-
Emanuel Krivoy authored
At the moment NativeIO can only be used from origins that use HTTPS or are served locally, but all potentially trustworthy origins (especially Chrome extensions) should have access to it. Relying on this centrally managed definition also has the advantage that, as our view of trustworthiness changes, so does NativeIO's behavior. Also add a web platform test that confirms that NativeIO is not accessible from untrustworthy origins. Bug: 914488 Change-Id: I925a4bf39912c9747c006b1f80bc06a8ec606b23 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2353452 Commit-Queue: Emanuel Krivoy <krivoy@google.com> Reviewed-by:
Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#806167}
4f09781b
