request 1 as
one where the request's origin and current URL are same-origin with
each other. This comparison is done in "determine a request's referrer"
algorithm.The analogous place in our implementation is
SecurityPolicy::GenerateReferrer. Before this CL, GenerateReferrer would
determine a request's same-origin-ness by comparing the origin of the
request's referrer string and the origin of the request's current URL.
Most of the time this was sufficient, as the request's referrer string
is almost always same-origin with the request's origin (initiator
in Blink). With descendant module scripts and worklets however, the
origin of the request's referrer string and request's origin (initiator)
could be different, which breaks the correctness of our GenerateReferrer
method.This CL introduces a blink::SecurityOrigin parameter to the
GenerateReferrer method, so that correct same-origin comparisons can be
carried out. In all GenerateReferrer call-sites, an appropriate origin
is passed in.Bug: 786862
Change-Id: I1deeaae8191b07856c593ddb2486297344e0b846
Reviewed-on: https://chromium-review.googlesource.com/1786260
WPT-Export-Revision: c0dc8ad3b6f2d29860ee763bb1135c44a3a6c4c6
|
Assignee | |
Updated•5 years ago
|
|
|
Assignee | |
Comment 1•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=67859106d531ac87ffd8cc59a8b5e9433ab0da08
|
|
Assignee | |
Comment 2•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=f9ad169281978f35c6fd87ca6b470cfd6f428053
|
|
Assignee | |
Comment 3•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=41b4e180f52e5707b3629f986e5d6d3ac58204b1
|
|
Assignee | |
Comment 4•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=8585e5e0b73599d6bf0b01faf0c4047bc330a4ef
|
|
Assignee | |
Comment 5•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=b59760e9fba0f198fd4d42301f6370d0cf478fa6
|
|
Assignee | |
Comment 6•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=15a08a6ee85231d3ae7f681aaf4743a6e19b9544
|
|
Assignee | |
Comment 7•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=dffa2a0ad55909b9e970af7034e8f9dc67dd3f9c
|
|
Assignee | |
Comment 8•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=559a1c9d906e1617dbb686af19150ac756b137a4
|
|
Assignee | |
Comment 9•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=c0c177d3ad9b5c7a9f9e789d94374e47220d2f37
|
|
Assignee | |
Comment 10•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=ccc41457ff6f8d38dec6e0f6b086d623f0ce6606
|
|
Assignee | |
Comment 11•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=ee032fe0efced6d5844224a8d07653237ec7e47d
|
|
Assignee | |
Comment 12•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=ef3361c33f6855d5913d2da904f45d159bb4b9d1
|
|
Assignee | |
Comment 13•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=3137eec2eb1bf8a1bef1837b7eee84c3cc8665cc
|
|
Assignee | |
Comment 14•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=c6c295842978fafa607e338695d3f3048661350d
|
|
Assignee | |
Comment 15•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=2755603a0f503ee52df9ea35c9e1b85f00edb348
|
|
Assignee | |
Comment 16•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=f2adcdc9868137d7159750db9f14a2bce951e185
|
|
Assignee | |
Comment 17•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=7efe5450c6268d53e02c345f0154d75f7d55e1a3
|
|
Assignee | |
Comment 18•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=41ec64e16a6bcbc5db433836e9bb5a1da36042c1
|
|
Assignee | |
Comment 19•5 years ago
|
||
Ran 5 tests and 29 subtests OK : 5 PASS : 29
|
||
Comment 20•5 years ago
|
||
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/e2cdcbbcfb7d [wpt PR 18887] - Re-land: Fix `Referer` for descendant module scripts and worklets, a=testonly
|
||
Comment 21•5 years ago
|
||
| bugherder | ||
Description
•