Skip to content

GitLab

T
tangled
Switch branch/tag
Find file BlameHistoryPermalink
  • Raymes Khoury's avatar
    Revert "Allow webrtc requests to be made from about:blank URLs that are secure contexts" · 11a66767
    Raymes Khoury authored 
    This reverts commit 16d3c419.

Based on more discussion about this in https://bugs.chromium.org/p/chromium/issues/detail?id=742049 I've decided to revert the patch we landed here.

I'm going to let the behavior that we released in M60 stand, which is that mic/camera requests from about:blank origins will fail. The reasons being:
1) It's consistent with the behavior of other permissions
2) It's potentially confusing/misleading for a user granting permission because the origin displayed in the omnibox is "about:blank".

If the behavior is changed such that document.write triggers a navigation and the URL in omnibox is updated to reflect the origin, then it would be more acceptable to allow permission requests to occur.

Original change's description:
> Allow webrtc requests to be made from about:blank URLs that are secure contexts
> 
> https://codereview.chromium.org/2880503002 added checks to
> PermissionContextBase::GetPermissionStatus that ensured that the
> embedding origin was secure if the permission required a secure context.
> The problem is that in the case of about:blank URLs, the browser does
> not know if they are secure or not. They may be secure contexts (from
> the perspective of blink) if opened and modified by a secure context.
> 
> This change caused media permissions to stop working from about:blank
> URLs so it is removed. There are still renderer-side checks which ensure
> that the current context is secure before permitting media access. In
> the long term we should unify the browser/renderer-side secure context
> checks.
> 
> BUG=740540
> 
> Change-Id: Iff319f62284f9d22ca54706526b2747a73477e86
> Reviewed-on: https://chromium-review.googlesource.com/569544
> Reviewed-by: Timothy Loh <timloh@chromium.org>
> Commit-Queue: Raymes Khoury <raymes@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#486288}

TBR=raymes@chromium.org,timloh@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: 740540
Change-Id: I55be050873745910e282be420d4ac8030a2d141f
Reviewed-on: https://chromium-review.googlesource.com/572479Reviewed-by: default avatarRaymes Khoury <raymes@chromium.org>
Commit-Queue: Raymes Khoury <raymes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487325}
    11a66767
permission_context_base.cc 19.2 KB