Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: cherry-pick dbde8795233a from chromium #32210

merged 6 commits into from Jan 10, 2022


Copy link

@ppontes ppontes commented Dec 16, 2021

Prevent opaque range request responses from entering the preload cache

ResourceLoader cancels range request responses that were not initiated
with range request headers causing them to error out and be cleared from
the preload cache. Other responses (200, 416, error, etc) complete
successfully and would otherwise enter the preload cache, making them

This prevents opaque range responses of any kind from persisting in the
preload cache (which would not naturally have any anyway).

(cherry picked from commit a5f630e5f94da28a926d60da7dde194acd8697f0)

Bug: 1270990
Change-Id: Ife9922fe0b88e39722f3664ddd091a1516892157
Reviewed-by: Ben Kelly
Reviewed-by: Yoav Weiss
Commit-Queue: Patrick Meenan
Cr-Original-Commit-Position: refs/heads/main@{#946055}
Auto-Submit: Patrick Meenan
Bot-Commit: Rubber Stamper
Cr-Commit-Position: refs/branch-heads/4664@{#1222}
Cr-Branched-From: 24dc4ee75e01a29d390d43c9c264372a169273a7-refs/heads/main@{#929512}

Notes: Backported fix for CVE-2021-4059.

@ppontes ppontes requested a review from as a code owner Dec 16, 2021
@ppontes ppontes added 15-x-y backport-check-skip semver/patch labels Dec 16, 2021
@electron-cation electron-cation bot added new-pr 🌱 and removed new-pr 🌱 labels Dec 16, 2021
@ppontes ppontes force-pushed the cherry-pick/15-x-y/chromium/dbde8795233a branch from 41b9771 to 913fe84 Compare Dec 20, 2021
Copy link

@codebytere codebytere commented Jan 10, 2022

Unrelated Appveyor failure - merging

@codebytere codebytere merged commit d136430 into 15-x-y Jan 10, 2022
14 of 15 checks passed
@codebytere codebytere deleted the cherry-pick/15-x-y/chromium/dbde8795233a branch Jan 10, 2022
Copy link

@release-clerk release-clerk bot commented Jan 10, 2022

Release Notes Persisted

Backported fix for CVE-2021-4059.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
15-x-y backport-check-skip security 🔒 semver/patch
None yet

Successfully merging this pull request may close these issues.

None yet

4 participants