-
Nick Carter authored
Create opaque SecurityOrigins for nonstandard schemes, unless they are local. Allow creation of url::Origins for local, nonstandard schemes. The root problem here was inconsistency between url::Origin and SecurityOrigin -- url::SchemeHostPort (and thus url::Origin) rejects anything with a nonstandard protocol, but SecurityOrigin::Create(KURL) would allow this creation to proceed as a tuple origin ("protocol", "", 0). The allowance of local+nonstandard schemes seems to be necessary, at least temporarily, to avoid breaking the Android-only "content:" scheme, and the ChromeOS-only "externalfile:" scheme. Other nonstandard schemes shouldn't generally commit, but this does seem to be possible via LoadDataWithBaseUrl; for example in the test "NavigationControllerBrowserTest.CrossDomainResourceRequestLoadDataWithBaseUrl" BUG=862282 Change-Id: I351a067521cd846d2c77cca2498e58580613b4e2 Reviewed-on: https://chromium-review.googlesource.com/1208811 Commit-Queue: Nick Carter <nick@chromium.org> Reviewed-by:Lei Zhang <thestig@chromium.org> Reviewed-by:
Daniel Cheng <dcheng@chromium.org> Reviewed-by:
Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#589671}
8aa718ed
