Issue 803770 link

Starred by 3 users

Issue metadata

Status:	Duplicate
Merged:	issue 870172
Owner:	toyoshim@chromium.org
Closed:	Aug 20
Components:	Blink>Loader Blink>SecurityFeature>CORS
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	1
Type:	Task
M-66 OOR-CORS

Blocking:
issue 803766

OOR-CORS: move origin whitelist from blink::SecurityPolicy to services/network

Project Member Reported by toyoshim@chromium.org, Jan 19 2018

Issue description

Blink manages an origin whitelist to bypass CORS checks for Chrome Extensions and exposes API to the extension module, as WebSecurityPolicy::AddOriginAccessWhitelistEntry, and so on.

To support OOR-CORS, we need to move the whitelist to services/network.

See also https://docs.google.com/document/d/1JNmUcvbw2UcjfdI2uyUpveHXCbae-DQ1n8d_sVs5fLg/edit#heading=h.jxtgloyms3ey

Comment 1 by toyoshim@chromium.org, Jan 19 2018

Blocking: 803766

Comment 2 by toyoshim@chromium.org, Feb 16 2018

Labels: OOR-CORS

Comment 3 by toyoshim@chromium.org, Aug 20

Mergedinto: 870172
Status: Duplicate (was: Started)

►

Issue 803770 link

Issue metadata

OOR-CORS: move origin whitelist from blink::SecurityPolicy to services/network

Issue description

Comment 1 by toyoshim@chromium.org, Jan 19 2018

Comment 1 Deleted

Comment 2 by toyoshim@chromium.org, Feb 16 2018

Comment 2 Deleted

Comment 3 by toyoshim@chromium.org, Aug 20

Comment 3 Deleted

Sign in to add a comment