New issue
Advanced search Search tips

Issue 637007 link

Starred by 1 user
Status: Fixed
Owner:
est...@chromium.org
Closed: Oct 2016
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Bug



Sign in to add a comment

Check that referrer policy behavior for iframe srcdoc documents matches the spec

Project Member Reported by est...@chromium.org, Aug 11 2016 
The referrer policy behavior for iframe srcdoc documents has been changing around a bit lately. We should check that Chrome's implementation matches https://github.com/whatwg/html/pull/1559 and make it so if it doesn't.

Comment 1 by est...@chromium.org, Oct 6 2016

Labels: M-55
Status: Fixed (was: Assigned)
Spec update in https://github.com/whatwg/html/pull/1871

Fixes in https://codereview.chromium.org/2400443004
Project Member

Comment 2 by bugdroid1@chromium.org, Oct 27 2016

Labels: merge-merged-2840
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/618cf68c2fc06d58857f4bd44a26737fbe9a2494

commit 618cf68c2fc06d58857f4bd44a26737fbe9a2494
Author: estark <estark@chromium.org>
Date: Thu Oct 06 15:23:19 2016

Walk up frame tree for srcdoc referrer policies

When deciding the referrer policy for a srcdoc document, walk up the
frame tree until we find a non-srcdoc document OR a srcdoc document with
its own policy set via a meta element.

This implements the algorithm defined in
https://html.spec.whatwg.org/multipage/browsers.html#set-up-a-browsing-context-environment-settings-object. However,
the spec'ed algorithm has to be adjusted per
https://github.com/whatwg/html/pull/1559#issuecomment-251767893 to
account for meta elements in srcdoc documents (which this CL
implements).

BUG= 653034 , 637007 

Review-Url: https://codereview.chromium.org/2400443004
Cr-Commit-Position: refs/heads/master@{#423538}

[add] https://crrev.com/618cf68c2fc06d58857f4bd44a26737fbe9a2494/third_party/WebKit/LayoutTests/http/tests/security/referrer-policy-srcdoc-dynamic-policy.html
[add] https://crrev.com/618cf68c2fc06d58857f4bd44a26737fbe9a2494/third_party/WebKit/LayoutTests/http/tests/security/referrer-policy-srcdoc.html
[modify] https://crrev.com/618cf68c2fc06d58857f4bd44a26737fbe9a2494/third_party/WebKit/LayoutTests/http/tests/security/resources/echo-referrer-header.php
[add] https://crrev.com/618cf68c2fc06d58857f4bd44a26737fbe9a2494/third_party/WebKit/LayoutTests/http/tests/security/resources/referrer-policy-srcdoc.php
[modify] https://crrev.com/618cf68c2fc06d58857f4bd44a26737fbe9a2494/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/618cf68c2fc06d58857f4bd44a26737fbe9a2494/third_party/WebKit/Source/core/dom/Document.h
[modify] https://crrev.com/618cf68c2fc06d58857f4bd44a26737fbe9a2494/third_party/WebKit/Source/core/dom/ExecutionContext.h

Comment 3 by dimu@google.com, Nov 4 2016

Labels: -merge-merged-2840
[Automated comment] removing mislabelled merge-merged-2840

Sign in to add a comment