The source could not be displayed because it is larger than 1 MB.
You can
load it anyway or download it
instead.
-
Daniel Rubery authored
Extensions can download and execute a pyo or pyd with no user gestures, allowing for remote code execution. By marking pyo and pyd as ALLOW_ON_USER_GESTURE and DANGEROUS, respectively, we prevent this behavior. Bug: 902234 Change-Id: I295cdd2906ebe779670afb55196cea7715dc88f4 Reviewed-on: https://chromium-review.googlesource.com/c/1324419 Commit-Queue: Daniel Rubery <drubery@chromium.org> Reviewed-by:
Nathan Parker <nparker@chromium.org> Cr-Commit-Position: refs/heads/master@{#606309}
c162a12d