New issue
Advanced search Search tips

Issue 373032 link

Starred by 3 users

Issue metadata

Status: Fixed
Owner:
Closed: Jun 2014
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Bug



Sign in to add a comment

Only expose WebCrypto to secure origins

Project Member Reported by rsleevi@chromium.org, May 13 2014

Issue description

Comment 1 by eroman@chromium.org, May 23 2014

Status: Started

Comment 2 by eroman@chromium.org, May 23 2014

Pending review: https://codereview.chromium.org/299253003/
Project Member

Comment 3 by bugdroid1@chromium.org, Jun 10 2014

The following revision refers to this bug:
  http://src.chromium.org/viewvc/blink?view=rev&rev=175916

------------------------------------------------------------------
r175916 | eroman@chromium.org | 2014-06-10T20:30:20.339412Z

Changed paths:
   M http://src.chromium.org/viewvc/blink/trunk/Source/modules/crypto/SubtleCrypto.cpp?r1=175916&r2=175915&pathrev=175916
   M http://src.chromium.org/viewvc/blink/trunk/Source/platform/weborigin/SecurityOrigin.cpp?r1=175916&r2=175915&pathrev=175916
   M http://src.chromium.org/viewvc/blink/trunk/Source/platform/weborigin/SecurityOriginTest.cpp?r1=175916&r2=175915&pathrev=175916
   M http://src.chromium.org/viewvc/blink/trunk/Source/platform/weborigin/SecurityOrigin.h?r1=175916&r2=175915&pathrev=175916
   M http://src.chromium.org/viewvc/blink/trunk/Source/platform/DEPS?r1=175916&r2=175915&pathrev=175916

[webcrypto] Only allow crypto.subtle.* to be used from "secure origins".

The meaning of a secure origin is defined by:
http://www.chromium.org/Home/chromium-security/security-faq#TOC-Which-origins-are-secure-

In essence, "secure origins" are those that load resources either from the local machine or over the network from a cryptographically-authenticated server.

For example these are considered secure origins:
  * chrome-extension://xxx
  * https://xxx
  * wss://xxx
  * file://xxx
  * http://localhost/
  * http://127.0.0.1/

Whereas these are considered insecure:
  * http://foobar
  * ws://foobar

crypto.subtle itself is visible from insecure origins. However all of its methods will fail by returning a rejected Promise for NotSupportedError.

BUG= 373032 ,  245025 ,  362214 

Review URL: https://codereview.chromium.org/299253003
-----------------------------------------------------------------

Comment 4 by eroman@chromium.org, Jun 10 2014

Status: Fixed

Comment 5 by ray...@gmail.com, Feb 22 2018

This item sounds like creating a bug, not fixing one.

Comment 6 by eroman@chromium.org, Feb 22 2018

Restricting to secure origins is required by the Web Crypto spec (https://www.w3.org/TR/WebCryptoAPI/).

In particular, see https://github.com/w3c/webcrypto/commit/4d76fd310377c62678f73dff5d90100fe9aa7ccb

Sign in to add a comment