New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 685074 link

Starred by 1 user
Status: Verified
Owner:
arthurso...@chromium.org
Closed: Mar 2017
Cc:
mkwst@chromium.org
clamy@chromium.org
nasko@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Bug

Blocked on:
issue 695421
Blocking:
issue 576261



Sign in to add a comment

PlzNavigate: enforce 'frame-src' and 'form-action' CSP on the browser-side

Project Member Reported by arthurso...@chromium.org, Jan 25 2017 
With PlzNavigate, the 'frame-src'/'child-src' and 'form-action' CSP are checked on the renderer, it works in the main case, but it fails when there is a redirect since the navigation is no more handled by the renderer at this moment.

This two CSP should be enforced on the browser-side.

Comment 1 by clamy@chromium.org, Jan 25 2017

Labels: -Proj-PlzNavigate-Blocking
This should not be blocking PlzNavigate, since they are currently not being executed on redirects AFAIU.

Comment 2 by clamy@chromium.org, Jan 25 2017

Labels: Proj-PlzNavigate-Blocking
Putting it back. I mistook the directives mentioned here for the 'frame-ancestor' directive. 'frame-ancestor' we don't need to execute on redirects, but these ones should be executed on redirects.

Comment 3 by arthurso...@chromium.org, Feb 8 2017

Blockedon: 690091
Project Member

Comment 4 by bugdroid1@chromium.org, Feb 9 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/eb73e4330ecb59905157b11ce20ca29345d9635e

commit eb73e4330ecb59905157b11ce20ca29345d9635e
Author: arthursonzogni <arthursonzogni@chromium.org>
Date: Thu Feb 09 11:54:49 2017

Share schemes needed for CSP between the browser and the renderer.

This CL is similar to this one: crrev.com/2623353002/
There is a list of scheme that bypasses the Content-Security-Policy.
With this CL, this list is provided by content embedders instead of
blink embedders. It will be used for checking CSP in the browser process.

BUG= 685074 

Review-Url: https://codereview.chromium.org/2679383003
Cr-Commit-Position: refs/heads/master@{#449261}

[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/chrome/common/chrome_content_client.cc
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/content/common/url_schemes.cc
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/content/public/common/content_client.h
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/extensions/renderer/dispatcher.cc
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/extensions/shell/common/shell_content_client.cc
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/third_party/WebKit/Source/platform/weborigin/SchemeRegistry.cpp
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/third_party/WebKit/Source/platform/weborigin/SchemeRegistry.h
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/third_party/WebKit/Source/web/AssertMatchingEnums.cpp
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/third_party/WebKit/Source/web/WebSecurityPolicy.cpp
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/third_party/WebKit/public/web/WebSecurityPolicy.h
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/url/url_util.cc
[modify] https://crrev.com/eb73e4330ecb59905157b11ce20ca29345d9635e/url/url_util.h

Comment 5 by arthurso...@chromium.org, Feb 9 2017

Blockedon: -690091

Comment 6 by arthurso...@chromium.org, Feb 23 2017

Blockedon: 695421
Project Member

Comment 7 by bugdroid1@chromium.org, Mar 16 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5b5c309859412def817a518a7dddbf413cd892e9

commit 5b5c309859412def817a518a7dddbf413cd892e9
Author: arthursonzogni <arthursonzogni@chromium.org>
Date: Thu Mar 16 09:55:25 2017

PlzNavigate: add support for BLOCK_REQUEST during redirects

This CL adds support for blocking requests in NavigationRequest during
redirects. It also fixes an issue in NavigationHandle, without
PlzNavigate activated, where the NavigationHandle would not be properly
recognized at error page commit if the navigation was blocked by a
NavigationThrottle during a redirect.

BUG= 685074 ,  695421 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2698623006
Cr-Commit-Position: refs/heads/master@{#457387}

[modify] https://crrev.com/5b5c309859412def817a518a7dddbf413cd892e9/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/5b5c309859412def817a518a7dddbf413cd892e9/content/browser/frame_host/navigation_handle_impl_browsertest.cc
[modify] https://crrev.com/5b5c309859412def817a518a7dddbf413cd892e9/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/5b5c309859412def817a518a7dddbf413cd892e9/content/public/browser/navigation_throttle.h
Project Member

Comment 8 by bugdroid1@chromium.org, Mar 16 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f198985c0ffa2f7c4d75e001b14d2ac8c9300ae9

commit f198985c0ffa2f7c4d75e001b14d2ac8c9300ae9
Author: nasko <nasko@chromium.org>
Date: Thu Mar 16 20:10:25 2017

Implement error page commit policy in PlzNavigate.

This CL implements a new policy for which process do error pages commit.
When an error page is a result of a blocked request, it should be
committed in the same process as the document requesting the navigation.
Otherwise the error page should be committed in the process that would
render the destination URL.

BUG= 685074 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2738643002
Cr-Commit-Position: refs/heads/master@{#457532}

[modify] https://crrev.com/f198985c0ffa2f7c4d75e001b14d2ac8c9300ae9/chrome/test/data/extensions/api_test/webrequest/test_blocking.js
[modify] https://crrev.com/f198985c0ffa2f7c4d75e001b14d2ac8c9300ae9/content/browser/frame_host/navigation_handle_impl_browsertest.cc
[modify] https://crrev.com/f198985c0ffa2f7c4d75e001b14d2ac8c9300ae9/content/browser/frame_host/navigation_request.cc
Project Member

Comment 9 by bugdroid1@chromium.org, Mar 17 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1e3b610bfff1acd060ed8b3f595344402b833bad

commit 1e3b610bfff1acd060ed8b3f595344402b833bad
Author: arthursonzogni <arthursonzogni@chromium.org>
Date: Fri Mar 17 14:05:06 2017

PlzNavigate: Enforce frame-src CSP on the browser.

Use a NavigationThrottle to check infringement of the 'frame-src' on the
browser-side. Before this patch, a redirect during the navigation could
led to a child frame to be displayed inside its parent, even if it was
disallowed by its parent.

BUG= 685074 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation;master.tryserver.chromium.linux:linux_site_isolation,linux_chromium_browser_side_navigation_rel

Review-Url: https://codereview.chromium.org/2655463006
Cr-Commit-Position: refs/heads/master@{#457757}

[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/chrome/test/data/extensions/api_test/sandboxed_pages_csp/sandboxed.html
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/ancestor_throttle.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/ancestor_throttle.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/frame_tree_node.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/frame_tree_node.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/interstitial_page_navigator_impl.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/navigation_entry_impl.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/navigation_handle_impl.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/navigation_handle_impl_unittest.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/navigator_impl.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/frame_host/render_frame_host_impl.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/content_security_policy/content_security_policy.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/content_security_policy/csp_context.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/content_security_policy/csp_context.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/content_security_policy/csp_context_unittest.cc
[add] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/content_security_policy/csp_disposition_enum.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/content_security_policy/csp_source_list.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/frame_messages.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/navigation_params.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/common/navigation_params.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/public/browser/navigation_handle.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/public/test/render_view_test.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/renderer/content_security_policy_util.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/renderer/content_security_policy_util.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/content/renderer/render_frame_impl.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/LayoutTests/FlagExpectations/enable-browser-side-navigation
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/core/frame/LocalFrameClient.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/core/loader/EmptyClients.cpp
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/core/loader/EmptyClients.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/web/LocalFrameClientImpl.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/Source/web/WebLocalFrameImpl.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/public/platform/WebContentSecurityPolicy.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/public/web/WebFrameClient.h
[modify] https://crrev.com/1e3b610bfff1acd060ed8b3f595344402b833bad/third_party/WebKit/public/web/WebLocalFrame.h
Project Member

Comment 10 by bugdroid1@chromium.org, Mar 17 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7f16902912f645e4d87da2b4c90bf39b52bb9579

commit 7f16902912f645e4d87da2b4c90bf39b52bb9579
Author: nektar <nektar@chromium.org>
Date: Fri Mar 17 15:49:20 2017

Revert of PlzNavigate: Enforce 'frame-src' CSP on the browser. (patchset #23 id:790001 of https://codereview.chromium.org/2655463006/ )

Reason for revert:
Possibly broke browser_side_navigation_content_browsertests.
https://luci-logdog.appspot.com/v/?s=chromium%2Fbb%2Fchromium.win%2FWin10_Tests_x64%2F9276%2F%2B%2Frecipes%2Fsteps%2Fbrowser_side_navigation_content_browsertests_on_Windows-10-10586%2F0%2Flogs%2FSitePerProcessBrowserTest.CrossSiteIframeBlockedByParentCSPFromHeaders%2F0

Original issue's description:
> PlzNavigate: Enforce frame-src CSP on the browser.
>
> Use a NavigationThrottle to check infringement of the 'frame-src' on the
> browser-side. Before this patch, a redirect during the navigation could
> led to a child frame to be displayed inside its parent, even if it was
> disallowed by its parent.
>
> BUG= 685074 
> CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation;master.tryserver.chromium.linux:linux_site_isolation,linux_chromium_browser_side_navigation_rel
>
> Review-Url: https://codereview.chromium.org/2655463006
> Cr-Commit-Position: refs/heads/master@{#457757}
> Committed: https://chromium.googlesource.com/chromium/src/+/1e3b610bfff1acd060ed8b3f595344402b833bad

TBR=nasko@chromium.org,alexmos@chromium.org,clamy@chromium.org,creis@chromium.org,nick@chromium.org,dcheng@chromium.org,arthursonzogni@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG= 685074 

Review-Url: https://codereview.chromium.org/2754303002
Cr-Commit-Position: refs/heads/master@{#457779}

[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/chrome/test/data/extensions/api_test/sandboxed_pages_csp/sandboxed.html
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/ancestor_throttle.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/ancestor_throttle.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/frame_tree_node.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/frame_tree_node.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/interstitial_page_navigator_impl.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/navigation_entry_impl.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/navigation_handle_impl.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/navigation_handle_impl_unittest.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/navigator_impl.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/frame_host/render_frame_host_impl.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/content_security_policy/content_security_policy.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/content_security_policy/csp_context.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/content_security_policy/csp_context.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/content_security_policy/csp_context_unittest.cc
[delete] https://crrev.com/ee2c1857c44902c7122cceef72c93a2ff820ed42/content/common/content_security_policy/csp_disposition_enum.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/content_security_policy/csp_source_list.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/frame_messages.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/navigation_params.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/common/navigation_params.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/public/browser/navigation_handle.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/public/test/render_view_test.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/renderer/content_security_policy_util.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/renderer/content_security_policy_util.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/content/renderer/render_frame_impl.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/LayoutTests/FlagExpectations/enable-browser-side-navigation
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/core/frame/LocalFrameClient.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/core/loader/EmptyClients.cpp
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/core/loader/EmptyClients.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/web/LocalFrameClientImpl.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/Source/web/WebLocalFrameImpl.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/public/platform/WebContentSecurityPolicy.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/public/web/WebFrameClient.h
[modify] https://crrev.com/7f16902912f645e4d87da2b4c90bf39b52bb9579/third_party/WebKit/public/web/WebLocalFrame.h
Project Member

Comment 11 by bugdroid1@chromium.org, Mar 17 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/19f804ba738ca0e6133bc19d7ade010208c9a8db

commit 19f804ba738ca0e6133bc19d7ade010208c9a8db
Author: John Abd-El-Malek <jam@chromium.org>
Date: Fri Mar 17 21:51:08 2017

Fix expectations of a few CSP tests with PlzNavigate.

The tests were assuming that the onload event's title change will be received in the browser after the didstoploading IPC. That's not true anymore with PlzNavigate.

BUG= 685074 
R=nasko@chromium.org

Review-Url: https://codereview.chromium.org/2753203004 .
Cr-Commit-Position: refs/heads/master@{#457891}

[modify] https://crrev.com/19f804ba738ca0e6133bc19d7ade010208c9a8db/content/browser/site_per_process_browsertest.cc
Project Member

Comment 12 by bugdroid1@chromium.org, Mar 18 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7fed384c1a1d7a6c89531dddbb8b539061a9e455

commit 7fed384c1a1d7a6c89531dddbb8b539061a9e455
Author: arthursonzogni <arthursonzogni@chromium.org>
Date: Sat Mar 18 03:07:34 2017

PlzNavigate: Enforce frame-src CSP on the browser.

Use a NavigationThrottle to check infringement of the 'frame-src' on the
browser-side. Before this patch, a redirect during the navigation could
led to a child frame to be displayed inside its parent, even if it was
disallowed by its parent.

BUG= 685074 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation;master.tryserver.chromium.linux:linux_site_isolation,linux_chromium_browser_side_navigation_rel

Review-Url: https://codereview.chromium.org/2655463006
Cr-Original-Commit-Position: refs/heads/master@{#457757}
Committed: https://chromium.googlesource.com/chromium/src/+/1e3b610bfff1acd060ed8b3f595344402b833bad
Review-Url: https://codereview.chromium.org/2655463006
Cr-Commit-Position: refs/heads/master@{#457945}

[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/chrome/test/data/extensions/api_test/sandboxed_pages_csp/sandboxed.html
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/ancestor_throttle.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/ancestor_throttle.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/frame_tree_node.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/frame_tree_node.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/interstitial_page_navigator_impl.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/navigation_entry_impl.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/navigation_handle_impl.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/navigation_handle_impl_unittest.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/navigator_impl.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/frame_host/render_frame_host_impl.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/browser/site_per_process_browsertest.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/content_security_policy/content_security_policy.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/content_security_policy/csp_context.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/content_security_policy/csp_context.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/content_security_policy/csp_context_unittest.cc
[add] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/content_security_policy/csp_disposition_enum.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/content_security_policy/csp_source_list.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/frame_messages.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/navigation_params.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/common/navigation_params.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/public/browser/navigation_handle.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/public/test/render_view_test.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/renderer/content_security_policy_util.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/renderer/content_security_policy_util.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/content/renderer/render_frame_impl.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/LayoutTests/FlagExpectations/enable-browser-side-navigation
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/core/frame/LocalFrameClient.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/core/loader/EmptyClients.cpp
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/core/loader/EmptyClients.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/web/LocalFrameClientImpl.cpp
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/web/LocalFrameClientImpl.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/Source/web/WebLocalFrameImpl.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/public/platform/WebContentSecurityPolicy.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/public/platform/WebContentSecurityPolicyStruct.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/public/web/WebFrameClient.h
[modify] https://crrev.com/7fed384c1a1d7a6c89531dddbb8b539061a9e455/third_party/WebKit/public/web/WebLocalFrame.h
Project Member

Comment 13 by bugdroid1@chromium.org, Mar 18 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7cc34c583545597cffae27ad41bd015db6a93394

commit 7cc34c583545597cffae27ad41bd015db6a93394
Author: arthursonzogni <arthursonzogni@chromium.org>
Date: Sat Mar 18 09:00:53 2017

PlzNavigate: Enforce 'form-action' CSP on the browser-side.

Use a NavigationThrottle to enforce the 'form-action' CSP on the
browser-side. Before this patch, this CSP wasn't checked on
redirections.

BUG= 685074 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation;master.tryserver.chromium.linux:linux_chromium_browser_side_navigation_rel

Review-Url: https://codereview.chromium.org/2689653003
Cr-Commit-Position: refs/heads/master@{#457966}

[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/BUILD.gn
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/form_submission_throttle.cc
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/form_submission_throttle.h
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/form_submission_throttle_browsertest.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/interstitial_page_navigator_impl.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/navigation_handle_impl.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/navigation_handle_impl.h
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/navigation_handle_impl_unittest.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/navigator_impl.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/loader/navigation_url_loader_unittest.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/browser/loader/resource_dispatcher_host_unittest.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/common/frame_messages.h
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/common/navigation_params.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/common/navigation_params.h
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/public/browser/navigation_handle.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/public/test/navigation_simulator.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/test/BUILD.gn
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/test/data/form_submission_throttle/form_action_none.html
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/test/data/form_submission_throttle/form_action_with_path.html
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/test/data/form_submission_throttle/no_csp.html
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/content/test/test_render_frame_host.cc
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/FlagExpectations/enable-browser-side-navigation
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect-expected.txt
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect.html
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect-expected.txt
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect.html
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored.html
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect-expected.txt
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect.html
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect-expected.txt
[add] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html
[modify] https://crrev.com/7cc34c583545597cffae27ad41bd015db6a93394/third_party/WebKit/Source/core/loader/FrameLoader.cpp
Project Member

Comment 14 by bugdroid1@chromium.org, Mar 20 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/01b5c7b1560e884426a2ef014c61acc74cd17a80

commit 01b5c7b1560e884426a2ef014c61acc74cd17a80
Author: arthursonzogni <arthursonzogni@chromium.org>
Date: Mon Mar 20 11:20:41 2017

CSP: A new set of test with form resubmission.

The goal of this set of test is to document the current interactions
between the "form-action" directive and form **re**submissions. It shows that
the CSP that applies are the one of frame/window that is reloading the
document, not the one that has initiated the reload.

BUG= 685074 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation;master.tryserver.chromium.linux:linux_site_isolation,linux_chromium_browser_side_navigation_rel

Review-Url: https://codereview.chromium.org/2737343004
Cr-Commit-Position: refs/heads/master@{#458038}

[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-iframe-reload-from-child-expected.txt
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-iframe-reload-from-child.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-iframe-reload-from-parent-expected.txt
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-iframe-reload-from-parent.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-main-page-expected.txt
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-main-page.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-window-reload-from-child-expected.txt
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-window-reload-from-child.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-window-reload-from-parent-expected.txt
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-resubmission-window-reload-from-parent.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/resources/form-action-none-and-reload.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/resources/form-action-none.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/resources/form-action-resubmission-main-page-callee.html
[add] https://crrev.com/01b5c7b1560e884426a2ef014c61acc74cd17a80/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/resources/form-action-resubmission-main-page-caller.html

Comment 15 by arthurso...@chromium.org, Mar 20 2017

Status: Verified (was: Started)

Sign in to add a comment