New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 624426 link

Starred by 1 user
Status: Fixed
Owner:
eustas@chromium.org
Last visit > 30 days ago
Closed: Jul 2016
Cc:
kenjibaheux@chromium.org
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Bug



Sign in to add a comment

Allow brotli on localhost

Project Member Reported by jakearchibald@chromium.org, Jun 29 2016 
Currently brotli support is not advertised on localhost. localhost is a secure context, so I'd expect brotli to work there.

https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy - see step 3.

Other APIs such as service workers treat localhost as secure.

Comment 1 by kenjibaheux@chromium.org, Jul 6 2016

Owner: eustas@chromium.org
Status: Assigned (was: Untriaged)
Eugene, can you take a look? You might want to mimic Service Worker for the "secure origin" check (contact: falken@).

Comment 2 by eustas@chromium.org, Jul 6 2016 

I've found IsOriginSecure utility, but it is, unfortunately in content/common.
Excluding parts about filesystems and trustworthy whitelists, we have:

isSecure = url.SchemeIsCryptographic() || net::IsLocalhost(url.HostNoBrackets());

Id est, the fix would be just a one-liner. Going to implement it soon.
Project Member

Comment 3 by bugdroid1@chromium.org, Jul 7 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7ff89682426bace51e9c85eed17d6c18bb046fcb

commit 7ff89682426bace51e9c85eed17d6c18bb046fcb
Author: eustas <eustas@chromium.org>
Date: Thu Jul 07 20:23:39 2016

Advertise brotli for localhost requests.

BUG= 624426 

Review-Url: https://codereview.chromium.org/2125253002
Cr-Commit-Position: refs/heads/master@{#404231}

[modify] https://crrev.com/7ff89682426bace51e9c85eed17d6c18bb046fcb/net/url_request/url_request_http_job.cc

Comment 4 by eustas@chromium.org, Jul 12 2016

Status: Fixed (was: Assigned)

Sign in to add a comment