Issue 617584 link

Starred by 1 user

Issue metadata

Status:	Started
Owner:	█ mkwst@chromium.org Buried. Ping if important.
Cc:	█ tollm...@gmail.com alex...@chromium.org
Components:	Blink>SecurityFeature
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	3
Type:	Bug

Blocked on:
issue 617947
issue 615885
issue 615910

'upgrade-insecure-requests; block-all-mixed-content' should be identical to 'upgrade-insecure-requests'

Project Member Reported by mkwst@chromium.org, Jun 6 2016

Issue description

Currently, we have a few holes in our 'upgrade-insecure-requests' implementation (mostly around redirects). Once we resolve those, we should be able to get away with a simple tri-state policy state, rather than the multiple flags we're currently storing on SecurityContext (and replicating from frame to frame).

Comment 1 by mkwst@chromium.org, Jun 6 2016

Cc: alex...@chromium.org

+alexmos, since we're apparently not actually replicating the upgrade state at all. Oops. CL later this week, I suppose.

Comment 2 by mkwst@chromium.org, Jun 7 2016

Blockedon: 615910 615885

Comment 3 by mkwst@chromium.org, Jun 7 2016

Blockedon: 617947

Comment 4 by rbyers@chromium.org, Nov 18 2016

Components: Blink>SecurityFeature

Comment 5 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt

Comment 6 by est...@chromium.org, Feb 18 2018

Labels: -Hotlist-EnamelAndFriendsFixIt

►

Issue 617584 link

Issue metadata

'upgrade-insecure-requests; block-all-mixed-content' should be identical to 'upgrade-insecure-requests'

Issue description

Comment 1 by mkwst@chromium.org, Jun 6 2016

Comment 1 Deleted

Comment 2 by mkwst@chromium.org, Jun 7 2016

Comment 2 Deleted

Comment 3 by mkwst@chromium.org, Jun 7 2016

Comment 3 Deleted

Comment 4 by rbyers@chromium.org, Nov 18 2016

Comment 4 Deleted

Comment 5 by est...@chromium.org, Nov 10 2017

Comment 5 Deleted

Comment 6 by est...@chromium.org, Feb 18 2018

Comment 6 Deleted

Sign in to add a comment