Google Git
Sign in
chromium / chromium / src.git / 21b1e0695713448eaf743e43a494f7b4cae14dbb
commit21b1e0695713448eaf743e43a494f7b4cae14dbb[log] [tgz]
authorAyu Ishii <ayui@chromium.org>Wed May 22 23:14:39 2019
committerCommit Bot <commit-bot@chromium.org>Wed May 22 23:14:39 2019
treef42d45add6edcd28de007b05ef232c49340c2ff9
parentf59b1cda2368e19bdeebcecbd3e707d269b2f17c [diff]
[sms] Restrict SMS Receiver API to Top Level Frames in Browser Process

This change restricts the SMS Receiver API to only be used from
top level frames to prevent malicious sites from accessing the one time
passcodes for signup. This change adds restrictions in the browser
process. Restriction in the renderer process can be found
here (https://crrev.com/c/1594211).

Bug: 936659
Change-Id: I95f38f178519fdacc35cb923716f2516b4f90d1b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1613718
Reviewed-by: Ken Buchanan <kenrb@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Commit-Queue: Ayu Ishii <ayui@chromium.org>
Cr-Commit-Position: refs/heads/master@{#662408}
7 files changed
tree: f42d45add6edcd28de007b05ef232c49340c2ff9
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. cloud_print/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. fuchsia/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. jingle/
  31. media/
  32. mojo/
  33. native_client_sdk/
  34. net/
  35. pdf/
  36. ppapi/
  37. printing/
  38. remoting/
  39. rlz/
  40. sandbox/
  41. services/
  42. skia/
  43. sql/
  44. storage/
  45. styleguide/
  46. testing/
  47. third_party/
  48. tools/
  49. ui/
  50. url/
  51. .clang-format
  52. .eslintrc.js
  53. .git-blame-ignore-revs
  54. .gitattributes
  55. .gitignore
  56. .gn
  57. .vpython
  58. AUTHORS
  59. BUILD.gn
  60. CODE_OF_CONDUCT.md
  61. codereview.settings
  62. DEPS
  63. ENG_REVIEW_OWNERS
  64. LICENSE
  65. LICENSE.chromium_os
  66. OWNERS
  67. PRESUBMIT.py
  68. PRESUBMIT_test.py
  69. PRESUBMIT_test_mocks.py
  70. README.md
  71. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .