1910377 - [wpt-sync] Sync PR 47328 - [CSP] Use null origin in frame-ancestors violation reports

Status: RESOLVED FIXED

(Core :: DOM: Security, task, P4)

Description

[Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)]

Sync web-platform-tests PR 47328 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/47328
Details from upstream follow.

Antonio Sartori <antoniosartori@chromium.org> wrote:

[CSP] Use null origin in frame-ancestors violation reports

Frame-ancestors violation reports are sent in Chrome through the
renderer of the embedding frame. However, the outgoing requests for
these reports should not have the Origin header set to the header of
the embedder.

Bug: 354894364
Change-Id: I8fd165aa12a5774afea359f79df7ee1e355e4412
Cq-Do-Not-Cancel-Tryjobs: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5743298
Commit-Queue: Antonio Sartori \<antoniosartori@chromium.org>
Reviewed-by: Mike West \<mkwst@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1334189}

Comment 1

[Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)]

Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=83d254f15ec5c07d48696963d7ff903dc5693405

Comment 2

[Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)]

CI Results

Ran 0 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI

Total 3 tests and 1 subtests

Status Summary

Firefox

OK : 3
PASS: 4

Chrome

OK : 3
PASS: 3
FAIL: 1

Safari

OK : 3
PASS: 2
FAIL: 2

Links

GitHub PR Head
GitHub PR Base

Comment 3

[Pulsebot]

Pushed by wptsync@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/fd366108473a
[wpt PR 47328] - [CSP] Use null origin in frame-ancestors violation reports, a=testonly

Comment 4

[tszentpeteri]

https://hg.mozilla.org/mozilla-central/rev/fd366108473a