Google Git
Sign in
chromium / chromium / src / af855dc85932a14378771b13363d01c10ba1e5b1
commitaf855dc85932a14378771b13363d01c10ba1e5b1[log] [tgz]
authorChristopher Thompson <cthomp@chromium.org>Wed Aug 01 16:43:12 2018
committerCommit Bot <commit-bot@chromium.org>Wed Aug 01 16:43:12 2018
treef233b73bd85334c1f60552bc02a5130d8d82ab50
parent521a221d210d903618f7168b4c41c380673c0980 [diff]
Fix for UnsafelyTreatInsecureOriginAsSecure policy in browser UI

This CL updates secure_origin_whitelist::GetWhitelist() to delegate
parsing the set of whitelisted sites to a new function, ParseWhitelist,
which takes in a string and returns the parsed vector of strings. This
allows callers in the browser process to explicitly parse a whitelist
from either prefs or command-line switches. This allows
SecurityStateTabHelper to have its own custom IsOriginSecureWithWhitelist
function to which it can bind an explicitly passed whitelist of origins,
rather than just using content::IsOriginSecure as the callback to
security_state functions. content::IsOriginSecure uses GetWhitelist()
which only loads the whitelist from command-line flags, which are only
correctly set for renderer processes. The custom callback for
SecurityStateTabHelper allows it to also check prefs for the whitelist,
which is how the enterprise policy is accessible in the browser process
(where security indicator UI logic occurs).

This can cause the pref and the switch to be two different sources of
truth for the origin whitelist, however this simpler fix will be easier
to backport. This fix favors the switch over the pref if both are set,
allowing developers to still set temporary overrides while maintaining
the policy behavior for general users. More general fixes may involve
changing how the whitelist propagates between parts of Chrome
(including in content and blink).

Bug: 869422
Change-Id: I93b46d66844af8cee00d919537ce66fc2c56cd46
Reviewed-on: https://chromium-review.googlesource.com/1157029
Reviewed-by: Avi Drissman <avi@chromium.org>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Commit-Queue: Christopher Thompson <cthomp@chromium.org>
Cr-Commit-Position: refs/heads/master@{#579835}
5 files changed
tree: f233b73bd85334c1f60552bc02a5130d8d82ab50
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. blink/
  6. build/
  7. build_overrides/
  8. cc/
  9. chrome/
  10. chrome_elf/
  11. chromecast/
  12. chromeos/
  13. cloud_print/
  14. components/
  15. content/
  16. courgette/
  17. crypto/
  18. dbus/
  19. device/
  20. docs/
  21. extensions/
  22. gin/
  23. google_apis/
  24. google_update/
  25. gpu/
  26. headless/
  27. infra/
  28. ios/
  29. ipc/
  30. jingle/
  31. mash/
  32. media/
  33. mojo/
  34. native_client_sdk/
  35. net/
  36. pdf/
  37. ppapi/
  38. printing/
  39. remoting/
  40. rlz/
  41. sandbox/
  42. services/
  43. skia/
  44. sql/
  45. storage/
  46. styleguide/
  47. testing/
  48. third_party/
  49. tools/
  50. ui/
  51. url/
  52. webrunner/
  53. .clang-format
  54. .eslintrc.js
  55. .git-blame-ignore-revs
  56. .gitattributes
  57. .gitignore
  58. .gn
  59. .vpython
  60. AUTHORS
  61. BUILD.gn
  62. CODE_OF_CONDUCT.md
  63. codereview.settings
  64. DEPS
  65. ENG_REVIEW_OWNERS
  66. LICENSE
  67. LICENSE.chromium_os
  68. OWNERS
  69. PRESUBMIT.py
  70. PRESUBMIT_test.py
  71. PRESUBMIT_test_mocks.py
  72. README.md
  73. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .