commit | 263ce44bb356617e098d2cbad147146e0a36fc64 | [log] [tgz] |
---|---|---|
author | Aaron Colwell <acolwell@google.com> | Wed Dec 19 20:39:02 2018 |
committer | Commit Bot <commit-bot@chromium.org> | Wed Dec 19 20:39:02 2018 |
tree | 3fe78695bbcaa7498c8e3fc4344b1db532c5b929 | |
parent | 076c0bc8b5fc7a58c61ee948f48a4c7c29ee6b02 [diff] |
Replace security state workaround in CanAccessDataForOrigin() - Replace workaround with code that is more strict about enforcing security policy during child process shutdown. The old code would always allow data access for IDs not in the security_state_ map. The new code adds a pending map so we can deal with UI/IO thread races during child process removal AND rejects any unknown IDs. - Fixed a test that depended on the old behavior where unknown IDs always allowed access. Bug: 898281, 600441, 915203 Change-Id: I26ca1e48536672b05d2310d8a17be47d5b6ef5c7 Reviewed-on: https://chromium-review.googlesource.com/c/1382855 Commit-Queue: Aaron Colwell <acolwell@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Reviewed-by: Alex Moshchuk <alexmos@chromium.org> Cr-Commit-Position: refs/heads/master@{#617937}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .