https://github.com/mikewest/sec-metadata/ sketches out a proposal for adding additional metadata to outgoing requests in order to help servers make better decisions a priori. We should poke at this feature to help define its contours.
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/930a15f6c23e70c9d57886092f3fd94a4add614d commit 930a15f6c23e70c9d57886092f3fd94a4add614d Author: Mike West <mkwst@chromium.org> Date: Wed May 23 15:10:26 2018 `Sec-Metadata` prototype. Intent to Implement: https://groups.google.com/a/chromium.org/d/msg/blink-dev/tNwA_l_o9lc/5wug6BcmCQAJ Bug: 843478 Change-Id: If7f5f294dd4641350c1ace00690f97cab63dd9f1 Reviewed-on: https://chromium-review.googlesource.com/1061077 Commit-Queue: Mike West <mkwst@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Reviewed-by: Philip Jägenstedt <foolip@chromium.org> Reviewed-by: Camille Lamy <clamy@chromium.org> Cr-Commit-Position: refs/heads/master@{#561086} [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/content/browser/frame_host/navigation_request.cc [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/content/child/runtime_features.cc [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/content/public/common/content_features.cc [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/content/public/common/content_features.h [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/README.md [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/fetch.tentative.https.sub.html [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/iframe.tentative.https.sub.html [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/img.tentative.https.sub.html [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/resources/echo-as-json.py [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/resources/echo-as-script.py [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/resources/helper.js [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/resources/post-to-owner.py [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/script.tentative.https.sub.html [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/window-open.tentative.https.sub.html [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/fetch-request-xhr.https-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/post-basic-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/post-frames-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/post-frames-goback1-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/post-goback1-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/navigation/rename-subframe-goback-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-leak-path-on-redirect-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-event-headers.html [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/post-basic-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/post-frames-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/post-frames-goback1-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/post-goback1-expected.txt [add] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/WebKit/LayoutTests/virtual/stable/http/tests/navigation/rename-subframe-goback-expected.txt [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/blink/public/platform/web_runtime_features.h [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/blink/renderer/core/loader/base_fetch_context.cc [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/blink/renderer/platform/exported/web_runtime_features.cc [modify] https://crrev.com/930a15f6c23e70c9d57886092f3fd94a4add614d/third_party/blink/renderer/platform/runtime_enabled_features.json5
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/18d4ec4b44a62b2d9476b00f6457462a18701568 commit 18d4ec4b44a62b2d9476b00f6457462a18701568 Author: Mike West <mkwst@chromium.org> Date: Fri Jun 15 07:18:46 2018 `Sec-Metadata`: `cause` is navigation-only. This patch removes the `cause` member from `Sec-Metadata` headers generated for non-navigation requests. Spec: https://mikewest.github.io/sec-metadata/#cause-member Bug: 843478 Change-Id: I1cc35909ecdccd7ac0f4ab440be899acf67a0181 Reviewed-on: https://chromium-review.googlesource.com/1100820 Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#567571} [modify] https://crrev.com/18d4ec4b44a62b2d9476b00f6457462a18701568/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/fetch.tentative.https.sub.html [modify] https://crrev.com/18d4ec4b44a62b2d9476b00f6457462a18701568/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/img.tentative.https.sub.html [modify] https://crrev.com/18d4ec4b44a62b2d9476b00f6457462a18701568/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/script.tentative.https.sub.html [modify] https://crrev.com/18d4ec4b44a62b2d9476b00f6457462a18701568/third_party/blink/renderer/core/loader/base_fetch_context.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/3d33f9c502f2362a7c457f03515d920ab4810fd6 commit 3d33f9c502f2362a7c457f03515d920ab4810fd6 Author: Mike West <mkwst@chromium.org> Date: Fri Jun 22 08:17:17 2018 Sec-Metadata: Strings are quoted in structured headers. So this patch adds quotes. See https://tools.ietf.org/html/draft-ietf-httpbis-header-structure-06#section-3.7 and https://github.com/mikewest/sec-metadata/commit/98f7c1253e8dd8a0e1606c2f443772b0c9d562b4. Bug: 843478 Change-Id: I29dfa3a87e3c65a1b64009e173faa6d0f41b40f4 Reviewed-on: https://chromium-review.googlesource.com/1109819 Commit-Queue: Mike West <mkwst@chromium.org> Reviewed-by: Camille Lamy <clamy@chromium.org> Reviewed-by: Andy Paicu <andypaicu@chromium.org> Cr-Commit-Position: refs/heads/master@{#569554} [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/content/browser/frame_host/navigation_request.cc [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/fetch.tentative.https.sub.html [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/resources/helper.js [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/post-basic-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/post-frames-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/post-frames-goback1-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/post-goback1-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/navigation/rename-subframe-goback-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-leak-path-on-redirect-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect-expected.txt [modify] https://crrev.com/3d33f9c502f2362a7c457f03515d920ab4810fd6/third_party/blink/renderer/core/loader/base_fetch_context.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c3dade0056461bb4d59c542164c58fb6f3409930 commit c3dade0056461bb4d59c542164c58fb6f3409930 Author: Mike West <mkwst@chromium.org> Date: Thu Aug 16 11:46:31 2018 Sec-Metadata: Remove the 'target' attribute. This patch removes the 'target' attribute by replacing it with a new 'destination' value that distinguishes between top-level and nested navigations. Spec: https://github.com/mikewest/sec-metadata/commit/de7530709176c56956a5f696b52244f25f86e4fd Bug: 861678, 843478 Change-Id: I2bf5df1b93fb2c7c341cbe6da30d99bb19d40626 Reviewed-on: https://chromium-review.googlesource.com/1172137 Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Reviewed-by: Philip Jägenstedt <foolip@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#583605} [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/content/browser/frame_host/navigation_request.cc [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/embed.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/fetch.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/font.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/iframe.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/img.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/object.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/cross-site/cross-site.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/cross-site/same-origin.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/cross-site/same-site.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/same-origin/cross-site.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/same-origin/same-origin.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/same-origin/same-site.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/same-site/cross-site.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/same-site/same-origin.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/redirect/same-site/same-site.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/report.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/resources/echo-as-json.py [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/resources/echo-as-script.py [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/script.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/serviceworker.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/sharedworker.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/style.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/track.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/window-open.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/worker.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/xslt.tentative.https.sub.html [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/post-basic-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/post-frames-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/post-frames-goback1-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/post-goback1-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/navigation/rename-subframe-goback-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-leak-path-on-redirect-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect-expected.txt [modify] https://crrev.com/c3dade0056461bb4d59c542164c58fb6f3409930/third_party/blink/renderer/core/loader/base_fetch_context.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f8aa686c8743941ea95c0b58718626a2e3706896 commit f8aa686c8743941ea95c0b58718626a2e3706896 Author: Mike West <mkwst@chromium.org> Date: Fri Jan 11 21:09:17 2019 Split `Sec-Metadata` into `Sec-Fetch-*`. As of [1], we've split the single `Sec-Metadata` header into multiple headers: `Sec-Fetch-Dest`, `Sec-Fetch-Site`, and `Sec-Fetch-User`. This patch does that work in Chromium. The spec change also added `Sec-Fetch-Mode`, but this patch does not. We'll add that functionality to Chromium in a future CL. Test changes pulled from clap@'s excellent PR at https://github.com/web-platform-tests/wpt/pull/14771 The test failures are expected: redirect failures are https://crbug.com/872285, object/embed failures are https://crbug.com/860510. XSLT failures are WontFix (some engines support cross-origin XSLT; Blink does not). [1]: https://github.com/mikewest/sec-metadata/commit/105103d775141912261dd164b16bd59b22f6d853 Bug: 843478 Change-Id: I7654d5e823ad813682ac3eb244bbc244a322e6ca Reviewed-on: https://chromium-review.googlesource.com/c/1402448 Commit-Queue: Mike West <mkwst@chromium.org> Reviewed-by: Camille Lamy <clamy@chromium.org> Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#622145} [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/content/browser/frame_host/navigation_request.cc [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/content/browser/worker_host/worker_script_fetch_initiator.cc [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/renderer/core/loader/base_fetch_context.cc [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/embed.tentative.https.sub-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/embed.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/fetch.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/font.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/iframe.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/img.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/object.tentative.https.sub-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/object.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/redirect/cross-site-redirect.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/redirect/multiple-redirect-cross-site.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/redirect/multiple-redirect-same-site.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/redirect/same-origin-redirect.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/redirect/same-site-redirect.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/report.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/resources/echo-as-json.py [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/resources/echo-as-script.py [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/resources/helper.js [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/resources/post-to-owner.py [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/resources/record-header.py [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/script.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/serviceworker.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/sharedworker.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/style.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/track.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/window-open.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/worker.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/xslt.tentative.https.sub-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/fetch/sec-metadata/xslt.tentative.https.sub.html [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/external/wpt/service-workers/service-worker/fetch-request-xhr.https-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-get-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-no-referrer-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/form-targets-cross-site-frame-post-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/form-with-enctype-targets-cross-site-frame-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/post-basic-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/post-frames-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/post-frames-goback1-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/post-goback1-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/navigation/rename-subframe-goback-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-leak-path-on-redirect-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed-with-redirect-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-default-ignored-with-redirect-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-allowed-with-redirect-expected.txt [modify] https://crrev.com/f8aa686c8743941ea95c0b58718626a2e3706896/third_party/blink/web_tests/http/tests/serviceworker/fetch-event-headers.html
Comment 1 by bugdroid1@chromium.org
, May 23 2018