Issue 661677 link

Starred by 2 users

Issue metadata

Status:	Archived
Owner:	isandrk@chromium.org
Closed:	Nov 2016
Cc:	atwilson@chromium.org █ sduraisamy@chromium.org █ krishna...@chromium.org
Components:	UI>Shell>PublicAccounts
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	1
Type:	Feature
M-56 VerifyIn-60 VerifyIn-61

Blocking:
issue 656511

Public Session whitelisting - strip privacy and security sensitive data from webRequests in PS

Project Member Reported by isandrk@chromium.org, Nov 2 2016

Issue description

webRequest API exposes privacy and security sensitive data from the user in Public Sessions and this needs mitigation (clear RequestBody, RequestHeaders, ResponseHeaders, and strip URL down to origin).

Comment 1 by krishna...@chromium.org, Nov 10 2016

Cc: krishna...@chromium.org

Comment 2 by krishna...@chromium.org, Nov 10 2016

Cc: sduraisamy@chromium.org

Comment 3 by krishna...@chromium.org, Nov 10 2016

Blocking: 656511

Comment 4 by isandrk@chromium.org, Nov 16 2016

Status: Fixed (was: Started)

Fixed in https://codereview.chromium.org/2455393002

Comment 5 by dchan@google.com, May 30 2017

Labels: VerifyIn-60

Comment 6 by dchan@chromium.org, Aug 1 2017

Labels: VerifyIn-61

Comment 7 by dchan@chromium.org, Jan 22 2018

Status: Archived (was: Fixed)

►

Issue 661677 link

Issue metadata

Public Session whitelisting - strip privacy and security sensitive data from webRequests in PS

Issue description

Comment 1 by krishna...@chromium.org, Nov 10 2016

Comment 1 Deleted

Comment 2 by krishna...@chromium.org, Nov 10 2016

Comment 2 Deleted

Comment 3 by krishna...@chromium.org, Nov 10 2016

Comment 3 Deleted

Comment 4 by isandrk@chromium.org, Nov 16 2016

Comment 4 Deleted

Comment 5 by dchan@google.com, May 30 2017

Comment 5 Deleted

Comment 6 by dchan@chromium.org, Aug 1 2017

Comment 6 Deleted

Comment 7 by dchan@chromium.org, Jan 22 2018

Comment 7 Deleted

Sign in to add a comment