Issue 601090 link

Starred by 1 user

Issue metadata

Status:	Verified
Owner:	iclell...@chromium.org
Closed:	Apr 2016
Cc:	feature-...@grotations.appspotmail.com
Components:	Internals>OriginTrials
EstimatedDays:	----
NextAction:	----
OS:	All
Pri:	1
Type:	Feature
Hotlist-Merge-Approved M-51 merge-merged-2704

Update origin trial token format

Project Member Reported by iclell...@chromium.org, Apr 6 2016

Issue description

From discussions with palmer@ and estark@ revolving around the use of custom string parsing in the browser process, we should change the format of the tokens used by the experimental framework.

The concerns with the current format are:
  - Custom string format requires new parsing code; JSON would be better
  - Signature is verified *after* string is already parsed

The proposed new format is documented in https://docs.google.com/document/d/1v5fi0EUV_QHckVHVF2K4P72iNywnrJtNhNZ6i2NPt0M/edit# (Under "Proposed Update" currently)

Comment 1 by iclell...@chromium.org, Apr 6 2016

Components: Internals>OriginTrials

Project Member

Comment 2 by bugdroid1@chromium.org, Apr 14 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0709f4ee3881c0c97c7e765ba824b20d5464771f

commit 0709f4ee3881c0c97c7e765ba824b20d5464771f
Author: iclelland <iclelland@chromium.org>
Date: Thu Apr 14 16:21:17 2016

Change origin trial token format

This CL introduces a new format for origin trial tokens. The tokens are JSON-encoded data, wrapped in a base64-encoded signed binary structure.

The token format is documented at https://docs.google.com/document/d/1v5fi0EUV_QHckVHVF2K4P72iNywnrJtNhNZ6i2NPt0M

Additionally, this CL changes the order of operations when processing tokens. Now signature verification is always performed as part of parsing, and the token's applicability can be checked after it has been verified and parsed.

BUG= 601090 

Review URL: https://codereview.chromium.org/1858763003

Cr-Commit-Position: refs/heads/master@{#387333}

[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/content/common/origin_trials/trial_token.cc
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/content/common/origin_trials/trial_token.h
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/content/common/origin_trials/trial_token_unittest.cc
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/content/common/origin_trials/trial_token_validator.cc
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/content/common/origin_trials/trial_token_validator.h
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/content/common/origin_trials/trial_token_validator_unittest.cc
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-enabled.html
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-expired.html
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-multiple-tokens.html
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-stolen.html
[modify] https://crrev.com/0709f4ee3881c0c97c7e765ba824b20d5464771f/tools/origin_trials/generate_token.py

Comment 3 by iclell...@chromium.org, Apr 15 2016

Labels: Merge-Request-51
Status: Verified (was: Started)

Comment 4 by iclell...@chromium.org, Apr 15 2016

Labels: -Pri-2 Pri-1

We should merge this into M51 if at all possible.

Otherwise, we will have to generate the old-style tokens for M51, and then regenerate them, and contact all developers to issue them new ones when M52 lands.

Comment 5 by tin...@google.com, Apr 15 2016

Labels: -Merge-Request-51 Merge-Approved-51 Hotlist-Merge-Approved

Your change meets the bar and is auto-approved for M51 (branch: 2704)

Comment 6 by gov...@chromium.org, Apr 15 2016

Please merge your change before 5:00 PM PST on Monday (04/18) so we can take it in for next week M51 release.

Project Member

Comment 7 by bugdroid1@chromium.org, Apr 15 2016

Labels: -merge-approved-51 merge-merged-2704

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1ad4616aa5ed94f8d702785281004f94f33cbf72

commit 1ad4616aa5ed94f8d702785281004f94f33cbf72
Author: Ian Clelland <iclelland@google.com>
Date: Fri Apr 15 17:32:37 2016

Change origin trial token format

This CL introduces a new format for origin trial tokens. The tokens are JSON-encoded data, wrapped in a base64-encoded signed binary structure.

The token format is documented at https://docs.google.com/document/d/1v5fi0EUV_QHckVHVF2K4P72iNywnrJtNhNZ6i2NPt0M

Additionally, this CL changes the order of operations when processing tokens. Now signature verification is always performed as part of parsing, and the token's applicability can be checked after it has been verified and parsed.

BUG= 601090 

Review URL: https://codereview.chromium.org/1858763003

Cr-Commit-Position: refs/heads/master@{#387333}
(cherry picked from commit 0709f4ee3881c0c97c7e765ba824b20d5464771f)

Review URL: https://codereview.chromium.org/1887223003 .

Cr-Commit-Position: refs/branch-heads/2704@{#78}
Cr-Branched-From: 6e53600def8f60d8c632fadc70d7c1939ccea347-refs/heads/master@{#386251}

[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/content/common/origin_trials/trial_token.cc
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/content/common/origin_trials/trial_token.h
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/content/common/origin_trials/trial_token_unittest.cc
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/content/common/origin_trials/trial_token_validator.cc
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/content/common/origin_trials/trial_token_validator.h
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/content/common/origin_trials/trial_token_validator_unittest.cc
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-enabled.html
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-expired.html
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-multiple-tokens.html
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/third_party/WebKit/LayoutTests/http/tests/origin_trials/sample-api-stolen.html
[modify] https://crrev.com/1ad4616aa5ed94f8d702785281004f94f33cbf72/tools/origin_trials/generate_token.py

►

Issue 601090 link

Issue metadata

Update origin trial token format

Issue description

Comment 1 by iclell...@chromium.org, Apr 6 2016

Comment 1 Deleted

Comment 2 by bugdroid1@chromium.org, Apr 14 2016

Comment 2 Deleted

Comment 3 by iclell...@chromium.org, Apr 15 2016

Comment 3 Deleted

Comment 4 by iclell...@chromium.org, Apr 15 2016

Comment 4 Deleted

Comment 5 by tin...@google.com, Apr 15 2016

Comment 5 Deleted

Comment 6 by gov...@chromium.org, Apr 15 2016

Comment 6 Deleted

Comment 7 by bugdroid1@chromium.org, Apr 15 2016

Comment 7 Deleted

Sign in to add a comment