-
Titouan Rigoudy authored
For subresource URL requests, the renderer URLLoader uses its factory's parameters to determine the client security state of the request initiator. Navigations however use a central URLLoaderFactory in the browser process. This change introduces a new trusted parameter in ResourceRequest specifying the client security state applying to the current request, if not was set in the factory parameters. Regarding //services/network and BUILD.gn changes in particular: A lot of these changes stem from the introduction of ClientSecurityState as a new dependency of url_loader.mojom and URLRequest's typemap, ResourceRequest. This breaks the existing layering scheme: mojom:url_loader_base -> cpp:cpp_base Because suddenly cpp:cpp_base must depend on mojom:url_loader_base for client_security_state.mojom.h. We break the cycle by extracting the dependency of mojom:url_loader_base from cpp:cpp_base into its own build target: cpp:cpp_base -> mojom:url_loader_base -> cpp:cross_origin_embedder_policy Bug: chromium:1124346 Change-Id: Ie42d604b628a147a3963df0b20cc88b8b61bf98b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2401523 Commit-Queue: Titouan Rigoudy <titouan@chromium.org> Auto-Submit: Titouan Rigoudy <titouan@chromium.org> Reviewed-by:Mike West <mkwst@chromium.org> Reviewed-by:
Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by:
Matt Menke <mmenke@chromium.org> Cr-Commit-Position: refs/heads/master@{#811256}
97d9fd6f
