New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 806996 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Aug 31
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Chrome , Mac
Pri: 2
Type: Bug

Blocked on:
issue 827633
issue 809261
issue 826756

Blocking:
issue 268640
issue 802835



Sign in to add a comment

Standarization of XSDB behavior

Project Member Reported by lukasza@chromium.org, Jan 29 2018

Issue description

Let's use this bug to track the attempt to standardize the XSDB behavior.
 
Components: Internals>Sandbox>SiteIsolation
Blockedon: 809261
Project Member

Comment 3 by bugdroid1@chromium.org, Feb 9 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/780bcee91e074b7331b4df432fb572c9367a9eb6

commit 780bcee91e074b7331b4df432fb572c9367a9eb6
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Fri Feb 09 19:29:57 2018

First draft of XSDB explainer.

Bug:  806996 
Change-Id: Iaa21b8a7303c4c711e2d3184164f5803febe95e0
Reviewed-on: https://chromium-review.googlesource.com/891580
Reviewed-by: Nick Carter <nick@chromium.org>
Commit-Queue: Nick Carter <nick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#535782}
[add] https://crrev.com/780bcee91e074b7331b4df432fb572c9367a9eb6/content/browser/loader/cross_origin_read_blocking_explainer.md

Project Member

Comment 4 by bugdroid1@chromium.org, Feb 14 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5096171c36adb5e951863b99a40eb33f8c55db5b

commit 5096171c36adb5e951863b99a40eb33f8c55db5b
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Wed Feb 14 22:17:00 2018

CORB: WPT tests for <img> tag interactions.

Bug:  809261 ,  806996 
Change-Id: Ifb8ce26b4fb5bccf18ea22013e898b81c9654c14
Reviewed-on: https://chromium-review.googlesource.com/915103
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: Nick Carter <nick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#536844}
[modify] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/content/browser/loader/cross_origin_read_blocking_explainer.md
[modify] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/FlagExpectations/site-per-process
[modify] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/TestExpectations
[modify] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/README.md
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/img-html-correctly-labeled.sub-expected.html
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/img-html-correctly-labeled.sub.html
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/img-png-mislabeled-as-html-nosniff.tentative.sub-expected.html
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/img-png-mislabeled-as-html-nosniff.tentative.sub.html
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/img-png-mislabeled-as-html.sub-expected.html
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/img-png-mislabeled-as-html.sub.html
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/empty-labeled-as-png.png
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/empty-labeled-as-png.png.headers
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/html-correctly-labeled.html
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/html-correctly-labeled.html.headers
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/png-correctly-labeled.png
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/png-correctly-labeled.png.headers
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/png-mislabeled-as-html-nosniff.png
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/png-mislabeled-as-html-nosniff.png.headers
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/png-mislabeled-as-html.png
[add] https://crrev.com/5096171c36adb5e951863b99a40eb33f8c55db5b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/png-mislabeled-as-html.png.headers

Project Member

Comment 5 by bugdroid1@chromium.org, Feb 14 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/926617b5a55ded064f11e2f71308cd26fc4f6bf4

commit 926617b5a55ded064f11e2f71308cd26fc4f6bf4
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Wed Feb 14 23:04:58 2018

CORB: WPT tests for <script> tag interactions.

Bug:  809261 ,  806996 
Change-Id: Ia0f5acdc517f79aa9075447f8b543a141313e098
Reviewed-on: https://chromium-review.googlesource.com/917195
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: Nick Carter <nick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#536863}
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/content/browser/loader/cross_origin_read_blocking_explainer.md
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/FlagExpectations/site-per-process
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/TestExpectations
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/css-with-json-parser-breaker.sub.html
[add] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/js-mislabeled-as-html-nosniff.js
[add] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/js-mislabeled-as-html-nosniff.js.headers
[add] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/js-mislabeled-as-html.js
[add] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/js-mislabeled-as-html.js.headers
[add] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/script-html-correctly-labeled.tentative.sub.html
[add] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/script-js-mislabeled-as-html-nosniff.sub.html
[add] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/script-js-mislabeled-as-html.sub.html
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/nosniff/importscripts.js
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/nosniff/script.html
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/nosniff/stylesheet.html
[modify] https://crrev.com/926617b5a55ded064f11e2f71308cd26fc4f6bf4/third_party/WebKit/LayoutTests/external/wpt/fetch/nosniff/worker.html

Project Member

Comment 6 by bugdroid1@chromium.org, Feb 14 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2853b263c3d5f4c8bfc9b654760937dff3672dce

commit 2853b263c3d5f4c8bfc9b654760937dff3672dce
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Wed Feb 14 23:28:54 2018

CORB: WPT tests for <link rel="stylesheet" href="..."> tag interactions.

Bug:  809261 ,  806996 
Change-Id: I97df15c54f72b571a7e8622c3137ec597d5244a9
Reviewed-on: https://chromium-review.googlesource.com/919171
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: Nick Carter <nick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#536877}
[modify] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/content/browser/loader/cross_origin_read_blocking_explainer.md
[delete] https://crrev.com/74914d33c83adedd38d69ba624ec542581eba19b/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/css-with-json-parser-breaker.sub.html
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/css-mislabeled-as-html-nosniff.css
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/css-mislabeled-as-html-nosniff.css.headers
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/css-mislabeled-as-html.css
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/css-mislabeled-as-html.css.headers
[modify] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/resources/css-with-json-parser-breaker.css
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/style-css-mislabeled-as-html-nosniff.sub.html
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/style-css-mislabeled-as-html.sub.html
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/style-css-with-json-parser-breaker.sub.html
[add] https://crrev.com/2853b263c3d5f4c8bfc9b654760937dff3672dce/third_party/WebKit/LayoutTests/external/wpt/fetch/corb/style-html-correctly-labeled.sub.html

Project Member

Comment 8 by bugdroid1@chromium.org, Mar 5 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6dcb9df050123c13d55e087b3fb6a21ef5908c79

commit 6dcb9df050123c13d55e087b3fb6a21ef5908c79
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Mon Mar 05 18:15:59 2018

Various edits of CORB explainer.

Bug:  806996 
Change-Id: I59146f973087025e2fcd785b91c6cfeabd360095
Reviewed-on: https://chromium-review.googlesource.com/941603
Reviewed-by: Charlie Reis <creis@chromium.org>
Reviewed-by: Nick Carter <nick@chromium.org>
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#540868}
[modify] https://crrev.com/6dcb9df050123c13d55e087b3fb6a21ef5908c79/content/browser/loader/cross_origin_read_blocking_explainer.md

Project Member

Comment 9 by bugdroid1@chromium.org, Mar 5 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/51704b89bce9dd4f070df3a2a8eecf2cc948d277

commit 51704b89bce9dd4f070df3a2a8eecf2cc948d277
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Mon Mar 05 21:38:05 2018

Fixing section formatting and typos

Bug:  806996 
Change-Id: I7270bfdd6f282fb64e54711d019dcd3e22939db1
Reviewed-on: https://chromium-review.googlesource.com/949405
Reviewed-by: Charlie Reis <creis@chromium.org>
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#540948}
[modify] https://crrev.com/51704b89bce9dd4f070df3a2a8eecf2cc948d277/content/browser/loader/cross_origin_read_blocking_explainer.md

Project Member

Comment 10 by bugdroid1@chromium.org, Mar 5 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5b4f1596aa50b3b6cb323bca5bea0e2ffa21bf58

commit 5b4f1596aa50b3b6cb323bca5bea0e2ffa21bf58
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Mon Mar 05 21:55:07 2018

Fixing list formatting in "Observable CORB impact on stylesheets" section

Bug:  806996 
Change-Id: If4cb6110727ac6eacd5652aec74052445437a654
Tbr: creis@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/949777
Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#540951}
[modify] https://crrev.com/5b4f1596aa50b3b6cb323bca5bea0e2ffa21bf58/content/browser/loader/cross_origin_read_blocking_explainer.md

Project Member

Comment 11 by bugdroid1@chromium.org, Mar 7 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/cdd4b649f940a1b9f398ac31cf4c60bff85e2e5d

commit cdd4b649f940a1b9f398ac31cf4c60bff85e2e5d
Author: Charlie Reis <creis@chromium.org>
Date: Wed Mar 07 22:28:41 2018

Revise data discussion in CORB explainer.

BUG= 806996 

Change-Id: Id9c91d764c76751aa24f6bbc3014d7c5c1c6d247
Reviewed-on: https://chromium-review.googlesource.com/952565
Commit-Queue: Charlie Reis <creis@chromium.org>
Reviewed-by: Nick Carter <nick@chromium.org>
Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#541611}
[modify] https://crrev.com/cdd4b649f940a1b9f398ac31cf4c60bff85e2e5d/content/browser/loader/cross_origin_read_blocking_explainer.md

Cc: creis@chromium.org nick@chromium.org
Labels: -Pri-3 M-67 OS-Chrome OS-Linux OS-Mac OS-Windows Pri-1
Owner: lukasza@chromium.org
Status: Started (was: Untriaged)
Assigning to lukasza@, who just opened this issue against the fetch spec to start the discussion:
https://github.com/whatwg/fetch/issues/681
Blocking: 802835
Blockedon: 826756
Blockedon: 827633
Project Member

Comment 16 by bugdroid1@chromium.org, Apr 4 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/cc72fae44c5f893cb5c08cab3fe6197e5ae92a36

commit cc72fae44c5f893cb5c08cab3fe6197e5ae92a36
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Wed Apr 04 21:30:59 2018

Add references to From-Origin and Isolate-Me as potential opt-in mechanisms

Bug:  806996 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I5ffa57b0a4231917e3d3a227cb986c8f5a5f3827
Reviewed-on: https://chromium-review.googlesource.com/996313
Reviewed-by: Nick Carter <nick@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Commit-Queue: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#548205}
[modify] https://crrev.com/cc72fae44c5f893cb5c08cab3fe6197e5ae92a36/services/network/cross_origin_read_blocking_explainer.md

Fetch spec changes covering nosniff and 206 have landed:
- PR: https://github.com/whatwg/fetch/pull/686
- CORB section in the Fetch spec: https://fetch.spec.whatwg.org/#corb
Labels: -Pri-1 -M-67 Pri-2
Remaining work:
- Describing the sniffing logic somewhere (maybe this doesn't have to be a normative part of the spec, since if sniffing is correct, then it shouldn't be observable)
- Follow-up on remaining issues tracked in https://github.com/whatwg/fetch/issues?utf8=%E2%9C%93&q=is%3Aissue+CORB

This remaining work can probably be treated as Pri2.
Project Member

Comment 19 by bugdroid1@chromium.org, Jun 1 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/19dfeb4d33538460d231e024a61a7b9c83781f01

commit 19dfeb4d33538460d231e024a61a7b9c83781f01
Author: Lukasz Anforowicz <lukasza@chromium.org>
Date: Fri Jun 01 16:08:35 2018

Tweak the CORB explainer to cover the latest state of standardization.

This CL tweaks the CORB explainer to:
- Link to the From-Origin proposal (and call it using the newly
  agreed name - Cross-Origin Read Policy)
- Replace the old section with spec-like language with 2 new sections
  talking about the current state of CORB wrt 1) standards and 2)
  implementations.

Bug:  806996 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: I17e4f51767864e3ab9414fb8a9d684a0a109a548
Reviewed-on: https://chromium-review.googlesource.com/1079323
Reviewed-by: Charlie Reis <creis@chromium.org>
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#563661}
[modify] https://crrev.com/19dfeb4d33538460d231e024a61a7b9c83781f01/services/network/cross_origin_read_blocking_explainer.md

Status: Fixed (was: Started)

Sign in to add a comment