-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Revert "Fenced frames: Disallow URLs with potentially dangling markup"
This reverts commit fe04c0639254e5d021da539d321f2e3a64a0085c. Reason for revert: Suspecting that this CL caused https://crbug.com/1337025 Original change's description: > Fenced frames: Disallow URLs with potentially dangling markup > > There is an old Fetch Standard PR up for review that blocks resource > requests whose URL contains potentially dangling markup [1]. This is > for security purposes, see [2] and [3]. While non-standard yet, Chromium > has shipped this behavior, and we intend to do the same for fenced > frames. This CL implements potentially dangling markup > restrictions on all embedder-provided URLs for fenced frame > navigations. > > When a URL with dangling markup is passed to SharedStorage's `selectURL()` method, it is parsed and partially sanitized, therefore the resulting urn:uuid can be successfully navigated to. When crbug.com/1318970 is fixed, SharedStorage will reject these URLs as inputs. > > [1]: whatwg/fetch#519 > [2]: https://bugs.chromium.org/p/chromium/issues/detail?id=1039885 > [3]: https://bugs.chromium.org/p/chromium/issues/detail?id=1301333 > > Bug: 1301333, 1318970 > Change-Id: I1ada9de23b05795499408988529fa3a49486aea3 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3702854 > Reviewed-by: Garrett Tanzer <gtanzer@chromium.org> > Reviewed-by: Alex Moshchuk <alexmos@chromium.org> > Commit-Queue: Dominic Farolino <dom@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1014928} Bug: 1301333, 1318970 Change-Id: If4884825408c38882f439d8c5e47ba0271dc67a1 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3710059 Owners-Override: Łukasz Anforowicz <lukasza@chromium.org> Reviewed-by: Sebastien Lalancette <seblalancette@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Łukasz Anforowicz <lukasza@chromium.org> Reviewed-by: Łukasz Anforowicz <lukasza@chromium.org> Commit-Queue: Sebastien Lalancette <seblalancette@chromium.org> Cr-Commit-Position: refs/heads/main@{#1015011} NOKEYCHECK=True GitOrigin-RevId: 245696bb639221c56332cdea83bd961c99330183
- Loading branch information
1 parent
a6ae8b2
commit 94ed574
Showing
6 changed files
with
7 additions
and
138 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
42 changes: 0 additions & 42 deletions
42
...l/fenced-frame-mparch/wpt_internal/fenced_frame/disallowed-navigations.https-expected.txt
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 0 additions & 7 deletions
7
blink/web_tests/wpt_internal/fenced_frame/resources/report-url.html
This file was deleted.
Oops, something went wrong.
1 change: 0 additions & 1 deletion
1
blink/web_tests/wpt_internal/fenced_frame/resources/report-url.html.headers
This file was deleted.
Oops, something went wrong.