content/browser/webid/idp_network_request_manager.cc · af657e5d90d9a27b40d195c0e1d907d30123e772 · eriksson monteiro / tangled

[WebID] Improvements to the IDP network requests · af657e5d

Ken Buchanan authored Dec 09, 2020

This change:
- Appends a 'Sec-WebID' header to flag what kind of traffic this is to
the IDP and guard against CSRF.
- Restricts WebID to potentially trustworthy origins rather than URLs
- Fixes a crash in OnWellKnownLoaded

Bug: 1141125
Change-Id: I13d55c67ee79a8060f1947baec778350b4f5b872
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2579823
Commit-Queue: Ken Buchanan <kenrb@chromium.org>
Reviewed-by: Majid Valipour <majidvp@chromium.org>
Cr-Commit-Position: refs/heads/master@{#835051}

af657e5d

idp_network_request_manager.cc 11.4 KB

Replace idp_network_request_manager.cc