Don't block cross-site document requests from Flash |
|||||||||
Issue descriptionChrome Version: 65.0.3291.0 OS: Win10 What steps will reproduce the problem? (1) Start Chrome with --site-per-process. (2) Visit https://thehackerblog.com/crossdomain/index.html (3) Click the "Get Flash player" icon and choose to Allow Flash. (4) Paste cross-site URL into "Target URL" box, specifically on a server that has a crossdomain.xml file allowing it. (Sorry, this part is tricky and I don't have a public example URL to suggest.) (5) Click Execute What is the expected result? The Response box should show the contents of the response. What happens instead? securityErrorHandler:[SecurityErrorEvent type="securityError" bubbles=false cancelable=false eventPhase=2 text="Error #2048"] This is because Flash doesn't use CORS headers, so the blocking logic from issue 786505 thinks the response should not be allowed. We should allow it, while still requiring CORS for other PPAPI plugins that don't have universal access. This should be safe because Flash is click-to-play. Note that this case will become unnecessary when PPAPI requests don't go through the renderer (issue 778711).
,
Dec 12 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/481b725079c7b7be2782c68f3ee3de0736098c00 commit 481b725079c7b7be2782c68f3ee3de0736098c00 Author: Charles Reis <creis@chromium.org> Date: Tue Dec 12 04:13:26 2017 Do not block cross-site Flash requests in Site Isolation modes. Flash requests can be distinguished by the lack of CORS, and they should be allowed since Flash has its own cross-domain policy. It is also click-to-play, making this somewhat safer to allow. TBR=nick@chromium.org BUG= 793953 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation Change-Id: I0b191e0093cc5133a9d5421b1294e4bb91e64b6c Reviewed-on: https://chromium-review.googlesource.com/817661 Commit-Queue: Charlie Reis <creis@chromium.org> Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Charlie Harrison <csharrison@chromium.org> Cr-Commit-Position: refs/heads/master@{#523330} [modify] https://crrev.com/481b725079c7b7be2782c68f3ee3de0736098c00/content/browser/loader/cross_site_document_resource_handler.cc [modify] https://crrev.com/481b725079c7b7be2782c68f3ee3de0736098c00/content/browser/loader/cross_site_document_resource_handler.h [modify] https://crrev.com/481b725079c7b7be2782c68f3ee3de0736098c00/content/browser/loader/cross_site_document_resource_handler_unittest.cc [modify] https://crrev.com/481b725079c7b7be2782c68f3ee3de0736098c00/content/browser/loader/resource_dispatcher_host_impl.cc [modify] https://crrev.com/481b725079c7b7be2782c68f3ee3de0736098c00/content/browser/loader/resource_dispatcher_host_impl.h
,
Dec 13 2017
Should be fixed in tomorrow's Canary (likely 65.0.3293.0). I'll request a merges once I verify it.
,
Dec 13 2017
Thank you creis@. Please request a merge to M63 and M64 after canary verification.
,
Dec 13 2017
,
Dec 13 2017
I've verified the fix on Windows Canary 65.0.3293.2, and it doesn't look like there are new crashes from it. Requesting merge to M64 and M63. I've already compiled, tested, and verified the merge CLs on both branches locally.
,
Dec 13 2017
This bug requires manual review: Request affecting a post-stable build Please contact the milestone owner if you have questions. Owners: cmasso@(Android), cmasso@(iOS), gkihumba@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 13 2017
Approving merge to M63 branch 3239 based on comment #6. Thank you.
,
Dec 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/0a0215d18fd6597f07b1c35aa4e31ff248ff4775 commit 0a0215d18fd6597f07b1c35aa4e31ff248ff4775 Author: Charles Reis <creis@chromium.org> Date: Wed Dec 13 17:12:51 2017 Do not block cross-site Flash requests in Site Isolation modes. Flash requests can be distinguished by the lack of CORS, and they should be allowed since Flash has its own cross-domain policy. It is also click-to-play, making this somewhat safer to allow. TBR=nick@chromium.org BUG= 793953 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation (cherry picked from commit 481b725079c7b7be2782c68f3ee3de0736098c00) Change-Id: I0b191e0093cc5133a9d5421b1294e4bb91e64b6c Reviewed-on: https://chromium-review.googlesource.com/817661 Commit-Queue: Charlie Reis <creis@chromium.org> Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Charlie Harrison <csharrison@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#523330} Reviewed-on: https://chromium-review.googlesource.com/824435 Cr-Commit-Position: refs/branch-heads/3239@{#674} Cr-Branched-From: adb61db19020ed8ecee5e91b1a0ea4c924ae2988-refs/heads/master@{#508578} [modify] https://crrev.com/0a0215d18fd6597f07b1c35aa4e31ff248ff4775/content/browser/loader/cross_site_document_resource_handler.cc [modify] https://crrev.com/0a0215d18fd6597f07b1c35aa4e31ff248ff4775/content/browser/loader/cross_site_document_resource_handler.h [modify] https://crrev.com/0a0215d18fd6597f07b1c35aa4e31ff248ff4775/content/browser/loader/cross_site_document_resource_handler_unittest.cc [modify] https://crrev.com/0a0215d18fd6597f07b1c35aa4e31ff248ff4775/content/browser/loader/resource_dispatcher_host_impl.cc [modify] https://crrev.com/0a0215d18fd6597f07b1c35aa4e31ff248ff4775/content/browser/loader/resource_dispatcher_host_impl.h
,
Dec 13 2017
Approving merge to M64 branch 3282 based on comment #6.
,
Dec 13 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a502578408758b36a08f92ac1f3f82215765eda5 commit a502578408758b36a08f92ac1f3f82215765eda5 Author: Charles Reis <creis@chromium.org> Date: Wed Dec 13 17:18:38 2017 Do not block cross-site Flash requests in Site Isolation modes. Flash requests can be distinguished by the lack of CORS, and they should be allowed since Flash has its own cross-domain policy. It is also click-to-play, making this somewhat safer to allow. TBR=nick@chromium.org BUG= 793953 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation (cherry picked from commit 481b725079c7b7be2782c68f3ee3de0736098c00) Change-Id: I0b191e0093cc5133a9d5421b1294e4bb91e64b6c Reviewed-on: https://chromium-review.googlesource.com/817661 Commit-Queue: Charlie Reis <creis@chromium.org> Reviewed-by: Charlie Reis <creis@chromium.org> Reviewed-by: Charlie Harrison <csharrison@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#523330} Reviewed-on: https://chromium-review.googlesource.com/824436 Cr-Commit-Position: refs/branch-heads/3282@{#203} Cr-Branched-From: 5fdc0fab22ce7efd32532ee989b223fa12f8171e-refs/heads/master@{#520840} [modify] https://crrev.com/a502578408758b36a08f92ac1f3f82215765eda5/content/browser/loader/cross_site_document_resource_handler.cc [modify] https://crrev.com/a502578408758b36a08f92ac1f3f82215765eda5/content/browser/loader/cross_site_document_resource_handler.h [modify] https://crrev.com/a502578408758b36a08f92ac1f3f82215765eda5/content/browser/loader/cross_site_document_resource_handler_unittest.cc [modify] https://crrev.com/a502578408758b36a08f92ac1f3f82215765eda5/content/browser/loader/resource_dispatcher_host_impl.cc [modify] https://crrev.com/a502578408758b36a08f92ac1f3f82215765eda5/content/browser/loader/resource_dispatcher_host_impl.h
,
Dec 13
The NextAction date has arrived: 2018-12-13 |
|||||||||
►
Sign in to add a comment |
|||||||||
Comment 1 by nasko@chromium.org
, Dec 11 2017