This is for main frame navigations only, right?

I think we'll need an Intent email on blink-dev for this when the time comes.

Correct, only for main frame navigations (updated the title). I can send an email to blink-dev once we figure out some of the details.

One of the outstanding questions is whether we can reliably distinguish downloads from other redirects. It looks like determining whether a navigation will end up with a download requires actually navigating to the URL, is that right?

+asanka for answering download question in #2. 

For some downloads we do get some of the data to do MIME sniffing. But I wonder if we could have some reasonable heuristics here.

[Note: I like this overall idea if that matters].

We can predict what will happen based on the MIME type of the response. The effective MIME type is what's specified explicitly for data: and blob: URLs. We don't support sniffing data: and blob: responses.

The decision is codified in MimeTypeResourceHandler::SelectNextHandler(). The high-level logic is:

  * If :
       - a request's resource type is MAIN_FRAME or SUB_FRAME AND
       - the MIME type is not supported natively by the renderer (determined by mime_util::IsSupportedMimeType()) AND
       - the MIME type is not supported by any enabled plugin
    Then: download the response.

That said, this isn't strictly correct layering. The logic in MimeTypeResourceHandler is trying to predict what the renderer would do if the browser were to send the response over. Prior to the browser-side navigation work, the correct way to determine if something was a download would've been to wait for the renderer to decide what to do with the response. If the renderer refused to deal with the response AND the request was for a MAIN_FRAME or SUB_FRAME resource type, then we can consider downloading the response instead. I'm not sure what the correct thing to do is with browser-side navigation without duplicating the 'can the renderer handle this response' logic in both the browser and the renderer.

Thanks asanka. How do redirects to subresources fall into this? More specifically, if a.com opens |data:text/html;charset=utf-8,<head><META http-equiv="refresh" content="0;URL=http://example.com/download.png">|, it seems like we'll need to allow the data url to load and then initiate the download. But then we end up displaying the data url in the first place. Is there anything clever we could do there?

Speaking of MIME types, another option is to still allow navigations to static content such as images (data:image/*). We don't have data on what mime types are being displayed via data/blob urls, but I'm guessing most are images.

 Issue 484691  has been merged into this issue.

One strong compatibility measure is that if an <A> element has the Download attribute (https://developer.mozilla.org/en-US/docs/Web/HTML/Element/a) then we know it's going to be a download. We also know in advance if the user does "Save Link As." 

Compatibility-wise, IE8+ and Edge do not allow navigation to Data/Blob URIs either at the top-level or in frames (e.g. https://bayden.com/test/data.htm). But you can download them via "Save Target As" or via the DOWNLOAD attribute on A Elements.

 Issue 605216  has been merged into this issue.

 Issue 625941  has been merged into this issue.

+Nathan for FYI.

We've seen renewed interest by phishers to use data URLs to host phishing attacks. In some instances it's really hard for us to protect users because Safe Browsing needs a URL to blacklist ;).

Is there an update on this bug? Thanks!

I'm going to send a blink intent to deprecate and remove soon.

 Issue 649941  has been merged into this issue.

 Issue 646770  has been merged into this issue.

 Issue 652060  has been merged into this issue.

Note: When you move forward with implementation here, be sure to test that data and blob URLs still work inside <webview> and Android WebView.  Those look like main frames but often have data URLs or blob URLs loaded into them by their embedders.  (They also don't have an address bar, so the same phishing risk doesn't apply.)

(We just encountered this problem on another bug, so I thought I'd give a heads up.)

Raising to P1 since data:urls are being actively used by phishers.

 Issue 661602  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a63dba9631de50cc36d24b38ec2e63f6423c6bb8

commit a63dba9631de50cc36d24b38ec2e63f6423c6bb8
Author: meacer <meacer@chromium.org>
Date: Mon Nov 07 19:34:37 2016

Add filesystem scheme to navigation histograms.

BUG= 594215 

Review-Url: https://codereview.chromium.org/2476993002
Cr-Commit-Position: refs/heads/master@{#430346}

[modify] https://crrev.com/a63dba9631de50cc36d24b38ec2e63f6423c6bb8/components/navigation_metrics/navigation_metrics.cc
[modify] https://crrev.com/a63dba9631de50cc36d24b38ec2e63f6423c6bb8/tools/metrics/histograms/histograms.xml

Ping. How's the data looking? :)

We don't yet have the data we wanted, but there is an alternative: http://go/data-blob-verbose-state (sorry, Google internal for now)

The tl;dr is we can display "Not secure" chips in the omnibox for data:, blob: and friends. It's much less disruptive and can be done today.

Will navigations still be supported from extensions and over the remote dev tools interface?  Not a big deal but WebPageTest uses a data URI for mobile testing for the starting page (navigated from remote debug) and just want to have an alternative ready if the intent is to break that as well.

Does DevTools create a browser-initiated navigation? Or does it just invoke some JS API in the renderer to get it to navigate? If the latter, we will have to investigate how not to break that scenario.

Looks like it calls into the frame navigator LoadUrl directly: https://cs.chromium.org/chromium/src/content/browser/devtools/protocol/page_handler.cc?type=cs&q=page+navigate+package:%5Echromium$&l=241

I have a use case for data-URLs in main frames. From the console, a quick way to test HTML/SVG/XML documents.

For example, to see how the currently inspected element looks like in isolation, I run the following snippet and if the result looks good I save it (or do view-source + copy).

open('data:text/html,' + encodeURIComponent($0.outerHTML));

I hope that the above use case continues to be supported.

Re #33, is 

   open('about:blank').document.write($0.outerHTML);

a reasonable workaround for the moment?

Eric, it would work for previewing, but not for saving the source (Ctrl-S) or view-source.

I could use copy($0.outerHTML) and then paste it to a file, but the source may already have been changed in between the calls, and it also modifies my clipboard.

Blink intent to deprecate thread: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/GbVcuwg_QjM

Re 30#:
> Will navigations still be supported from extensions and over the remote dev tools interface?

If we only block content initiated navigations (and not all top frame navigations), extensions should keep working as long as they use APIs like chrome.tabs.create that initiate direct navigations.

I use top-level blob URL to achieve the live demo function in my blog, e.g.  http://www.cnblogs.com/ziyunfei/p/5558712.html just click the top-right buttons on each code block.

l446240525@: Is there any particular reason you can't iframe the blob URLs? You can create a simple page whose only purpose is to iframe the generated blob URL (e.g. by passing the blob guid)

> You can create a simple page whose only purpose is to iframe the generated blob URL

Thanks! It's a good idea, I'll try to do that when the time comes.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b29954e8ac243142eaedbcc3c6e54d480373ee38

commit b29954e8ac243142eaedbcc3c6e54d480373ee38
Author: meacer <meacer@chromium.org>
Date: Tue Mar 07 21:21:52 2017

Add a warning for the deprecation of content-initiated data URL navigations

This CL adds a console warning when a page navigates the top level frame to a
data URL.

The browser tests are added to WebContentsImpl tests to be consistent with
the view-source URL tests.

This CL also updates most of the layout tests to avoid loading data URLs at
the top level. The only exceptions are xss-DENIED-* tests which will be updated
when the actual blocking happens.

BUG= 594215 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2694903007
Cr-Commit-Position: refs/heads/master@{#455226}

[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/content/browser/web_contents/web_contents_impl_browsertest.cc
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-frame.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-popup.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-blur.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-opener-focus.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/move-event-handler-between-framehosts.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/onunload-clears-onbeforeunload.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/onunload-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/onunload-not-on-body-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/onunload-not-on-body.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/onunload-window-property-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/onunload-window-property.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/onunload.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/page-visibility-unload.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/pageshow-pagehide-on-back-uncached.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/popup-blocked-from-untrusted-mouse-click-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/popup-blocked-from-untrusted-mouse-click.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/resources/move-event-handler-between-framehosts-popup.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/resources/onunload-clears-onbeforeunload-success.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/resources/onunload-single-alert-success.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/events/resources/page-visibility-alert-success.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/files/null-origin-string.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/files/resources/notify-no-crash.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/button-state-restore.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/multiple-form-submission-protection-mouse.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/radio/state-restore-radio-group.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/resources/multiple-form-submission-protection-post-target.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/saved-state-adoptNode-crash.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/select/select-state-restore.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/state-restore-hidden.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/state-restore-to-non-autocomplete-form.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/state-restore-to-non-edited-controls.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/forms/state-save-of-detached-control.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/frames/location-redirect-user-gesture-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/frames/location-redirect-user-gesture.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/history-back-initial-vs-final-url-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/history-back-initial-vs-final-url.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-no-hash-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-no-hash.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-with-hash-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-with-hash.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/resources/alert-then-back.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/resources/back-on-load.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/history/saves-state-after-fragment-nav.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/form-state-restore-with-frames.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/redirect-with-open-subframe-2.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/redirect-with-open-subframe.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/reload-zero-byte-plugin-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/reload-zero-byte-plugin.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/scroll-position-restoration-without-premature-clamping.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/scroll-position-restored-on-back-at-load-event.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/stateobjects/pushstate-in-data-url-denied-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/fast/loader/stateobjects/pushstate-in-data-url-denied.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/geolocation-api/clear-watch-invalid-id-crash-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/geolocation-api/clear-watch-invalid-id-crash.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/geolocation-api/notimer-after-unload-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/geolocation-api/notimer-after-unload.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/appcache/fail-on-update.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/appcache/resources/notify-no-crash.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/loading/onload-vs-immediate-refresh.pl
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/loading/resources/notify-success-on-load.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/misc/resource-timing-iframe-restored-from-history.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/misc/resources/alert-then-back.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/misc/resources/notify-success.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/misc/timer-vs-loading.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/security/originHeader/origin-header-for-data-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/security/originHeader/origin-header-for-data.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/send-on-abort-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/send-on-abort.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/inspector/tracing/resources/hello.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/inspector/tracing/timeline-misc/timeline-load-event.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/media/adopt-node-crash.html
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/plugins/plugin-initiate-popup-window-expected.txt
[modify] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/plugins/plugin-initiate-popup-window.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/resources/back.html
[add] https://crrev.com/b29954e8ac243142eaedbcc3c6e54d480373ee38/third_party/WebKit/LayoutTests/resources/notify-success.html

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/28845e05d13bf0da3e4d8b2f483c9f537f6562dd

commit 28845e05d13bf0da3e4d8b2f483c9f537f6562dd
Author: Mustafa Acer <meacer@chromium.org>
Date: Wed Mar 08 20:50:21 2017

[Merge M-57] Add a warning for the deprecation of content-initiated data URL navigations

This CL adds a console warning when a page navigates the top level frame to a
data URL.

The browser tests are added to WebContentsImpl tests to be consistent with
the view-source URL tests.

This CL also updates most of the layout tests to avoid loading data URLs at
the top level. The only exceptions are xss-DENIED-* tests which will be updated
when the actual blocking happens.

BUG= 594215 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2694903007
Cr-Commit-Position: refs/heads/master@{#455226}
(cherry picked from commit b29954e8ac243142eaedbcc3c6e54d480373ee38)

Review-Url: https://codereview.chromium.org/2741513002 .
Cr-Commit-Position: refs/branch-heads/2987@{#801}
Cr-Branched-From: ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943}

[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/content/browser/web_contents/web_contents_impl_browsertest.cc
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Geolocation/clear-watch-invalid-id-crash-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Geolocation/notimer-after-unload-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-frame.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-popup.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-blur.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-opener-focus.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/move-event-handler-between-framehosts.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/onunload-clears-onbeforeunload.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/onunload-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/onunload-not-on-body-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/onunload-not-on-body.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/onunload-window-property-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/onunload-window-property.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/onunload.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/page-visibility-unload.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/pageshow-pagehide-on-back-uncached.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/popup-blocked-from-untrusted-mouse-click-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/popup-blocked-from-untrusted-mouse-click.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/resources/move-event-handler-between-framehosts-popup.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/resources/onunload-clears-onbeforeunload-success.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/resources/onunload-single-alert-success.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/events/resources/page-visibility-alert-success.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/files/null-origin-string.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/files/resources/notify-no-crash.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/button-state-restore.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/multiple-form-submission-protection-mouse.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/radio/state-restore-radio-group.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/resources/multiple-form-submission-protection-post-target.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/saved-state-adoptNode-crash.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/select/select-state-restore.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/state-restore-hidden.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/state-restore-to-non-autocomplete-form.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/state-restore-to-non-edited-controls.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/forms/state-save-of-detached-control.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/frames/location-redirect-user-gesture-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/frames/location-redirect-user-gesture.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/history-back-initial-vs-final-url-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/history-back-initial-vs-final-url.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-no-hash-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-no-hash.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-with-hash-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-with-hash.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/resources/alert-then-back.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/resources/back-on-load.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/history/saves-state-after-fragment-nav.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/form-state-restore-with-frames.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/redirect-with-open-subframe-2.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/redirect-with-open-subframe.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/reload-zero-byte-plugin-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/reload-zero-byte-plugin.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/scroll-position-restoration-without-premature-clamping.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/scroll-position-restored-on-back-at-load-event.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/stateobjects/pushstate-in-data-url-denied-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/fast/loader/stateobjects/pushstate-in-data-url-denied.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/geolocation-api/clear-watch-invalid-id-crash.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/geolocation-api/notimer-after-unload.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/appcache/fail-on-update.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/appcache/resources/notify-no-crash.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/loading/onload-vs-immediate-refresh.pl
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/loading/resources/notify-success-on-load.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/misc/resource-timing-iframe-restored-from-history.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/misc/resources/alert-then-back.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/misc/resources/notify-success.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/misc/timer-vs-loading.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/security/originHeader/origin-header-for-data-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/security/originHeader/origin-header-for-data.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/send-on-abort-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/send-on-abort.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/inspector/tracing/resources/hello.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/inspector/tracing/timeline-misc/timeline-load-event.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/media/adopt-node-crash.html
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/plugins/plugin-initiate-popup-window-expected.txt
[modify] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/plugins/plugin-initiate-popup-window.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/resources/back.html
[add] https://crrev.com/28845e05d13bf0da3e4d8b2f483c9f537f6562dd/third_party/WebKit/LayoutTests/resources/notify-success.html

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c2f35d38c64165cd85b8600f939b801b9281f53e

commit c2f35d38c64165cd85b8600f939b801b9281f53e
Author: Mustafa Acer <meacer@chromium.org>
Date: Wed Mar 08 20:59:09 2017

[Merge to M-58] Add a warning for the deprecation of content-initiated data URL navigations

This CL adds a console warning when a page navigates the top level frame to a
data URL.

The browser tests are added to WebContentsImpl tests to be consistent with
the view-source URL tests.

This CL also updates most of the layout tests to avoid loading data URLs at
the top level. The only exceptions are xss-DENIED-* tests which will be updated
when the actual blocking happens.

BUG= 594215 , 699277 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2694903007
Cr-Commit-Position: refs/heads/master@{#455226}
(cherry picked from commit b29954e8ac243142eaedbcc3c6e54d480373ee38)

Review-Url: https://codereview.chromium.org/2734783010 .
Cr-Commit-Position: refs/branch-heads/3029@{#68}
Cr-Branched-From: 939b32ee5ba05c396eef3fd992822fcca9a2e262-refs/heads/master@{#454471}

[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/content/browser/web_contents/web_contents_impl_browsertest.cc
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/Window/mozilla-focus-blur.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-frame.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/Window/resources/file-origin-window-open-popup.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-blur.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/Window/resources/mozilla-focus-blur-popup-opener-focus.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/dom/id-attribute-shared.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/move-event-handler-between-framehosts.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/onunload-clears-onbeforeunload.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/onunload-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/onunload-not-on-body-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/onunload-not-on-body.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/onunload-window-property-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/onunload-window-property.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/onunload.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/page-visibility-unload.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/pageshow-pagehide-on-back-uncached.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/popup-blocked-from-untrusted-mouse-click-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/popup-blocked-from-untrusted-mouse-click.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/resources/move-event-handler-between-framehosts-popup.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/resources/onunload-clears-onbeforeunload-success.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/resources/onunload-single-alert-success.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/events/resources/page-visibility-alert-success.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/files/null-origin-string.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/files/resources/notify-no-crash.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/button-state-restore.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/multiple-form-submission-protection-mouse.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/radio/state-restore-radio-group.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/resources/multiple-form-submission-protection-post-target.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/saved-state-adoptNode-crash.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/select/select-state-restore.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/state-restore-hidden.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/state-restore-to-non-autocomplete-form.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/state-restore-to-non-edited-controls.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/forms/state-save-of-detached-control.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/frames/location-redirect-user-gesture-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/frames/location-redirect-user-gesture.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/history-back-initial-vs-final-url-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/history-back-initial-vs-final-url.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-no-hash-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-no-hash.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-with-hash-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/history-length-append-subframe-with-hash.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/resources/alert-then-back.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/resources/back-on-load.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/history/saves-state-after-fragment-nav.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/form-state-restore-with-frames.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/redirect-with-open-subframe-2.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/redirect-with-open-subframe.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/reload-zero-byte-plugin-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/reload-zero-byte-plugin.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/scroll-position-restoration-without-premature-clamping.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/scroll-position-restored-on-back-at-load-event.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/stateobjects/pushstate-in-data-url-denied-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/fast/loader/stateobjects/pushstate-in-data-url-denied.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/geolocation-api/clear-watch-invalid-id-crash-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/geolocation-api/clear-watch-invalid-id-crash.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/geolocation-api/notimer-after-unload-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/geolocation-api/notimer-after-unload.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/appcache/fail-on-update.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/appcache/resources/notify-no-crash.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/loading/onload-vs-immediate-refresh.pl
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/loading/resources/notify-success-on-load.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/misc/resource-timing-iframe-restored-from-history.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/misc/resources/alert-then-back.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/misc/resources/notify-success.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/misc/timer-vs-loading.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/security/originHeader/origin-header-for-data-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/security/originHeader/origin-header-for-data.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-when-allowed.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/send-on-abort-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/send-on-abort.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/inspector/tracing/resources/hello.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/inspector/tracing/timeline-misc/timeline-load-event.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/media/adopt-node-crash.html
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/plugins/plugin-initiate-popup-window-expected.txt
[modify] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/plugins/plugin-initiate-popup-window.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/resources/back.html
[add] https://crrev.com/c2f35d38c64165cd85b8600f939b801b9281f53e/third_party/WebKit/LayoutTests/resources/notify-success.html

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1facd6324b98a4bfde0ecbad78491198f5dcc681

commit 1facd6324b98a4bfde0ecbad78491198f5dcc681
Author: Mustafa Acer <meacer@chromium.org>
Date: Mon Mar 27 21:19:25 2017

Convert line endings from Windows to Unix in test file

BUG= 594215 
R=lgarron@chromium.org

Review-Url: https://codereview.chromium.org/2779803002 .
Cr-Commit-Position: refs/heads/master@{#459881}

[modify] https://crrev.com/1facd6324b98a4bfde0ecbad78491198f5dcc681/chrome/test/data/popup_blocker/popup-blocked-to-post-blank.html

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/86b0c6ec76fc6adfad37a4f22a500e89fa23175c

commit 86b0c6ec76fc6adfad37a4f22a500e89fa23175c
Author: meacer <meacer@chromium.org>
Date: Fri Mar 31 19:40:30 2017

Prevent tests using data URLs from being broken by data URL deprecation

These test will be broken when content initiated top frame data
URL navigations are blocked. Move them away from data URLs.

BUG= 594215 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2772983003
Cr-Commit-Position: refs/heads/master@{#461184}

[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/browser/ui/blocked_content/popup_blocker_browsertest.cc
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/browser/ui/browser_browsertest.cc
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/click_modifier/href.html
[add] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/click_modifier/new_window.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/click_modifier/window_open.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-blocked-to-post-blank.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-fake-click-on-anchor.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-fake-click-on-anchor2.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-fake-click-on-anchor3.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-many.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-on-unload.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-simulated-click-on-anchor.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-simulated-click-on-anchor2.html
[add] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-success.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-window-open-noopener.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/chrome/test/data/popup_blocker/popup-window-open.html
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/components/subresource_filter/content/browser/content_subresource_filter_driver_factory_unittest.cc
[modify] https://crrev.com/86b0c6ec76fc6adfad37a4f22a500e89fa23175c/content/browser/frame_host/navigation_controller_impl_browsertest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f44eeb03c89211aa7018c8cc536f9cab3bbe3def

commit f44eeb03c89211aa7018c8cc536f9cab3bbe3def
Author: meacer <meacer@chromium.org>
Date: Tue Apr 04 18:44:46 2017

Prevent autocomplete tests from being broken by data URL deprecation.

Content-initiated main-frame navigations to data URLs are being blocked
in  crbug.com/594215 . The tests fixed here were form-posting to themselves
which are data URLs and are going to be broken. Change form targets to
about:blank URLs instead.

BUG= 594215 

Review-Url: https://codereview.chromium.org/2797443004
Cr-Commit-Position: refs/heads/master@{#461786}

[modify] https://crrev.com/f44eeb03c89211aa7018c8cc536f9cab3bbe3def/chrome/browser/autofill/autofill_server_browsertest.cc
[modify] https://crrev.com/f44eeb03c89211aa7018c8cc536f9cab3bbe3def/chrome/renderer/autofill/form_autocomplete_browsertest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4add44729fbb67e384a602c9d26dc12245058025

commit 4add44729fbb67e384a602c9d26dc12245058025
Author: meacer <meacer@chromium.org>
Date: Wed Apr 05 00:23:58 2017

Prevent layout tests from being broken by data URL deprecation.

Content-initiated main-frame navigations to data URLs are being blocked
in  crbug.com/594215 .

BUG= 594215 

Review-Url: https://codereview.chromium.org/2792213002
Cr-Commit-Position: refs/heads/master@{#461912}

[modify] https://crrev.com/4add44729fbb67e384a602c9d26dc12245058025/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/cascade/cross-origin-window-open.html
[modify] https://crrev.com/4add44729fbb67e384a602c9d26dc12245058025/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/cascade/cross-origin-with-own-policy-window-open.html
[modify] https://crrev.com/4add44729fbb67e384a602c9d26dc12245058025/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-can-navigate-expected.txt
[modify] https://crrev.com/4add44729fbb67e384a602c9d26dc12245058025/third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-can-navigate.html
[modify] https://crrev.com/4add44729fbb67e384a602c9d26dc12245058025/third_party/WebKit/LayoutTests/http/tests/security/sandboxed-opener-can-close-window-expected.txt
[modify] https://crrev.com/4add44729fbb67e384a602c9d26dc12245058025/third_party/WebKit/LayoutTests/http/tests/security/sandboxed-opener-can-close-window.html

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e91f49f4a95353dce39091e84376fc75787934f6

commit e91f49f4a95353dce39091e84376fc75787934f6
Author: meacer <meacer@chromium.org>
Date: Wed Apr 05 00:34:34 2017

Prevent bookmarklet and unload tests from being broken by data URL deprecation.

Content-initiated main-frame navigations to data URLs are being blocked
in  crbug.com/594215 .

BUG= 594215 

Review-Url: https://codereview.chromium.org/2795903002
Cr-Commit-Position: refs/heads/master@{#461916}

[modify] https://crrev.com/e91f49f4a95353dce39091e84376fc75787934f6/chrome/browser/unload_browsertest.cc
[modify] https://crrev.com/e91f49f4a95353dce39091e84376fc75787934f6/content/browser/bookmarklet_browsertest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0aaeb2dcfffd5bc8bdce71eaf645fea6f477b22d

commit 0aaeb2dcfffd5bc8bdce71eaf645fea6f477b22d
Author: meacer <meacer@chromium.org>
Date: Wed Apr 05 21:08:22 2017

Prevent Android webview tests from being broken by data URL deprecation

Content-initiated main-frame navigations to data URLs are being blocked
in  crbug.com/594215 . This CL changes several tests that use data URLs.

BUG= 594215 

Review-Url: https://codereview.chromium.org/2797893002
Cr-Commit-Position: refs/heads/master@{#462212}

[modify] https://crrev.com/0aaeb2dcfffd5bc8bdce71eaf645fea6f477b22d/android_webview/javatests/src/org/chromium/android_webview/test/AwContentsClientShouldOverrideUrlLoadingTest.java
[modify] https://crrev.com/0aaeb2dcfffd5bc8bdce71eaf645fea6f477b22d/android_webview/javatests/src/org/chromium/android_webview/test/AwSettingsTest.java

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4ed27b3319ee736bef367e0657e0797685e92c43

commit 4ed27b3319ee736bef367e0657e0797685e92c43
Author: meacer <meacer@chromium.org>
Date: Thu Apr 13 19:56:55 2017

Prevent extension webview tests from being broken by data URL deprecation

Content-initiated main-frame navigations to data URLs are being blocked
in  crbug.com/594215 . This CL changes several tests that use data URLs.

BUG= 594215 

Review-Url: https://codereview.chromium.org/2818663002
Cr-Commit-Position: refs/heads/master@{#464516}

[modify] https://crrev.com/4ed27b3319ee736bef367e0657e0797685e92c43/chrome/test/data/extensions/platform_apps/web_view/shim/guest.html
[modify] https://crrev.com/4ed27b3319ee736bef367e0657e0797685e92c43/chrome/test/data/extensions/platform_apps/web_view/shim/guest_noreferrer.html
[modify] https://crrev.com/4ed27b3319ee736bef367e0657e0797685e92c43/extensions/test/data/web_view/apitest/guest.html
[modify] https://crrev.com/4ed27b3319ee736bef367e0657e0797685e92c43/extensions/test/data/web_view/apitest/guest_noreferrer.html

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/699e9524613ff501ac38a231679bca4c2aedeb74

commit 699e9524613ff501ac38a231679bca4c2aedeb74
Author: meacer <meacer@chromium.org>
Date: Fri Apr 21 00:36:00 2017

Prevent Android tests from being broken by data URL deprecation

These tests will be broken when content initiated navigations to data URLs
are blocked. This CL navigates the tests to an existing file instead of
data URLs. It also removes some unused variables.

BUG= 594215 

Review-Url: https://codereview.chromium.org/2827393003
Cr-Commit-Position: refs/heads/master@{#466200}

[modify] https://crrev.com/699e9524613ff501ac38a231679bca4c2aedeb74/chrome/android/javatests/src/org/chromium/chrome/browser/TabsOpenedFromExternalAppTest.java
[modify] https://crrev.com/699e9524613ff501ac38a231679bca4c2aedeb74/chrome/android/javatests/src/org/chromium/chrome/browser/webapps/WebappModeTest.java
[modify] https://crrev.com/699e9524613ff501ac38a231679bca4c2aedeb74/chrome/test/android/javatests/src/org/chromium/chrome/test/MultiActivityTestBase.java

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ba52f56207a4b9d70b34880fbff2352e71a06422

commit ba52f56207a4b9d70b34880fbff2352e71a06422
Author: meacer <meacer@chromium.org>
Date: Sat Apr 22 00:08:08 2017

Block renderer-initiated main frame navigations to data URLs

This CL implements the blocking of data URL navigations as described in the
blink intent to deprecate and remove thread at https://goo.gl/BaZAea.

The blocking is done in two separate places:

- blink::FrameLoader: This is a renderer side check that blocks all top-frame
  loads for known mime types. This check ignores unknown mime types as those
  can end up as downloads or be handled by plugins.

- content::DataURLNavigationThrottler: This is a browser side check that
  handles data URLs that were ignored by the renderer check. By this point, the
  determination of whether the URL is a download or not has already been made.
  This check allows downloads and blocks remaining URLs (ie. mime types that
  are handled by plugins). When browser side navigation is enabled, all blocking
  is done in this throttler instead of some checks being in blink::FrameLoader.

This CL moves data URL navigation tests to a separate file, and removes layout
tests that are no longer realistic.

TEST=data_url_navigation_browsertest.cc
BUG= 594215 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2702503002
Cr-Commit-Position: refs/heads/master@{#466504}

[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/chrome/android/javatests/src/org/chromium/chrome/browser/PopupTest.java
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/chrome/browser/apps/guest_view/web_view_browsertest.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/chrome/browser/tab_contents/navigation_metrics_recorder.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/chrome/browser/tab_contents/navigation_metrics_recorder_browsertest.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/chrome/test/data/android/popup_test.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/chrome/test/data/extensions/platform_apps/web_view/shim/main.js
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/browser/BUILD.gn
[add] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/browser/frame_host/data_url_navigation_browsertest.cc
[add] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/browser/frame_host/data_url_navigation_throttle.cc
[add] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/browser/frame_host/data_url_navigation_throttle.h
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/browser/frame_host/navigation_handle_impl.h
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/browser/web_contents/web_contents_impl_browsertest.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/child/runtime_features.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/public/common/content_features.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/public/common/content_features.h
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/public/test/test_navigation_observer.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/renderer/render_frame_impl.h
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/test/BUILD.gn
[add] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/content/test/data/data_url_navigations.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/extensions/browser/guest_view/web_view/web_view_apitest.cc
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/extensions/test/data/web_view/apitest/main.js
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/dom/HTMLAnchorElement/anchor-no-multiple-windows.html
[add] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/dom/HTMLAnchorElement/resources/popup.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/dom/location-new-window-no-crash-expected.txt
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/forms/date-multiple-fields/date-multiple-fields-clearbutton-visibility-after-restore.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/forms/datetimelocal-multiple-fields/datetimelocal-multiple-fields-clearbutton-visibility-after-restore.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/forms/month-multiple-fields/month-multiple-fields-clearbutton-visibility-after-restore.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/forms/time-multiple-fields/time-multiple-fields-clearbutton-visibility-after-restore.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/forms/week-multiple-fields/week-multiple-fields-clearbutton-visibility-after-restore.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/fast/history/scroll-restoration/scroll-restoration-scale-not-impacted.html
[delete] https://crrev.com/8ee6041580e6fa3d6bff3b86088491f9d0291fc0/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open-expected.txt
[delete] https://crrev.com/8ee6041580e6fa3d6bff3b86088491f9d0291fc0/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-from-javascript-url-window-open.html
[delete] https://crrev.com/8ee6041580e6fa3d6bff3b86088491f9d0291fc0/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open-expected.txt
[delete] https://crrev.com/8ee6041580e6fa3d6bff3b86088491f9d0291fc0/third_party/WebKit/LayoutTests/http/tests/security/dataURL/xss-DENIED-to-data-url-window-open.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/printing/print-close-crash.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/LayoutTests/svg/as-object/history-navigation.html
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/Source/core/frame/LocalFrameClient.h
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/Source/platform/RuntimeEnabledFeatures.json5
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/Source/platform/network/NetworkUtils.cpp
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/Source/platform/network/NetworkUtils.h
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/Source/web/LocalFrameClientImpl.h
[modify] https://crrev.com/ba52f56207a4b9d70b34880fbff2352e71a06422/third_party/WebKit/public/web/WebFrameClient.h

Marking this as fixed. I forked the discussion for blob and filesystem to bug 714339.

What if the current page is already a data uri page?

Deleted: 屏幕快照 2017-04-22 下午5.56.39.png 143 KB

	屏幕快照 2017-04-22 下午5.56.39.png 143 KB View Download

l446240525@: Good question. We initially wanted to allow data URL to data URL navigations. However, this turned out to be technically infeasible because we don't have a reliable way of determining the initiator of the navigation ( bug 651895 ). So we had to simplify our approach and simply block all data URL navigations.

https://chromium.googlesource.com/chromium/src/+/ba52f56207a4b9d70b34880fbff2352e71a06422 introduces a temporary command line flag to allow all data URL navigations (--enable_features=AllowContentInitiatedDataUrlNavigations) but it'll be removed in the future.

For search engines, when this is hit Chrome now reports: "Not allowed to navigate top frame to data URL".

Thanks for driving this.  If there are reports of legitimate sites being broken by this, please track them in new bugs that are marked blocked on this one (so it's easy to find them all).

meacer@, I can't reload a data URL page now, e.g.

data:text/html,<iframe src="https://a1.alicdn.com/creation/html/2016/11/01/creation-3067259SvEMFszYg5-6348953.html">

Can you please fix it, if it is not by design.

> I can't reload a data URL page now, e.g.

Refresh works for me in 60.0.3100.0 – both for the keyboard shortcut and the toolbar button. If your issue is reproducible, could you please file a new bug with details?

 Issue 726053  has been merged into this issue.

 Issue 751135  has been merged into this issue.

For those looking for a workaround, one alternative is to have a static HTML page that takes a query parameter and populates a sandboxed iframe based on the query parameter's value. Here is an example snippet:

static_data.html:
---------------------------------
<html>
<style>
html, body { padding: 0; margin: 0; }
iframe { width: 100%; height: 100%; border: 0; }
</style>
<body></body>
<script>
if (window.location.search.indexOf("?q=data:") == 0) {
  var content = window.location.search.substring(3);
  // NOTE: Don't blindly trust |content|, do extra validation!
  var f = document.createElement("iframe");
  f.src = content;
  f.setAttribute("sandbox", "");
  document.body.appendChild(f);
}
</script>
</html>


You can then load your data URLs through this page:

window.open("static_data.html?q=data:text/html,test")

 Issue 755732  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a

commit 2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a
Author: Mustafa Emre Acer <meacer@chromium.org>
Date: Fri Oct 06 19:45:58 2017

Remove data URL navigation histograms and rappor metrics

These were added for deprecation of top frame navigations to data URLs.
The deprecation and removal is completed in M60, so they are no longer
needed. 

Bug:  594215 
Change-Id: I56f600473dc22753c2be9634e054fdc0d558e8ee
Reviewed-on: https://chromium-review.googlesource.com/701469
Reviewed-by: Avi Drissman <avi@chromium.org>
Reviewed-by: Robert Kaplow <rkaplow@chromium.org>
Commit-Queue: Mustafa Emre Acer <meacer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#507150}
[modify] https://crrev.com/2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a/chrome/browser/tab_contents/navigation_metrics_recorder.cc
[modify] https://crrev.com/2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a/chrome/browser/tab_contents/navigation_metrics_recorder.h
[modify] https://crrev.com/2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a/chrome/browser/tab_contents/navigation_metrics_recorder_browsertest.cc
[modify] https://crrev.com/2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a/tools/metrics/histograms/enums.xml
[modify] https://crrev.com/2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a/tools/metrics/histograms/histograms.xml
[modify] https://crrev.com/2a6695e190dd8da0e00c2f7b8b3100275b5dfd7a/tools/metrics/rappor/rappor.xml