Google Git
Sign in
chromium / chromium / src / fe04c0639254e5d021da539d321f2e3a64a0085c
commitfe04c0639254e5d021da539d321f2e3a64a0085c[log] [tgz]
authorDominic Farolino <dom@chromium.org>Thu Jun 16 15:54:39 2022
committerChromium LUCI CQ <chromium-scoped@luci-project-accounts.iam.gserviceaccount.com>Thu Jun 16 15:54:39 2022
treeb255db17d17e9472a52903bd4d4d5dda65b08f56
parent8a7dc0cd8c1cf73e0c361b7d5e777e7972a23f98 [diff]
Fenced frames: Disallow URLs with potentially dangling markup

There is an old Fetch Standard PR up for review that blocks resource
requests whose URL contains potentially dangling markup [1]. This is
for security purposes, see [2] and [3]. While non-standard yet, Chromium
has shipped this behavior, and we intend to do the same for fenced
frames. This CL implements potentially dangling markup
restrictions on all embedder-provided URLs for fenced frame
navigations.

When a URL with dangling markup is passed to SharedStorage's `selectURL()` method, it is parsed and partially sanitized, therefore the resulting urn:uuid can be successfully navigated to. When crbug.com/1318970 is fixed, SharedStorage will reject these URLs as inputs.

[1]: https://github.com/whatwg/fetch/pull/519
[2]: https://bugs.chromium.org/p/chromium/issues/detail?id=1039885
[3]: https://bugs.chromium.org/p/chromium/issues/detail?id=1301333

Bug: 1301333, 1318970
Change-Id: I1ada9de23b05795499408988529fa3a49486aea3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3702854
Reviewed-by: Garrett Tanzer <gtanzer@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Dominic Farolino <dom@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1014928}
7 files changed
tree: b255db17d17e9472a52903bd4d4d5dda65b08f56
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. build/
  6. build_overrides/
  7. buildtools/
  8. cc/
  9. chrome/
  10. chromecast/
  11. chromeos/
  12. codelabs/
  13. components/
  14. content/
  15. courgette/
  16. crypto/
  17. dbus/
  18. device/
  19. docs/
  20. extensions/
  21. fuchsia/
  22. fuchsia_web/
  23. gin/
  24. google_apis/
  25. google_update/
  26. gpu/
  27. headless/
  28. infra/
  29. ios/
  30. ipc/
  31. media/
  32. mojo/
  33. native_client_sdk/
  34. net/
  35. pdf/
  36. ppapi/
  37. printing/
  38. remoting/
  39. rlz/
  40. sandbox/
  41. services/
  42. skia/
  43. sql/
  44. storage/
  45. styleguide/
  46. testing/
  47. third_party/
  48. tools/
  49. ui/
  50. url/
  51. weblayer/
  52. .clang-format
  53. .clang-tidy
  54. .eslintrc.js
  55. .git-blame-ignore-revs
  56. .gitattributes
  57. .gitignore
  58. .gn
  59. .mailmap
  60. .rustfmt.toml
  61. .vpython
  62. .vpython3
  63. .yapfignore
  64. AUTHORS
  65. BUILD.gn
  66. CODE_OF_CONDUCT.md
  67. codereview.settings
  68. DEPS
  69. DIR_METADATA
  70. ENG_REVIEW_OWNERS
  71. LICENSE
  72. LICENSE.chromium_os
  73. OWNERS
  74. PRESUBMIT.py
  75. PRESUBMIT_test.py
  76. PRESUBMIT_test_mocks.py
  77. README.md
  78. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

To check out the source code locally, don't use git clone! Instead, follow the instructions on how to get the code.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .

For historical reasons, there are some small top level directories. Now the guidance is that new top level directories are for product (e.g. Chrome, Android WebView, Ash). Even if these products have multiple executables, the code should be in subdirectories of the product.

If you found a bug, please file it at https://crbug.com/new.