[wpt-sync] Sync PR 18887 - Re-land: Fix `Referer` for descendant module scripts and worklets
Categories
(Core :: DOM: Core & HTML, task, P4)
Tracking
()
Tracking | Status | |
---|---|---|
firefox71 | --- | fixed |
People
(Reporter: mozilla.org, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream])
Sync web-platform-tests PR 18887 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/18887
Details from upstream follow.
Dominic Farolino <dom@chromium.org> wrote:
Re-land: Fix
Referer
for descendant module scripts and workletsThis CL addresses a problem with SecurityPolicy::GenerateReferrer
when it comes to checking the same-origin-ness of a request. The
WebAppSec Referrer Policy Standard defines a same-origin request 1 as
one where the request's origin and current URL are same-origin with
each other. This comparison is done in "determine a request's referrer"
algorithm.The analogous place in our implementation is
SecurityPolicy::GenerateReferrer. Before this CL, GenerateReferrer would
determine a request's same-origin-ness by comparing the origin of the
request's referrer string and the origin of the request's current URL.
Most of the time this was sufficient, as the request's referrer string
is almost always same-origin with the request's origin (initiator
in Blink). With descendant module scripts and worklets however, the
origin of the request's referrer string and request's origin (initiator)
could be different, which breaks the correctness of our GenerateReferrer
method.This CL introduces a blink::SecurityOrigin parameter to the
GenerateReferrer method, so that correct same-origin comparisons can be
carried out. In all GenerateReferrer call-sites, an appropriate origin
is passed in.Bug: 786862
Change-Id: I1deeaae8191b07856c593ddb2486297344e0b846
Reviewed-on: https://chromium-review.googlesource.com/1786260
WPT-Export-Revision: c0dc8ad3b6f2d29860ee763bb1135c44a3a6c4c6
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=67859106d531ac87ffd8cc59a8b5e9433ab0da08
Assignee | ||
Comment 2•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=f9ad169281978f35c6fd87ca6b470cfd6f428053
Assignee | ||
Comment 3•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=41b4e180f52e5707b3629f986e5d6d3ac58204b1
Assignee | ||
Comment 4•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=8585e5e0b73599d6bf0b01faf0c4047bc330a4ef
Assignee | ||
Comment 5•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=b59760e9fba0f198fd4d42301f6370d0cf478fa6
Assignee | ||
Comment 6•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=15a08a6ee85231d3ae7f681aaf4743a6e19b9544
Assignee | ||
Comment 7•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=dffa2a0ad55909b9e970af7034e8f9dc67dd3f9c
Assignee | ||
Comment 8•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=559a1c9d906e1617dbb686af19150ac756b137a4
Assignee | ||
Comment 9•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=c0c177d3ad9b5c7a9f9e789d94374e47220d2f37
Assignee | ||
Comment 10•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=ccc41457ff6f8d38dec6e0f6b086d623f0ce6606
Assignee | ||
Comment 11•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=ee032fe0efced6d5844224a8d07653237ec7e47d
Assignee | ||
Comment 12•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=ef3361c33f6855d5913d2da904f45d159bb4b9d1
Assignee | ||
Comment 13•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=3137eec2eb1bf8a1bef1837b7eee84c3cc8665cc
Assignee | ||
Comment 14•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=c6c295842978fafa607e338695d3f3048661350d
Assignee | ||
Comment 15•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=2755603a0f503ee52df9ea35c9e1b85f00edb348
Assignee | ||
Comment 16•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=f2adcdc9868137d7159750db9f14a2bce951e185
Assignee | ||
Comment 17•5 years ago
|
||
Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=7efe5450c6268d53e02c345f0154d75f7d55e1a3
Assignee | ||
Comment 18•5 years ago
|
||
Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=41ec64e16a6bcbc5db433836e9bb5a1da36042c1
Assignee | ||
Comment 19•5 years ago
|
||
Ran 5 tests and 29 subtests OK : 5 PASS : 29
Comment 20•5 years ago
|
||
Pushed by wptsync@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/e2cdcbbcfb7d [wpt PR 18887] - Re-land: Fix `Referer` for descendant module scripts and worklets, a=testonly
Comment 21•5 years ago
|
||
bugherder |
Description
•