Google Git
Sign in
chromium / chromium / src / 53378481ea3dfd52d2209bcf49ef55b34e4ff2b3
commit53378481ea3dfd52d2209bcf49ef55b34e4ff2b3[log] [tgz]
authorFrédéric Wang <fwang@igalia.com>Fri Jan 15 09:24:05 2021
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Fri Jan 15 09:24:05 2021
tree98835f1882bd079f46359de2e4a7c222ab4aed11
parent09d36575ecb6bdce99825c887aac9a75cdf9ad21 [diff]
Remove SecurityPolicy APIs for handling a trustworthy safelist

This CL removes the following methods:

WebSecurityPolicy::AddOriginToTrustworthySafelist
SecurityPolicy::AddOriginToTrustworthySafelist
SecurityPolicy::IsOriginTrustworthySafelisted

Outside tests, these methods are only used to populate SecurityPolicy's
safelist from SecureOriginAllowlist. The last one is only called from
SecurityOrigin::IsSecure and SecurityOrigin::IsPotentiallyTrustworthy,
but they can rely on SecureOriginAllowlist::IsOriginAllowlisted instead.

Some tests also rely on SecurityPolicy::AddOriginToTrustworthySafelist,
but they can directly set the command line parameters to configure
the allow list accordingly.

There is no observable behavior change but this makes easier to compare
SecurityOrigin::IsSecure and SecurityOrigin::IsPotentiallyTrustworthy
with network::IsURLPotentiallyTrustworthy, to facilitate unification of
all these APIs.

Bug: 1153336
Change-Id: I2df13abbdf697ec78136a16373b0b9fc6372bf88
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2612947
Reviewed-by: Mike West <mkwst@chromium.org>
Reviewed-by: Sean Topping <seantopping@chromium.org>
Commit-Queue: Frédéric Wang <fwang@igalia.com>
Cr-Commit-Position: refs/heads/master@{#844000}
12 files changed
tree: 98835f1882bd079f46359de2e4a7c222ab4aed11
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. cloud_print/
  13. codelabs/
  14. components/
  15. content/
  16. courgette/
  17. crypto/
  18. dbus/
  19. device/
  20. docs/
  21. extensions/
  22. fuchsia/
  23. gin/
  24. google_apis/
  25. google_update/
  26. gpu/
  27. headless/
  28. infra/
  29. ios/
  30. ipc/
  31. jingle/
  32. media/
  33. mojo/
  34. native_client_sdk/
  35. net/
  36. pdf/
  37. ppapi/
  38. printing/
  39. remoting/
  40. rlz/
  41. sandbox/
  42. services/
  43. skia/
  44. sql/
  45. storage/
  46. styleguide/
  47. testing/
  48. third_party/
  49. tools/
  50. ui/
  51. url/
  52. weblayer/
  53. .clang-format
  54. .clang-tidy
  55. .eslintrc.js
  56. .git-blame-ignore-revs
  57. .gitattributes
  58. .gitignore
  59. .gn
  60. .vpython
  61. .vpython3
  62. .yapfignore
  63. AUTHORS
  64. BUILD.gn
  65. CODE_OF_CONDUCT.md
  66. codereview.settings
  67. DEPS
  68. DIR_METADATA
  69. ENG_REVIEW_OWNERS
  70. LICENSE
  71. LICENSE.chromium_os
  72. OWNERS
  73. PRESUBMIT.py
  74. PRESUBMIT_test.py
  75. PRESUBMIT_test_mocks.py
  76. README.md
  77. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

To check out the source code locally, don't use git clone! Instead, follow the instructions on how to get the code.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .

For historical reasons, there are some small top level directories. Now the guidance is that new top level directories are for product (e.g. Chrome, Android WebView, Ash). Even if these products have multiple executables, the code should be in subdirectories of the product.