Feature policy is not initialized correctly in new renderers created for cross-origin navigation. |
||
Issue descriptionWhen a new RenderFrameHost (and renderer) is created to support a cross-origin frame navigation, the pending container policy should be used to construct a new container policy for the navigated frame. Instead, no container policy is ever used, and so the new renderer ends up with the wrong feature policy in place.
,
May 1 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/0e8654a86c07ce53d0fdb70f0b35609e59d08dcf commit 0e8654a86c07ce53d0fdb70f0b35609e59d08dcf Author: Ian Clelland <iclelland@google.com> Date: Mon May 01 18:48:30 2017 Feature Policy: Create container policy correctly during cross-origin frame navigation. This change ensures that the pending container policy is used (along with the pending sandbox flags) when constructing a new renderframe to support a cross- origin navigation. CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation Bug: 716478 Change-Id: Ib6b46ea639e660527e4e144845dcaea4b8e2695f Reviewed-on: https://chromium-review.googlesource.com/490466 Reviewed-by: Ian Clelland <iclelland@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Commit-Queue: Ian Clelland <iclelland@chromium.org> Cr-Commit-Position: refs/heads/master@{#468369} [modify] https://crrev.com/0e8654a86c07ce53d0fdb70f0b35609e59d08dcf/content/browser/frame_host/frame_tree_node.h [modify] https://crrev.com/0e8654a86c07ce53d0fdb70f0b35609e59d08dcf/content/browser/frame_host/render_frame_host_impl.cc [modify] https://crrev.com/0e8654a86c07ce53d0fdb70f0b35609e59d08dcf/content/browser/site_per_process_browsertest.cc
,
May 1 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by iclell...@chromium.org
, Apr 28 2017