New issue
Advanced search Search tips

Issue 849935 link

Starred by 1 user
Status: Fixed
Owner:
ksakamoto@chromium.org
Closed: Jul 20
Cc:
kinuko@chromium.org
kouhei@chromium.org
rsleevi@chromium.org
horo@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Task

Blocking:
issue 803774



Sign in to add a comment

Disable Signed Exchanges when the Network Service is enabled

Project Member Reported by ksakamoto@chromium.org, Jun 6 2018 
SignedExchangeHandler uses URLRequestContext to get CertVerifier (and CertTransparencyVerifier / CTPolicyEnforcer / TransportSecurityState in http://crrev.com/c/1056776).

This won't work with NetworkService, so we should temporarily disable Signed Exchanges if Network Service is enabled, until we have unified certificate / CT / OCSP verification that can be called from the browser side (Issue 848277).
Project Member

Comment 1 by bugdroid1@chromium.org, Jun 6 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e9a0502c8eedff772ceb3f37eda9ec7f416c140c

commit e9a0502c8eedff772ceb3f37eda9ec7f416c140c
Author: Kunihiko Sakamoto <ksakamoto@chromium.org>
Date: Wed Jun 06 09:29:51 2018

Disable Signed Exchange when Network Service is enabled

This patch (temporarily) disables Signed Exchange when Network Service
feature is enabled, since cert and CT verification we currently use (via
URLRequestContext) is not wired up in the Network Service code path.

If Network Service feature is enabled, WebPackageLoader will fail with
ERR_INVALID_SIGNED_EXCHANGE and warning message will be shown on devtools.

WebPackageRequestHandlerBrowserTest tests this behavior. Layout tests
with network service are disabled for now.

Bug:  849935 
Change-Id: Ic72f9af4d68f55d8557ea0c631020ed871408a70
Reviewed-on: https://chromium-review.googlesource.com/1088270
Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org>
Cr-Commit-Position: refs/heads/master@{#564835}
[modify] https://crrev.com/e9a0502c8eedff772ceb3f37eda9ec7f416c140c/content/browser/loader/navigation_url_loader_impl.cc
[modify] https://crrev.com/e9a0502c8eedff772ceb3f37eda9ec7f416c140c/content/browser/loader/prefetch_browsertest.cc
[modify] https://crrev.com/e9a0502c8eedff772ceb3f37eda9ec7f416c140c/content/browser/web_package/web_package_loader.cc
[modify] https://crrev.com/e9a0502c8eedff772ceb3f37eda9ec7f416c140c/content/browser/web_package/web_package_request_handler_browsertest.cc
[modify] https://crrev.com/e9a0502c8eedff772ceb3f37eda9ec7f416c140c/third_party/WebKit/LayoutTests/TestExpectations

Comment 2 by kinuko@chromium.org, Jul 20

Status: Fixed (was: Assigned)
Closing.
Project Member

Comment 3 by bugdroid1@chromium.org, Oct 5 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5a4205f3391f41218416a2a7e10fc00e07d6aadb

commit 5a4205f3391f41218416a2a7e10fc00e07d6aadb
Author: Kunihiko Sakamoto <ksakamoto@chromium.org>
Date: Fri Oct 05 07:08:01 2018

Signed exchange: Remove stale comment in NavigationURLLoaderImpl

Bug:  849935 
Change-Id: Ifc480bba69fa9b15aa0b0adb9b0c6a6cb28441b0
Reviewed-on: https://chromium-review.googlesource.com/c/1264136
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org>
Cr-Commit-Position: refs/heads/master@{#597018}
[modify] https://crrev.com/5a4205f3391f41218416a2a7e10fc00e07d6aadb/content/browser/loader/navigation_url_loader_impl.cc

Sign in to add a comment