Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move core CORB logic into //services/network. #9635

Merged
merged 1 commit into from Mar 8, 2018

Conversation

Projects
None yet
4 participants
@chromium-wpt-export-bot
Copy link
Collaborator

chromium-wpt-export-bot commented Feb 22, 2018

This CL moves the core CORB logic (figuring out if a given response
should be CORB-protected based on 1) response metadata like initiator,
MIME type, CORS headers and 2) sniffing the first bytes of the response)
from //content/common into //services/network.

As part of the move, this CL makes some extra, opportunistic changes:

  • Renames the moved files (and the moved class) to match the name agreed
    upon in the explainer
    (s/CrossSiteDocumentClassifier/CrossOriginReadBlocking)
  • Also moves the explainer doc to //services/network
  • Tweaks the old CrossSiteDocumentMimeType enum so that
    • It is nested in CrossOriginReadBlocking::MimeType
    • The enum values have shorter names

In the long-term, the core CORB logic should only be needed within
services/network. In the short-term, this logic has the following
consumers:

  • content/browser/loader/cross_site_document_resource_handler.cc
    (integrates CORB into the old, pre-network-service,
    ResourceHandler-based world; this can go away after the network
    service ships)

  • content/renderer/loader/site_isolation_stats_gatherer.cc
    (gathers UMA that help decide what responses can be blocked
    by CORB with acceptably low risk of breaking existing websites;
    this can go away after CORB ships)

  • WIP(https://crbug.com/792546): services/network/url_loader.cc
    (this will integrate CORB into the new, network-service world).

Bug: 792546
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: Ib8fe412b1f807d23e41700b7f7090cd4b77c1783
Reviewed-on: https://chromium-review.googlesource.com/929446
Commit-Queue: Łukasz Anforowicz lukasza@chromium.org
Reviewed-by: John Abd-El-Malek jam@chromium.org
Reviewed-by: Nick Carter nick@chromium.org
Cr-Commit-Position: refs/heads/master@{#541661}

@wpt-pr-bot
Copy link
Collaborator

wpt-pr-bot left a comment

Already reviewed downstream.

@w3c-bots

This comment has been minimized.

Copy link

w3c-bots commented Feb 22, 2018

Build PASSED

Started: 2018-03-08 11:55:10
Finished: 2018-03-08 12:04:15

View more information about this build on:

@chromium-wpt-export-bot chromium-wpt-export-bot force-pushed the chromium-export-cl-929446 branch 4 times, most recently from fdba759 to b0a3d88 Feb 26, 2018

@chromium-wpt-export-bot chromium-wpt-export-bot force-pushed the chromium-export-cl-929446 branch from b0a3d88 to 325ed07 Mar 7, 2018

Move core CORB logic into //services/network.
This CL moves the core CORB logic (figuring out if a given response
should be CORB-protected based on 1) response metadata like initiator,
MIME type, CORS headers and 2) sniffing the first bytes of the response)
from //content/common into //services/network.

As part of the move, this CL makes some extra, opportunistic changes:
- Renames the moved files (and the moved class) to match the name agreed
  upon in the explainer
  (s/CrossSiteDocumentClassifier/CrossOriginReadBlocking)
- Also moves the explainer doc to //services/network
- Tweaks the old CrossSiteDocumentMimeType enum so that
  - It is nested in CrossOriginReadBlocking::MimeType
  - The enum values have shorter names

In the long-term, the core CORB logic should only be needed within
services/network.  In the short-term, this logic has the following
consumers:

- content/browser/loader/cross_site_document_resource_handler.cc
  (integrates CORB into the old, pre-network-service,
  ResourceHandler-based world;  this can go away after the network
  service ships)

- content/renderer/loader/site_isolation_stats_gatherer.cc
  (gathers UMA that help decide what responses can be blocked
  by CORB with acceptably low risk of breaking existing websites;
  this can go away after CORB ships)

- WIP(https://crbug.com/792546): services/network/url_loader.cc
  (this will integrate CORB into the new, network-service world).

Bug: 792546
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: Ib8fe412b1f807d23e41700b7f7090cd4b77c1783
Reviewed-on: https://chromium-review.googlesource.com/929446
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Nick Carter <nick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#541661}

@chromium-wpt-export-bot chromium-wpt-export-bot force-pushed the chromium-export-cl-929446 branch from 325ed07 to a971afa Mar 8, 2018

@chromium-wpt-export-bot chromium-wpt-export-bot merged commit 6cd55d2 into master Mar 8, 2018

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

@chromium-wpt-export-bot chromium-wpt-export-bot deleted the chromium-export-cl-929446 branch Mar 8, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.