Credentials should be submittable within the same registrable domain. |
|||||
Issue description
,
Apr 26 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/6036e62ac8638c3cdfd76db5dfe44ca05c62f682 commit 6036e62ac8638c3cdfd76db5dfe44ca05c62f682 Author: mkwst <mkwst@chromium.org> Date: Tue Apr 26 19:51:52 2016 CREDENTIAL: Credentials should be submitted within a registrable domain. The current code checks for an exact origin match when creating a Request. That doesn't match the specification; see step 3.1 of https://w3c.github.io/webappsec-credential-management/#body-extraction. BUG= 606788 Review URL: https://codereview.chromium.org/1918253002 Cr-Commit-Position: refs/heads/master@{#389858} [add] https://crrev.com/6036e62ac8638c3cdfd76db5dfe44ca05c62f682/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch-registrabledomain.html [modify] https://crrev.com/6036e62ac8638c3cdfd76db5dfe44ca05c62f682/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/echo-post.php [modify] https://crrev.com/6036e62ac8638c3cdfd76db5dfe44ca05c62f682/third_party/WebKit/Source/modules/fetch/Request.cpp
,
Apr 27 2016
Hello, friendly release managers! I'd like to merge this back to the beta branch once it's baked on Canary for a day or two. The Credential Management API was unfortunately preventing folks from submitting credentials to sign-in servers, which obviates most of its purpose. :(
,
Apr 27 2016
Your change meets the bar and is auto-approved for M51 (branch: 2704)
,
Apr 29 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c1bd9c0416516f3e73a659dcbce7bb17741f4ff5 commit c1bd9c0416516f3e73a659dcbce7bb17741f4ff5 Author: Mike West <mkwst@google.com> Date: Fri Apr 29 07:58:05 2016 CREDENTIAL: Credentials should be submitted within a registrable domain. The current code checks for an exact origin match when creating a Request. That doesn't match the specification; see step 3.1 of https://w3c.github.io/webappsec-credential-management/#body-extraction. BUG= 606788 Review URL: https://codereview.chromium.org/1918253002 Cr-Commit-Position: refs/heads/master@{#389858} (cherry picked from commit 6036e62ac8638c3cdfd76db5dfe44ca05c62f682) Review URL: https://codereview.chromium.org/1928283002 . Cr-Commit-Position: refs/branch-heads/2704@{#306} Cr-Branched-From: 6e53600def8f60d8c632fadc70d7c1939ccea347-refs/heads/master@{#386251} [add] https://crrev.com/c1bd9c0416516f3e73a659dcbce7bb17741f4ff5/third_party/WebKit/LayoutTests/http/tests/credentialmanager/passwordcredential-fetch-registrabledomain.html [modify] https://crrev.com/c1bd9c0416516f3e73a659dcbce7bb17741f4ff5/third_party/WebKit/LayoutTests/http/tests/credentialmanager/resources/echo-post.php [modify] https://crrev.com/c1bd9c0416516f3e73a659dcbce7bb17741f4ff5/third_party/WebKit/Source/modules/fetch/Request.cpp
,
Apr 29 2016
|
|||||
►
Sign in to add a comment |
|||||
Comment 1 by mkwst@chromium.org
, Apr 26 2016