New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 678328 link

Starred by 4 users

Issue metadata

Status: Fixed
Owner:
Closed: Jan 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 1
Type: Bug

Blocked on:
issue 624061



Sign in to add a comment

Framebusting intervention causing issues with login and payment forms

Project Member Reported by rbyers@chromium.org, Jan 4 2017

Issue description

There's a bunch of reports (eg. here: https://github.com/WICG/interventions/issues/16) of some pretty major sites being broken by the intervention in  issue 640057  (Microsoft office online, shopify).  I think we should considering disabling it for M56 again until we can analyze the data and possibly do some site outreach.
 

Comment 1 by ojan@chromium.org, Jan 4 2017

japhet and I chatted offline and I commented on the intervention github issue https://github.com/WICG/interventions/issues/16#issuecomment-270484194.

For now, let's make it a console warning while we figure out the right next steps.

Comment 2 by ojan@chromium.org, Jan 5 2017

I'm thinking through potential solutions. What if we widen the restriction a bit more to be on the Frame instead of the Document? So, this would apply if that iframe/frame had ever received a user gesture, namely it would survive through navigations in that frame.

It's hard to verify the fixes since the people pointing out brokenness don't have pages we can test, but from their descriptions, I think this might address all the issues.
Project Member

Comment 3 by bugdroid1@chromium.org, Jan 6 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4ff362d26a90a400409db755aa389b1b87363da7

commit 4ff362d26a90a400409db755aa389b1b87363da7
Author: japhet <japhet@chromium.org>
Date: Fri Jan 06 22:12:02 2017

Turn off requirement that cross-origin top navigation be accompanied by a user gesture.

Replace with a console warning that this policy will be reinstated evenutally.

BUG= 678328 

Review-Url: https://codereview.chromium.org/2617773002
Cr-Commit-Position: refs/heads/master@{#442069}

[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/content/public/common/content_features.cc
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-user-gesture-in-parent-expected.txt
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture-expected.txt
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/Source/core/frame/Frame.cpp
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/Source/core/frame/Frame.h
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/Source/core/frame/LocalFrame.cpp
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/Source/core/frame/LocalFrame.h
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/Source/core/frame/RemoteFrame.h
[modify] https://crrev.com/4ff362d26a90a400409db755aa389b1b87363da7/third_party/WebKit/Source/platform/RuntimeEnabledFeatures.in

Labels: Merge-Request-56
Requesting merge to disable this intervention for M56.
Project Member

Comment 5 by sheriffbot@chromium.org, Jan 7 2017

Labels: -Merge-Request-56 Hotlist-Merge-Approved Merge-Approved-56
Your change meets the bar and is auto-approved for M56. Please go ahead and merge the CL manually. Please contact milestone owner if you have questions.
Owners: amineer@(clank), cmasso@(bling), gkihumba@(cros), bustamante@(desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 6 by bugdroid1@chromium.org, Jan 9 2017

Labels: -merge-approved-56 merge-merged-2924
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184

commit 9a8c3eb1fed9e36d0a44aa667594ea7bd576a184
Author: Nate Chapin <japhet@chromium.org>
Date: Mon Jan 09 20:07:11 2017

Turn off requirement that cross-origin top navigation be accompanied by a user gesture.

Replace with a console warning that this policy will be reinstated evenutally.

BUG= 678328 

Review-Url: https://codereview.chromium.org/2617773002
Cr-Commit-Position: refs/heads/master@{#442069}
(cherry picked from commit 4ff362d26a90a400409db755aa389b1b87363da7)

Review-Url: https://codereview.chromium.org/2623633002 .
Cr-Commit-Position: refs/branch-heads/2924@{#704}
Cr-Branched-From: 3a87aecc31cd1ffe751dd72c04e5a96a1fc8108a-refs/heads/master@{#433059}

[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/content/public/common/content_features.cc
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-user-gesture-in-parent-expected.txt
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/LayoutTests/http/tests/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture-expected.txt
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/Source/core/frame/Frame.cpp
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/Source/core/frame/Frame.h
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/Source/core/frame/LocalFrame.cpp
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/Source/core/frame/LocalFrame.h
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/Source/core/frame/RemoteFrame.h
[modify] https://crrev.com/9a8c3eb1fed9e36d0a44aa667594ea7bd576a184/third_party/WebKit/Source/platform/RuntimeEnabledFeatures.in

Status: Fixed (was: Assigned)

Sign in to add a comment