This code in WebMediaPlayerAndroid::hasSingleSecurityOrigin() which was recently added to handle a problem with redirects seems suspicious:

  return base::android::BuildInfo::GetInstance()->sdk_int() >=
      kSDKVersionToSupportSecurityOriginCheck;

Is that fetching the information of the device we're running on, or the version of the SDK Chrome was built against?

You might see if running with --enable-unified-media-pipeline (or flipping the same thing in chrome://flags) fixes this. It should since we'll do origin checks through chrome's network stack instead.

as for comment1: that should be the device Chrome is running on

(As has been pointed out on the CL itself) https://codereview.chromium.org/408873004

Description said:
"""
For systems below K, the security impact is much less serious than the issue it caused.
As a result, we are reenabling video for webgl for systems <=K.
"""

Then afaict, that condition does the exact opposite of the description says. It turned *off* security checks for newer L and up, and did not change K and below.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7d700edf761d46092b24d53ee228ce0df6e7b054

commit 7d700edf761d46092b24d53ee228ce0df6e7b054
Author: dongseong.hwang <dongseong.hwang@intel.com>
Date: Tue Mar 08 00:04:34 2016

Enable blink_perf.canvas on Android Perf bots

As the blocking issue was fixed, re-enable it.

BUG= 496707 , 592017
CQ_EXTRA_TRYBOTS=tryserver.chromium.perf:linux_perf_bisect;tryserver.chromium.perf:mac_10_10_perf_bisect;tryserver.chromium.perf:win_perf_bisect;tryserver.chromium.perf:android_nexus5_perf_bisect
CQ_INCLUDE_TRYBOTS=tryserver.chromium.win:win_optional_gpu_tests_rel

Review URL: https://codereview.chromium.org/1644353002

Cr-Commit-Position: refs/heads/master@{#379686}

[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/content/renderer/media/android/webmediaplayer_android.cc
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/draw-dynamic-webgl-to-hw-accelerated-canvas-2d.html
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/draw-static-webgl-to-hw-accelerated-canvas-2d.html
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/draw-video-to-hw-accelerated-canvas-2d.html
[rename] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/resources/bear-1280x720.mp4
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/resources/canvas_runner.js
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-canvas-2d-to-texture.html
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-video-to-sub-texture.html
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-video-to-texture.html
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-webgl-to-texture.html
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/resources/runner.js
[modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/tools/perf/benchmarks/blink_perf.py