commit | cc00fb0f6e0ebfd59f4fa3e62c21652b9ac515d8 | [log] [tgz] |
---|---|---|
author | Lukasz Anforowicz <lukasza@chromium.org> | Tue Mar 12 16:00:58 2019 |
committer | Commit Bot <commit-bot@chromium.org> | Tue Mar 12 16:00:58 2019 |
tree | a3506b4046e318de238c2222e12449bbbbab2df3 | |
parent | 818c7d0a70685554c35ade4767d52a74c1588de7 [diff] |
OOPIFs: Accept the URL-vs-origin differences in console messages. I've verified that without the test expectation, the following test http/tests/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture.html fails with a text-diff where the only difference is URL-vs-origin in the console message. Expected message (validated by the not-site-per-process virtual test suite): CONSOLE ERROR: line 8: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://127.0.0.1:8000/security/frameNavigation/xss-DENIED-top-navigation-without-user-gesture.html' from frame with URL 'http://localhost:8000/security/frameNavigation/resources/iframe-that-performs-top-navigation-without-user-gesture.html'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/features/5851021045661696. Actual message (in the default, site-per-process mode) is the same as above, except the first, cross-origin URL is replaced with just its origin (the second, same-origin URL is unchanged). Bug: 669083 Change-Id: I1db4ef7e816f63a8dc457d95cdcc50443171325a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1515473 Reviewed-by: Nasko Oskov <nasko@chromium.org> Commit-Queue: Ćukasz Anforowicz <lukasza@chromium.org> Cr-Commit-Position: refs/heads/master@{#639943}
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure .