New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 849483 link

Starred by 1 user
Status: Assigned
Owner:
jarhar@chromium.org
Cc:
lushnikov@chromium.org
johannes@chromium.org
est...@chromium.org
creis@chromium.org
pfeldman@chromium.org
dgozman@chromium.org
wfh@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Chrome , Mac
Pri: 2
Type: Bug



Sign in to add a comment

DevTools: instrument network events from the browser process

Project Member Reported by caseq@chromium.org, Jun 5 2018 
We plan to move DevTools network instrumentation to the browser process and perform it from DevToolsURLLoaderInterceptor. This will allow:
- merge interception and instrumentation ids (and, possible, protocol events)
- stop routing sensitive data (e.g. HTTP-only cookies) through renderer;
- unify navigation and sub-resource instrumentation.

More details here: https://docs.google.com/document/d/1D_1EktSKNzxLD2MK36LQZdqI0n45G-KxPebUmn-wdMo/#heading=h.th00aosfn1l8

Comment 1 by caseq@chromium.org, Jun 5 2018

Description: Show this description

Comment 2 by creis@chromium.org, Jun 5 2018

Cc: est...@chromium.org
Components: Internals>Sandbox>SiteIsolation
Labels: OS-Chrome OS-Linux OS-Mac OS-Windows
Thanks!  This sounds like it will resolve one of the known issues for Site Isolation, which is that DevTools doesn't show cookies or other headers on cross-site subresources (after  issue 793692 ).

https://www.chromium.org/Home/chromium-security/site-isolation#TOC-Known-Issues

It will also probably offer a better solution for  issue 834771  (where we're allowing some security connection data into untrusted renderers to get the security panel to work).

I think you mentioned offline that this work might be dependent on the network service?

Comment 3 by jarhar@chromium.org, Nov 9

Owner: jarhar@chromium.org

Sign in to add a comment