New issue
Advanced search Search tips

Issue 661273 link

Starred by 4 users
Status: Fixed
Owner:
iclell...@chromium.org
Closed: Feb 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: 3
Type: Bug

Blocking:
issue 623682



Sign in to add a comment

Propagate feature policy to out-of-process frames

Project Member Reported by iclell...@chromium.org, Nov 1 2016 
Feature Policies are currently not replicated when frames are swapped out to another process (OOPIF)

Until  crbug.com/661271  is resolved, this can be supported by replicating the Feature-Policy HTTP header value(s) to the remote frames.

In the remote process, the parent frames will be remote, but should have valid FeaturePolicy objects, which can be used when calculating the (local) child frame's policy.

Once  crbug.com/662171  is addressed, this will also need to account for any iframe attributes in the parent frame. These will need to be replicated in the remote child frame as well as its own policy headers.

Comment 1 by iclell...@chromium.org, Nov 2 2016

Owner: iclell...@chromium.org
Status: Assigned (was: Available)

Comment 2 by kochi@chromium.org, Nov 4 2016 

@iclelland Could you fill "Components" field and avoid "Blink"?

Thanks!
(commenting as a part of my blink bug triage sheriff duty)

Comment 3 by iclell...@chromium.org, Nov 7 2016

Components: -Blink Blink>SecurityFeature
Status: Started (was: Assigned)
Project Member

Comment 5 by bugdroid1@chromium.org, Nov 23 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ab749ec9b38b37cfe2b173fda6f20f07ccd23564

commit ab749ec9b38b37cfe2b173fda6f20f07ccd23564
Author: iclelland <iclelland@chromium.org>
Date: Wed Nov 23 02:00:43 2016

Replicate feature policy headers to remote frames

BUG= 661273 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2483703002
Cr-Commit-Position: refs/heads/master@{#434081}

[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/browser/frame_host/frame_tree_node.cc
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/browser/frame_host/frame_tree_node.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/browser/frame_host/navigator_impl.cc
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/browser/frame_host/render_frame_host_impl.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/common/frame_messages.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/common/frame_replication_state.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/renderer/render_frame_impl.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/renderer/render_frame_proxy.cc
[add] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/test/data/feature-policy-main.html
[add] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/test/data/feature-policy-main.html.mock-http-headers
[add] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/test/data/feature-policy1.html
[add] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/test/data/feature-policy1.html.mock-http-headers
[add] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/test/data/feature-policy2.html
[add] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/content/test/data/feature-policy2.html.mock-http-headers
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/core/dom/SecurityContext.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/core/dom/SecurityContext.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/core/frame/FeaturePolicyInFrameTest.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/core/loader/FrameLoaderClient.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/platform/feature_policy/FeaturePolicy.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyFuzzer.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/platform/feature_policy/FeaturePolicyTest.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/web/FrameLoaderClientImpl.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/web/WebRemoteFrameImpl.cpp
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/Source/web/WebRemoteFrameImpl.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/public/web/WebFrameClient.h
[modify] https://crrev.com/ab749ec9b38b37cfe2b173fda6f20f07ccd23564/third_party/WebKit/public/web/WebRemoteFrame.h

Comment 6 by iclell...@chromium.org, Jan 3 2017

Components: Blink>FeaturePolicy

Comment 7 by iclell...@chromium.org, Jan 3 2017

Components: -Blink>SecurityFeature

Comment 8 by iclell...@chromium.org, Feb 23 2017

Status: Fixed (was: Started)

Sign in to add a comment