Disable `navigator.credentials` in M50. |
||||||||||
Issue descriptionHello, friendly release managers! I'd like to revert https://codereview.chromium.org/1720403003 from the M50 branch. I thought I was landing it after the branch point, but I was wrong. :( The feature is enabled via a feature flag, so if reverting the patch is too dangerous, we should be able to disable the feature via Finch. I'd prefer to just flip the flag back off on the branch, though, if possible. WDYT?
,
Apr 6 2016
... Really? That makes the whole feature flag thing somewhat less valuable as a failsafe. :/ In that case, we should really revert the patch.
,
Apr 6 2016
Why do we need a failsafe..? iiuc credential manager was never supposed to ship on webview?
,
Apr 6 2016
For this particular feature, it's somewhat less relevant, since the API has no effect in a WebView (there's no backend to connect to, so the Promises reject). In general, I thought feature flags were supposed to be able to turn off features in the wild if something goes wrong. I'm thinking of the various iterations of SPDY, for instance, many of which ended up disabled due to bad interactions with various servers. Separate from this feature, it seems like it would be nice to have a mechanism to roll out that kind of reversion without shipping a new WebView binary.
,
Apr 6 2016
We don't have UMA or automated crash reporting on WebView, which is the normal counterpart to Finch trials; unfortunately for now we are missing both directions of communication :/
,
Apr 7 2016
[Automated comment] Less than 2 weeks to go before stable on M50, manual review required.
,
Apr 7 2016
Merge approved for M50 (branch 2661). Pls go ahead merge.
,
Apr 7 2016
Please merge your change to M50 branch 2661 by 5:00 PM PST on April 8th,Friday to make into the desktop Stable final build cut. Thank you.
,
Apr 8 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948 commit f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948 Author: Mike West <mkwst@google.com> Date: Fri Apr 08 07:16:39 2016 Revert "Ship the Credential Management API by default" from M50. This reverts commit 062c94e083bb1a2ec9df0222cdbdff6b364cb466, which should have landed only after the M50 branch point. > Ship the Credential Management API by default > > This patch enables the Credential Management API by default. > > It also converts the existing CLI flag into a `base::Feature`, which will allow > us to hook it up to Finch as a kill-switch in case it asplodes the internets. > This feature flag can be removed after ~a release, once we're confident that > we're not breaking things. > > Intent to Ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/7ouLjWzcjb0 > > BUG= 576705 > R=vabr@chromium.org > > Committed: https://crrev.com/062c94e083bb1a2ec9df0222cdbdff6b364cb466 > Cr-Commit-Position: refs/heads/master@{#377276} BUG= 601130 TBR=vabr@chromium.org Review URL: https://codereview.chromium.org/1870943002 . Cr-Commit-Position: refs/branch-heads/2661@{#524} Cr-Branched-From: ef6f6ae5e4c96622286b563658d5cd62a6cf1197-refs/heads/master@{#378081} [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/chrome/browser/about_flags.cc [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/chrome/browser/ui/views/passwords/manage_passwords_bubble_view_interactive_uitest.cc [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/chrome/browser/ui/webui/options/password_manager_handler.cc [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/content/browser/renderer_host/render_process_host_impl.cc [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/content/child/runtime_features.cc [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/content/public/common/content_features.cc [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/content/public/common/content_features.h [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/content/public/common/content_switches.cc [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/content/public/common/content_switches.h [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/third_party/WebKit/LayoutTests/virtual/stable/webexposed/global-interface-listing-expected.txt [modify] https://crrev.com/f2176c7a2a03c5dbd4f98f3fd90c2a4f9dd20948/third_party/WebKit/Source/platform/RuntimeEnabledFeatures.in
,
Apr 13 2016
amineer wanted to review this for m50 webview stable; we are considering shipping a build before the revert to stable
,
Apr 25 2016
Tested the same on mac 10.11 chrome version 50.0.2661.87 using the URL https://w3c.github.io/webappsec/demos/credential-management/ giving the credentials and clciking sign in there is no bubble displayed to save the credentials On enabling the flag --enable-credential-manager-api in chrome://flags this is working fine. Could you please confirm on the fix as this is not working as expected unless the flag is enabled.
,
May 3 2016
mkwst@, Could you please respond as per comment #11
,
May 3 2016
Right. The bubble should not be displayed in Chrome 50, as the API isn't enabled there by default. Flipping the flag you noted should enable the bubble. It sounds like things are working as expected.
,
May 3 2016
mkwst@, Thanks for the update. Adding the TE-Verified labels accordingly |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by boliu@chromium.org
, Apr 6 2016