New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 779730 link

Starred by 1 user
Status: Fixed
Owner:
hirosh...@chromium.org
Closed: Feb 2018
Cc:
mkwst@chromium.org
kinuko@chromium.org
tyoshino@chromium.org
tsepez@chromium.org
dcheng@chromium.org
brettw@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug


Show other hotlists

Hotlists containing this issue:
EnamelAndFriendsFixIt


Sign in to add a comment

Make SecurityOrigin references const where applicable

Project Member Reported by hirosh...@chromium.org, Oct 30 2017 
IIUC Currently SecurityOrigin can be shared multiple documents and thus modification to a SecurityOrigin can affect other Document's SecurityOrigin.
I'm not sure this can cause real problems, but am anyway planning to clean up this issue.

Doc:
https://docs.google.com/a/chromium.org/document/d/1xdAt7h14bEgCacDxTnOC_wzF6jYMwbqYy0GaOT4cpX4/edit?usp=sharing

Please let me know if
- I'm missing something,
- there're cases where multiple Documents/SecurityContexts should share SecurityOrigin and its modifications, or
- this causes real problems.

Comment 1 by kouhei@chromium.org, Oct 31 2017 

plan lgtm. Great doc!

Comment 2 by hirosh...@chromium.org, Oct 31 2017

Summary: Make SecurityOrigin references const where applicable (was: Create IsolatedCopy() before SecurityContext::SetSecurityOrigin())
Revising the plan, as in some cases SecurityOrigin seems to be shared, without IsolatedCopy() (see the doc).

Comment 3 by mkwst@chromium.org, Nov 2 2017

Cc: dcheng@chromium.org
You've apparently realized this already (sorry I was OOO), but we intentionally share the origin object in some cases where the HTML spec suggests "aliasing" the origin rather than copying it (`srcdoc`, for instance).

+dcheng@ who knows all about the messy detail here.

Comment 4 by hirosh...@chromium.org, Nov 8 2017 

Thanks for comments.
I prepared CLs that makes most of SecurityOrigin references const without changing behavior including aliasing (i.e. essentially manipulating types and related interfaces only).

Comment 5 by hirosh...@chromium.org, Nov 8 2017

Cc: kinuko@chromium.org
The final giant CL for constifying SecurityOrigin is
https://chromium-review.googlesource.com/c/chromium/src/+/744586.

(Because currently I cannot add reviewers to that CL (a gerrit issue?) so pasting the URL here)

Comment 6 by est...@chromium.org, Nov 10 2017

Labels: Hotlist-EnamelAndFriendsFixIt
Project Member

Comment 7 by bugdroid1@chromium.org, Nov 15 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5fb66d803d47bea6ec18bdaf5011bec56c434dcf

commit 5fb66d803d47bea6ec18bdaf5011bec56c434dcf
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Wed Nov 15 13:47:51 2017

Use scoped_refptr<const SecurityOrigin> for url.mojom.Origin

To make SecurityOrigin references const.
No behavior changes.

Bug:  779730 
Change-Id: Ifaa8a4794bb3f1de79c1bb1dbc9e303a151d47b1
Reviewed-on: https://chromium-review.googlesource.com/744986
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/master@{#516686}
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/modules/webdatabase/DatabaseTracker.cpp
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/modules/webdatabase/DatabaseTracker.h
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/modules/webdatabase/QuotaTracker.cpp
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/modules/webdatabase/QuotaTracker.h
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/modules/webdatabase/WebDatabaseImpl.cpp
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/modules/webdatabase/WebDatabaseImpl.h
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/platform/mojo/KURLSecurityOriginTest.cpp
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/platform/mojo/SecurityOrigin.typemap
[modify] https://crrev.com/5fb66d803d47bea6ec18bdaf5011bec56c434dcf/third_party/WebKit/Source/platform/mojo/SecurityOriginStructTraits.h
Project Member

Comment 8 by bugdroid1@chromium.org, Nov 28 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5bd5874cbfedb8f8ede66d1cc14d6fd8cac9d29e

commit 5bd5874cbfedb8f8ede66d1cc14d6fd8cac9d29e
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Tue Nov 28 17:43:37 2017

Modify SecurityOrigin before SetSecurityOrigin() in Document::InitSecurityContext()

To reduce modifications to SecurityContext's SecurityOrigin and
make it easier to make SecurityContext's SecurityOrigin const.
No behavior changes are expected.

Bug:  779730 
Change-Id: I64ea74543c989716b6d80ff249489dddb9ace5d1
Reviewed-on: https://chromium-review.googlesource.com/762142
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519731}
[modify] https://crrev.com/5bd5874cbfedb8f8ede66d1cc14d6fd8cac9d29e/third_party/WebKit/Source/core/dom/Document.cpp
Project Member

Comment 9 by bugdroid1@chromium.org, Nov 28 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/845cca13ff3f22b2aa463da6100b5b24c0a84d63

commit 845cca13ff3f22b2aa463da6100b5b24c0a84d63
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Tue Nov 28 18:06:43 2017

Modify SecurityOrigin before SetSecurityOrigin() in WorkerGlobalScope

To reduce modifications to SecurityContext's SecurityOrigin and
make it easier to make SecurityContext's SecurityOrigin const.
No behavior changes are expected.

Bug:  779730 
Change-Id: I03ac5b2a22eb84cce8cd287eed3a4c13cb639f2f
Reviewed-on: https://chromium-review.googlesource.com/762360
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519743}
[modify] https://crrev.com/845cca13ff3f22b2aa463da6100b5b24c0a84d63/third_party/WebKit/Source/core/workers/WorkerGlobalScope.cpp

Comment 10 by hirosh...@chromium.org, Nov 29 2017 

Discussion record (In abandoned CLs):
Prefer GetMutableSecurityOrigin()->ModifySomething() over SecurityContext::ModifySomething():
https://chromium-review.googlesource.com/c/chromium/src/+/744987

Prefer not to introduce WebMutableSecurityOrigin, and use IsolatedCopy() where needed instead:
https://chromium-review.googlesource.com/c/chromium/src/+/748104
Project Member

Comment 11 by bugdroid1@chromium.org, Nov 29 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a2b7240e99ec28f974580198b46ae5b044dd1914

commit a2b7240e99ec28f974580198b46ae5b044dd1914
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Wed Nov 29 21:42:26 2017

Introduce SecurityContext::GetMutableSecurityOrigin()

This CL introduces
- SecurityContext::GetMutableSecurityOrigin()
- ExecutionContext::GetMutableSecurityOrigin()
for cases where SecurityOrigin is modified after
SecurityContext::SetSecurityOrigin() or aliased.

This is a preparation for making most of SecurityOrigin
references const in [1].
At this time GetMutableSecurityOrigin() is identical to
GetSecurityOrigin(), but [1] will make
GetSecurityOrigin() return |const SecurityOrigin*|.

This CL also uses GetMutableSecurityOrigin() for indirect
aliasing via BlobRegistry::RegisterPublicBlobURL()
and SecurityOrigin::Create().

[1] https://chromium-review.googlesource.com/744586.

Bug:  779730 
Change-Id: I616ceda2fe863efb5d8a395c2811f901cd90e6a2
Reviewed-on: https://chromium-review.googlesource.com/747967
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#520254}
[modify] https://crrev.com/a2b7240e99ec28f974580198b46ae5b044dd1914/third_party/WebKit/Source/core/dom/Document.h
[modify] https://crrev.com/a2b7240e99ec28f974580198b46ae5b044dd1914/third_party/WebKit/Source/core/dom/ExecutionContext.cpp
[modify] https://crrev.com/a2b7240e99ec28f974580198b46ae5b044dd1914/third_party/WebKit/Source/core/dom/ExecutionContext.h
[modify] https://crrev.com/a2b7240e99ec28f974580198b46ae5b044dd1914/third_party/WebKit/Source/core/dom/SecurityContext.h
[modify] https://crrev.com/a2b7240e99ec28f974580198b46ae5b044dd1914/third_party/WebKit/Source/core/fileapi/FileReaderLoader.cpp
[modify] https://crrev.com/a2b7240e99ec28f974580198b46ae5b044dd1914/third_party/WebKit/Source/core/html/PublicURLManager.cpp
[modify] https://crrev.com/a2b7240e99ec28f974580198b46ae5b044dd1914/third_party/WebKit/Source/modules/fetch/BlobBytesConsumer.cpp

Comment 12 by hirosh...@chromium.org, Nov 29 2017

Labels: -Restrict-View-Google
Project Member

Comment 13 by bugdroid1@chromium.org, Nov 29 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2ac8870b04bf5300b95c3477a4be14dd8cc3f865

commit 2ac8870b04bf5300b95c3477a4be14dd8cc3f865
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Wed Nov 29 22:14:12 2017

Move WebSecurityOrigin::GrantLoadLocalResources() to WebDocument

To make the WebSecurityOrigin's SecurityOrigin pointer const,
this CL moves WebSecurityOrigin::GrantLoadLocalResources()
(the only WebSecurityOrigin method that calls non-const
SecurityOrigin method) to WebDocument using
GetMutableSecurityOrigin().

No behavior changes.

Bug:  779730 
Change-Id: I711627786d3205acfa2c998f2798332ffb895335
Reviewed-on: https://chromium-review.googlesource.com/744964
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Bo <boliu@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#520265}
[modify] https://crrev.com/2ac8870b04bf5300b95c3477a4be14dd8cc3f865/android_webview/renderer/aw_render_frame_ext.cc
[modify] https://crrev.com/2ac8870b04bf5300b95c3477a4be14dd8cc3f865/third_party/WebKit/Source/core/exported/WebDocument.cpp
[modify] https://crrev.com/2ac8870b04bf5300b95c3477a4be14dd8cc3f865/third_party/WebKit/Source/platform/exported/WebSecurityOrigin.cpp
[modify] https://crrev.com/2ac8870b04bf5300b95c3477a4be14dd8cc3f865/third_party/WebKit/public/platform/WebSecurityOrigin.h
[modify] https://crrev.com/2ac8870b04bf5300b95c3477a4be14dd8cc3f865/third_party/WebKit/public/web/WebDocument.h
Project Member

Comment 14 by bugdroid1@chromium.org, Dec 1 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/62acf2e5e95be89098a3f7e9a136d9d2f2b6c24e

commit 62acf2e5e95be89098a3f7e9a136d9d2f2b6c24e
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Fri Dec 01 03:50:10 2017

Use GetMutableSecurityOrigin() for modifying SecurityContext's SecurityOrigin

No behavior changes.

Bug:  779730 
Change-Id: Iee799336a5f5f2db61d6990edfead3c31b377c50
Reviewed-on: https://chromium-review.googlesource.com/762342
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/master@{#520845}
[modify] https://crrev.com/62acf2e5e95be89098a3f7e9a136d9d2f2b6c24e/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/62acf2e5e95be89098a3f7e9a136d9d2f2b6c24e/third_party/WebKit/Source/core/frame/WebLocalFrameImpl.cpp
Project Member

Comment 16 by bugdroid1@chromium.org, Dec 2 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/50133ffda67462f99fa1fd9f2bd00a1ee1722417

commit 50133ffda67462f99fa1fd9f2bd00a1ee1722417
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Sat Dec 02 02:36:45 2017

Take IsolatedCopy() and modify SecurityOrigin before SetReplicatedOrigin()

To reduce modifications to SecurityContext's SecurityOrigin and
make it easier to make SecurityContext's SecurityOrigin const.

Instead of
- Setting a SecurityOrigin to Document by SetReplicatedOrigin() and
- Later then modifying the SecurityOrigin by
  SetReplicatedPotentiallyTrustworthyUniqueOrigin(),
This CL
- Adds |is_potentially_trustworthy_unique_origin| argument
  to WebRemoteFrame::SetReplicatedOrigin() and instead removes
  WebRemoteFrame::SetReplicatedPotentiallyTrustworthyUniqueOrigin().
- Modifies SecurityOrigin before SecurityContext::SetReplicatedOrigin()
  in WebRemoteFrameImpl::SetReplicatedOrigin().

This CL takes IsolatedCopy() of SecurityOrigin in
WebRemoteFrameImpl::SetReplicatedOrigin(), but this shouldn't cause
behavior changes, because the supplied SecurityOrigin is constructed
from url::Origin and is not aliased with any other SecurityOrigin.

This CL also adds WebSecurityOrigin() constructor call explicitly
in unit tests, because once we make WebSecurityOrigin() constructor
take |scoped_refptr<const SecurityOrigin>|, then the compiler can't
infer the implicit conversion there.

Bug:  779730 
Change-Id: I93c98b5b897dafe3a1f25ded4e7efc258a101df6
Reviewed-on: https://chromium-review.googlesource.com/762407
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#521183}
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/content/renderer/render_frame_proxy.cc
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/third_party/WebKit/Source/core/exported/WebFrameTest.cpp
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/third_party/WebKit/Source/core/exported/WebRemoteFrameImpl.cpp
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/third_party/WebKit/Source/core/exported/WebRemoteFrameImpl.h
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/third_party/WebKit/Source/core/page/scrolling/RootScrollerTest.cpp
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/third_party/WebKit/Source/platform/exported/WebSecurityOrigin.cpp
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/third_party/WebKit/public/platform/WebSecurityOrigin.h
[modify] https://crrev.com/50133ffda67462f99fa1fd9f2bd00a1ee1722417/third_party/WebKit/public/web/WebRemoteFrame.h
Project Member

Comment 17 by bugdroid1@chromium.org, Dec 2 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4cb0660612a54a4dbdf5c18cdec3afc0d8661009

commit 4cb0660612a54a4dbdf5c18cdec3afc0d8661009
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Sat Dec 02 02:39:44 2017

Remove FrameHostMsg_UpdateToUniqueOrigin IPC

According to TODO comments, it can be removed as  Issue 594645 
was already closed as fixed.

Bug:  594645 ,  779730 
Change-Id: I2e7c2722023624d580a4f300c4aa520f2be895ab
Reviewed-on: https://chromium-review.googlesource.com/794016
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/master@{#521185}
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/content/browser/frame_host/render_frame_host_impl.cc
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/content/browser/frame_host/render_frame_host_impl.h
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/content/common/frame_messages.h
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/content/renderer/render_frame_impl.cc
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/content/renderer/render_frame_impl.h
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/third_party/WebKit/Source/core/exported/LocalFrameClientImpl.cpp
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/third_party/WebKit/Source/core/exported/LocalFrameClientImpl.h
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/third_party/WebKit/Source/core/frame/LocalFrameClient.h
[modify] https://crrev.com/4cb0660612a54a4dbdf5c18cdec3afc0d8661009/third_party/WebKit/public/web/WebFrameClient.h
Project Member

Comment 18 by bugdroid1@chromium.org, Dec 4 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8e618096e7732e22003df447c8d5e045eab403f6

commit 8e618096e7732e22003df447c8d5e045eab403f6
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Mon Dec 04 03:32:36 2017

Take IsolatedCopy() before registering isolated world's SecurityOrigin

XMLHttpRequest's responseXML's SecurityOrigin is aliased with
its ExecutionContext, i.e. either with Document or an isolated world,
in XMLHttpRequest::InitResponseDocument().

This CL is a preparation for making
SecurityContext::GetSecurityOrigin() and
XMLHttpRequest::GetSecurityOrigin() return const SecurityOrigin*
in [1], while preserving the aliasing behavior in XHR.

[1] https://chromium-review.googlesource.com/744586

This CL
- Introduces XMLHttpRequest::GetMutableSecurityOrigin(),
- Uses ExecutionContext::GetMutableSecurityOrigin() for
  aliasing with another Document and
- Uses the registered SecurityOrigin of an isolated world
  in DOMWrapperWorld for aliasing with the isolated world.

This CL Takes IsolatedCopy() before
DOMWrapperWorld::SetIsolatedWorldSecurityOrigin() in
WebLocalFrameImpl::SetIsolatedWorldSecurityOrigin(),
to make SecurityOrigin inside its argument (WebSecurityOrigin) const.
This IsolatedCopy() doesn't cause semantic changes, because
the callers of SetIsolatedWorldSecurityOrigin() never
pass an aliased WebSecurityOrigin.

Bug:  779730 
Change-Id: I503c0623f15e37cba010a0c7f0b72e2b44f5af08
Reviewed-on: https://chromium-review.googlesource.com/752006
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Cr-Commit-Position: refs/heads/master@{#521260}
[modify] https://crrev.com/8e618096e7732e22003df447c8d5e045eab403f6/third_party/WebKit/Source/core/frame/WebLocalFrameImpl.cpp
[modify] https://crrev.com/8e618096e7732e22003df447c8d5e045eab403f6/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
[modify] https://crrev.com/8e618096e7732e22003df447c8d5e045eab403f6/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.h
[modify] https://crrev.com/8e618096e7732e22003df447c8d5e045eab403f6/third_party/WebKit/public/web/WebLocalFrame.h
Project Member

Comment 19 by bugdroid1@chromium.org, Dec 5 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/af80aaa20bb4788413577a2aba669cd8c8463c51

commit af80aaa20bb4788413577a2aba669cd8c8463c51
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Tue Dec 05 02:54:57 2017

Modify SecurityOrigin before SetSecurityOrigin() around Document::EnforceSandboxFlags()

Previously, Document::EnforceSandboxFlags()
- Calls ApplySandboxFlags(),
- Detects indirectly whether a new unique origin is set in ApplySandboxFlags(), and
- Modifies Document's SecurityOrigin that is the new unique origin that was just set.

This CL moves the modification to the new unique origin into ApplySandboxFlags(),
before setting the origin to SecurityContext.
|is_potentially_trustworthy| is plumbed to do this.

No behavior changes are expected.

Bug:  779730 
Change-Id: Ia62a35c81bd4130e7a8119cc93e17c6b527f5e12
Reviewed-on: https://chromium-review.googlesource.com/762337
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/master@{#521598}
[modify] https://crrev.com/af80aaa20bb4788413577a2aba669cd8c8463c51/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/af80aaa20bb4788413577a2aba669cd8c8463c51/third_party/WebKit/Source/core/dom/SecurityContext.cpp
[modify] https://crrev.com/af80aaa20bb4788413577a2aba669cd8c8463c51/third_party/WebKit/Source/core/dom/SecurityContext.h
Project Member

Comment 20 by bugdroid1@chromium.org, Dec 5 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7302da857680de8807e66cec2117ae4012be78c1

commit 7302da857680de8807e66cec2117ae4012be78c1
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Tue Dec 05 20:28:03 2017

Make most of SecurityOrigin references const

This CL only adds |const| to SecurityOrigin and thus doesn't change the behavior.

This CL replaces most of
- WebPrivatePtr<SecurityOrigin> -> WebPrivatePtr<const SecurityOrigin>
- scoped_refptr<SecurityOrigin> -> scoped_refptr<const SecurityOrigin>
- SecurityOrigin* -> const SecurityOrigin*
- SecurityOrigin& -> const SecurityOrigin&

Most of the modifications are done mechanically by PCRE:
s/(WebPrivatePtr<|scoped_refptr<|((?<!const)\s+)|\(|^)((::)?blink::)?SecurityOrigin([&\*>])/$1const $3SecurityOrigin$5/g

The following SecurityOrigin references remain non-const:
- SecurityContext::security_origin_
- SecurityContext::GetMutableSecurityOrigin()
- ExecutionContext::GetMutableSecurityOrigin()
- Document::UpdateSecurityOrigin()
- RemoteSecurityContext::SetReplicatedOrigin()
- SecurityOrigin::IsolatedCopy()
- Some local variables
- Some methods in unit tests

(For isolated world SecurityOrigin for XHRs)
- IsolatedWorldSecurityOriginMap
- XMLHttpRequest()::isolated_world_security_origin_
- XMLHttpRequest::XMLHttpRequest()
- XMLHttpRequest::GetMutableSecurityOrigin()
- DOMWrapperWorld::IsolatedWorldSecurityOrigin()
- DOMWrapperWorld::SetIsolatedWorldSecurityOrigin()

(For blob SecurityOrigins)
- BlobURLOriginMap
- SecurityOrigin::Create.*()
- URLRegistry::RegisterURL()
- BlobRegistry::RegisterPublicBlobURL()
- URLSecurityOriginMap::GetOrigin()

Bug:  779730 
Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: Ie4a1a5cc2add20c1c1b9d0d6d5dff9ea9ec46240
Reviewed-on: https://chromium-review.googlesource.com/744586
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#521809}
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/bindings/core/v8/LocalWindowProxy.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/bindings/core/v8/LocalWindowProxy.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/bindings/core/v8/ScriptController.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/bindings/core/v8/WindowProxyManager.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/bindings/core/v8/WindowProxyManager.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/css/CSSFontFaceSrcValue.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/css/CSSStyleSheet.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/css/CSSStyleSheet.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/css/cssom/CSSStyleImageValue.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/DOMImplementation.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/ExecutionContext.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/ExecutionContext.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/Modulator.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/ModulatorImplBase.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/ModulatorImplBase.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/Policy.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/SecurityContext.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/WorkletModulatorImpl.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/dom/WorkletModulatorImpl.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/exported/LocalFrameClientImpl.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/exported/LocalFrameClientImpl.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/exported/WebSharedWorkerImpl.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/ContentSettingsClient.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/ContentSettingsClient.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/DOMWindow.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/DOMWindow.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/Deprecation.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/DeviceSingleWindowEventController.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/History.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/History.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/HistoryTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/LocalDOMWindow.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/LocalDOMWindow.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/LocalFrame.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/LocalFrameClient.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/MHTMLTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/RemoteDOMWindow.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/RemoteDOMWindow.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/RemoteFrameClient.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/RemoteFrameClientImpl.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/RemoteFrameClientImpl.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/UseCounter.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/frame/csp/SourceListDirectiveTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/HTMLCanvasElement.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/HTMLCanvasElement.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/HTMLFrameElementBase.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/HTMLFrameOwnerElement.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/HTMLIFrameElementTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/canvas/CanvasImageSource.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/canvas/CanvasRenderingContext.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/canvas/CanvasRenderingContext.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/canvas/ImageElementBase.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/canvas/ImageElementBase.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/media/HTMLMediaElement.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/media/HTMLMediaElement.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/media/HTMLVideoElement.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/media/HTMLVideoElement.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/html/parser/PreloadRequest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/imagebitmap/ImageBitmap.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/inspector/InspectorNetworkAgent.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/inspector/MainThreadDebugger.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/inspector/MainThreadDebugger.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/BaseFetchContext.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/BaseFetchContextTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/DocumentLoadTiming.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/DocumentLoader.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/DocumentLoader.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/DocumentThreadableLoader.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/EmptyClients.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/FrameFetchContext.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/FrameFetchContext.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/FrameFetchContextTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/FrameLoader.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/MixedContentChecker.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/MixedContentChecker.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/MixedContentCheckerTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/PingLoader.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/TextTrackLoader.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/TextTrackLoader.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/ThreadableLoaderTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/WorkerFetchContext.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/WorkerFetchContext.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/modulescript/ModuleScriptLoaderTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/resource/ImageResource.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/resource/ImageResource.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/resource/ImageResourceContent.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/resource/ImageResourceContent.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/loader/resource/ImageResourceInfo.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/offscreencanvas/OffscreenCanvas.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/page/Page.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/page/Page.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/testing/DummyModulator.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/testing/DummyModulator.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/timing/Performance.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/timing/PerformanceBase.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/timing/PerformanceBaseTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/timing/PerformanceNavigationTiming.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/DedicatedWorkerMessagingProxy.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/DedicatedWorkerTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/GlobalScopeCreationParams.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/WorkerContentSettingsClient.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/WorkerContentSettingsClient.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/WorkerThreadTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/WorkerThreadTestHelper.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/workers/WorkletGlobalScope.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/core/xmlhttprequest/XMLHttpRequest.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/background_fetch/BackgroundFetchBridge.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/background_fetch/BackgroundFetchBridge.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/broadcastchannel/BroadcastChannel.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/budget/BudgetService.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/cachestorage/InspectorCacheStorageAgent.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/canvas/canvas2d/CanvasRenderingContext2DTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/credentialmanager/CredentialsContainer.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/encryptedmedia/NavigatorRequestMediaKeySystemAccess.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/eventsource/EventSource.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/exported/WebEmbeddedWorkerImpl.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/exported/WebStorageEventDispatcherImpl.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/fetch/FetchRequestData.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/fetch/Request.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/filesystem/DOMFileSystemBase.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/filesystem/DOMFileSystemBase.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/filesystem/DOMWindowFileSystem.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/indexeddb/InspectorIndexedDBAgent.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/notifications/Notification.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/notifications/ServiceWorkerRegistrationNotifications.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/notifications/ServiceWorkerRegistrationNotifications.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/quota/DeprecatedStorageQuota.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/quota/StorageManager.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContainer.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/serviceworkers/ServiceWorkerContentSettingsProxy.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/storage/InspectorDOMStorageAgent.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/storage/InspectorDOMStorageAgent.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/storage/StorageArea.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/storage/StorageArea.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/storage/StorageNamespace.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/storage/StorageNamespace.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webaudio/AudioWorklet.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webaudio/BaseAudioContext.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webaudio/BaseAudioContext.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/Database.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/Database.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/DatabaseContext.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/DatabaseContext.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/DatabaseManager.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/DatabaseManager.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/DatabaseTracker.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/DatabaseTracker.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/QuotaTracker.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/QuotaTracker.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webdatabase/QuotaTrackerTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/websockets/DocumentWebSocketChannelTest.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/websockets/WebSocketHandle.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/websockets/WebSocketHandleImpl.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/modules/websockets/WebSocketHandleImpl.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/platform/EncryptedMediaRequest.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/platform/audio/AudioDestination.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/platform/audio/AudioDestination.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/platform/blob/BlobURL.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/platform/blob/BlobURL.h
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third_party/WebKit/Source/platform/credentialmanager/PlatformFederatedCredential.cpp
[modify] https://crrev.com/7302da857680de8807e66cec2117ae4012be78c1/third
Project Member

Comment 21 by bugdroid1@chromium.org, Dec 16 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ec7630cce5aef96c1b5386895541790cd52886e5

commit ec7630cce5aef96c1b5386895541790cd52886e5
Author: Hiroshige Hayashizaki <hiroshige@chromium.org>
Date: Sat Dec 16 00:59:43 2017

Add a null check in WebLocalFrameImpl::SetIsolatedWorldSecurityOrigin()

https://chromium-review.googlesource.com/752006 added an IsolatedCopy()
call but the SecurityOrigin can be null when
WebLocalFrameImpl::SetIsolatedWorldSecurityOrigin() is called from
TestRunnerForSpecificView::SetIsolatedWorldSecurityOrigin().

Bug:  793649 ,  779730 
Change-Id: I017eec29cc6c8cc9a753181c9b6f335569cccb9f
Reviewed-on: https://chromium-review.googlesource.com/825653
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#524542}
[modify] https://crrev.com/ec7630cce5aef96c1b5386895541790cd52886e5/third_party/WebKit/Source/core/frame/WebLocalFrameImpl.cpp

Comment 22 by hirosh...@chromium.org, Feb 13 2018

Status: Fixed (was: Started)

Sign in to add a comment