New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 695622 link

Starred by 3 users
Status: Started
Owner:
iclell...@chromium.org
Cc:
mkwst@chromium.org
nasko@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 3
Type: Bug

Blocking:
issue 712213



Sign in to add a comment

url::Origin should refer to "opaque" origins, rather than "unique"

Project Member Reported by iclell...@chromium.org, Feb 23 2017 
The Origin class has gotten out-of-date with respect to the URL and HTML specs;  the concept of a "unique" origin has mostly been replaced with "opaque"ness. (opacity?)

We should do two things to fix this:

1. Replace "unique" with "opaque" in url::Origin (matching blink::SecurityOrigin, incidentally)

2. Ensure that opaque origins can compare equal to themselves (but still not equal to any other opaque origin).

Comment 1 by iclell...@chromium.org, Jul 18 2017

Blocking: 712213

Comment 2 by iclell...@chromium.org, Apr 18 2018

Blocking: -690520
Project Member

Comment 3 by bugdroid1@chromium.org, May 23 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/00107ca537f9125c45dc16f23cad6a0ed0347aa7

commit 00107ca537f9125c45dc16f23cad6a0ed0347aa7
Author: Daniel Cheng <dcheng@chromium.org>
Date: Wed May 23 22:23:16 2018

Start updating SecurityOrigin nomenclature from opaque to unique.

The terminology in https://whatwg.org/C/origin.html#concept-origin has
been updated from unique to opaque. Referring to opaque origins as
unique can be confusing, since opaque origins can be aliased between
multiple security contexts (and thus, possible for an opaque origin to
be same-origin to another opaque origin).

This CL updates SecurityOrigin and its related classes, but leaves the
legacy CreateUnique/IsUnique methods to allow for the transition to be
staged.

Bug: 695622
Change-Id: I26373af8b626c318318450b3516d10a2452d62da
Reviewed-on: https://chromium-review.googlesource.com/1065237
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Jeremy Roman <jbroman@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Ian Clelland <iclelland@chromium.org>
Cr-Commit-Position: refs/heads/master@{#561279}
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/public/web/web_remote_frame.h
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/dom/document.cc
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/execution_context/security_context.cc
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/execution_context/security_context.h
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/exported/web_document_test.cc
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/exported/web_frame_test.cc
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/exported/web_remote_frame_impl.cc
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/exported/web_remote_frame_impl.h
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/core/loader/document_loader.cc
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/platform/weborigin/security_origin.cc
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/platform/weborigin/security_origin.h
[modify] https://crrev.com/00107ca537f9125c45dc16f23cad6a0ed0347aa7/third_party/blink/renderer/platform/weborigin/security_origin_test.cc

Comment 4 by dcheng@chromium.org, May 30 2018

Cc: nasko@chromium.org
Components: Blink>SecurityFeature>SameOriginPolicy
Project Member

Comment 5 by bugdroid1@chromium.org, May 31 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/042adc86889a4ed7f889d3afced138e13c93c414

commit 042adc86889a4ed7f889d3afced138e13c93c414
Author: Daniel Cheng <dcheng@chromium.org>
Date: Thu May 31 16:59:43 2018

Switch SecurityOrigin::IsUnique to SecurityOrigin::IsOpaque

Also alias WebSecurityOrigin::IsUnique to IsOpaque in preparation for
followup CLs.

Bug: 695622
Change-Id: I9baa47f6871d217d685e134b692d3b19b0688c6f
Reviewed-on: https://chromium-review.googlesource.com/1080000
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#563277}
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/public/platform/web_security_origin.h
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/dom/document.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/dom/document_test.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/frame/csp/content_security_policy_test.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/frame/dom_window.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/frame/history.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/frame/mhtml_loading_test.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/html/html_iframe_element_test.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/policy/policy.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/workers/main_thread_worklet_test.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/core/workers/threaded_worklet_test.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/modules/broadcastchannel/broadcast_channel.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/modules/credentialmanager/credentials_container.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/modules/quota/deprecated_storage_quota.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/modules/quota/storage_manager.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/modules/serviceworkers/service_worker_global_scope_proxy.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/platform/exported/web_security_origin.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/platform/feature_policy/feature_policy.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/platform/loader/fetch/resource_fetcher.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/platform/mojo/kurl_security_origin_test.cc
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/platform/mojo/security_origin_struct_traits.h
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/platform/weborigin/security_origin.h
[modify] https://crrev.com/042adc86889a4ed7f889d3afced138e13c93c414/third_party/blink/renderer/platform/weborigin/security_policy.cc
Project Member

Comment 6 by bugdroid1@chromium.org, Jun 1 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ce3f67082519ce601710cacad1f8b9468f437aa1

commit ce3f67082519ce601710cacad1f8b9468f437aa1
Author: Daniel Cheng <dcheng@chromium.org>
Date: Fri Jun 01 08:51:57 2018

Switch SecurityOrigin::CreateUnique to SecurityOrigin::CreateUniqueOpaque

WebSecurityOrigin::CreateUnique is also aliased to CreateUniqueOpaque
and will be converted over in a followup CL.

Bug: 695622
Change-Id: Ieb26ed4a0e608559fc48231f5fb1455363c6de91
Reviewed-on: https://chromium-review.googlesource.com/1079856
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#563565}
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/public/platform/web_security_origin.h
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/dom/document.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/dom/document_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/exported/web_frame_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/frame/frame_test_helpers.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/frame/history_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/html/html_frame_element_base.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/html/html_frame_owner_element.h
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/loader/document_threadable_loader.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/loader/frame_fetch_context.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/page/scrolling/root_scroller_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/core/workers/worklet_global_scope.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/modules/credentialmanager/credential_manager_type_converters.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/modules/credentialmanager/credentials_container_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/exported/web_cors.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/exported/web_security_origin.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/feature_policy/feature_policy_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/loader/cors/cors_error_string.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/loader/fetch/memory_cache_correctness_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/loader/fetch/raw_resource_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/loader/fetch/resource_fetcher_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/loader/testing/mock_fetch_context.h
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/mojo/kurl_security_origin_test.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/mojo/security_origin_struct_traits.h
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/plugins/plugin_data.cc
[modify] https://crrev.com/ce3f67082519ce601710cacad1f8b9468f437aa1/third_party/blink/renderer/platform/weborigin/security_origin.h

Sign in to add a comment