Issue 735760 link

Starred by 2 users

Issue metadata

Status:	Duplicate
Merged:	issue 752139
Owner:	----
Closed:	Aug 2017
Components:	UI>Browser>VR
EstimatedDays:	----
NextAction:	----
OS:	Android
Pri:	3
Type:	Bug
Proj-VR
Proj-XR
Proj-XR-VR

WebVR: We shouldn't trust Secure Origin (parameter to RequestPresent) coming from renderer process.

Project Member Reported by billorr@chromium.org, Jun 22 2017

Issue description

We determine if the site is a secure origin, and display a warning if it isn't.  We shouldn't be trusting data coming from the render processes, so this should be processed on the browser side.

Comment 1 by cjgrant@chromium.org, Aug 10 2017

Mergedinto: 752139
Status: Duplicate (was: Untriaged)

►

Issue 735760 link

Issue metadata

WebVR: We shouldn't trust Secure Origin (parameter to RequestPresent) coming from renderer process.

Issue description

Comment 1 by cjgrant@chromium.org, Aug 10 2017

Comment 1 Deleted

Sign in to add a comment