Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Prerender: Allow prerendering pages to create blob URL
Previously, prerendering pages cannot create blob URLs, as this API uses a sync IPC to communicate, and we would cancel prerendering by default in this case to ensure prerendering is safe. After auditing it (see reasoning), we think creating an object URL seems safe, and we can grant it during prerendering. Reasoning: - The blob url should be same-origin as the prerendering origin, so we do not touch other origins. - The security concerns should be addressed by this API. https://w3c.github.io/FileAPI/#security-discussion Bug: 1406125 Change-Id: I3c94e45fe59adb7227a71a702a4793ee8281b395 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4583910 Commit-Queue: Lingqi Chi <lingqi@chromium.org> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org> Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Cr-Commit-Position: refs/heads/main@{#1152423}
- Loading branch information