Skip to content

GitLab

T
tangled
Commit 18d4ec4b authored by Mike West's avatar Mike West Committed by Commit Bot
Browse files
Options

`Sec-Metadata`: `cause` is navigation-only. 

This patch removes the `cause` member from `Sec-Metadata` headers
generated for non-navigation requests.

Spec: https://mikewest.github.io/sec-metadata/#cause-member

Bug: 843478
Change-Id: I1cc35909ecdccd7ac0f4ab440be899acf67a0181
Reviewed-on: https://chromium-review.googlesource.com/1100820Reviewed-by: default avatarDaniel Vogelheim <vogelheim@chromium.org>
Commit-Queue: Mike West <mkwst@chromium.org>
Cr-Commit-Position: refs/heads/master@{#567571}
parent 5d200e5b
Show whitespace changes
Inline Side-by-side
Showing with 12 additions and 13 deletions
third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/fetch.tentative.https.sub.html
View file @ 18d4ec4b
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
.then(r => r.json()) .then(r => r.json())
.then(j => { .then(j => {
assert_header_equals(j.header, { assert_header_equals(j.header, {
"cause": "forced", "cause": undefined,
"destination": "\"\"", "destination": "\"\"",
"target": "subresource", "target": "subresource",
"site": "same-origin" "site": "same-origin"
...@@ -21,7 +21,7 @@ ...@@ -21,7 +21,7 @@
.then(r => r.json()) .then(r => r.json())
.then(j => { .then(j => {
assert_header_equals(j.header, { assert_header_equals(j.header, {
"cause": "forced", "cause": undefined,
"destination": "\"\"", "destination": "\"\"",
"target": "subresource", "target": "subresource",
"site": "same-site" "site": "same-site"
...@@ -34,7 +34,7 @@ ...@@ -34,7 +34,7 @@
.then(r => r.json()) .then(r => r.json())
.then(j => { .then(j => {
assert_header_equals(j.header, { assert_header_equals(j.header, {
"cause": "forced", "cause": undefined,
"destination": "\"\"", "destination": "\"\"",
"target": "subresource", "target": "subresource",
"site": "cross-site" "site": "cross-site"
......
third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/img.tentative.https.sub.html
View file @ 18d4ec4b
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
"https://{{host}}:{{ports[https][0]}}/referrer-policy/generic/subresource/image.py", "https://{{host}}:{{ports[https][0]}}/referrer-policy/generic/subresource/image.py",
t.step_func_done(img => { t.step_func_done(img => {
assert_header_equals(decodeImageData(extractImageData(img)).headers["sec-metadata"], { assert_header_equals(decodeImageData(extractImageData(img)).headers["sec-metadata"], {
"cause": "forced", "cause": undefined,
"destination": "image", "destination": "image",
"target": "subresource", "target": "subresource",
"site": "same-origin" "site": "same-origin"
...@@ -27,7 +27,7 @@ ...@@ -27,7 +27,7 @@
"https://{{hosts[][www]}}:{{ports[https][0]}}/referrer-policy/generic/subresource/image.py", "https://{{hosts[][www]}}:{{ports[https][0]}}/referrer-policy/generic/subresource/image.py",
t.step_func_done(img => { t.step_func_done(img => {
assert_header_equals(decodeImageData(extractImageData(img)).headers["sec-metadata"], { assert_header_equals(decodeImageData(extractImageData(img)).headers["sec-metadata"], {
"cause": "forced", "cause": undefined,
"destination": "image", "destination": "image",
"target": "subresource", "target": "subresource",
"site": "same-site" "site": "same-site"
...@@ -42,7 +42,7 @@ ...@@ -42,7 +42,7 @@
"https://{{hosts[alt][www]}}:{{ports[https][0]}}/referrer-policy/generic/subresource/image.py", "https://{{hosts[alt][www]}}:{{ports[https][0]}}/referrer-policy/generic/subresource/image.py",
t.step_func_done(img => { t.step_func_done(img => {
assert_header_equals(decodeImageData(extractImageData(img)).headers["sec-metadata"], { assert_header_equals(decodeImageData(extractImageData(img)).headers["sec-metadata"], {
"cause": "forced", "cause": undefined,
"destination": "image", "destination": "image",
"target": "subresource", "target": "subresource",
"site": "cross-site" "site": "cross-site"
......
third_party/WebKit/LayoutTests/external/wpt/fetch/sec-metadata/script.tentative.https.sub.html
View file @ 18d4ec4b
...@@ -10,7 +10,7 @@ ...@@ -10,7 +10,7 @@
t.add_cleanup(_ => header = null); t.add_cleanup(_ => header = null);
assert_header_equals(header, { assert_header_equals(header, {
"cause": "forced", "cause": undefined,
"destination": "script", "destination": "script",
"target": "subresource", "target": "subresource",
"site": "same-origin" "site": "same-origin"
...@@ -25,7 +25,7 @@ ...@@ -25,7 +25,7 @@
t.add_cleanup(_ => header = null); t.add_cleanup(_ => header = null);
assert_header_equals(header, { assert_header_equals(header, {
"cause": "forced", "cause": undefined,
"destination": "script", "destination": "script",
"target": "subresource", "target": "subresource",
"site": "same-site" "site": "same-site"
...@@ -40,7 +40,7 @@ ...@@ -40,7 +40,7 @@
t.add_cleanup(_ => header = null); t.add_cleanup(_ => header = null);
assert_header_equals(header, { assert_header_equals(header, {
"cause": "forced", "cause": undefined,
"destination": "script", "destination": "script",
"target": "subresource", "target": "subresource",
"site": "cross-site" "site": "cross-site"
......
third_party/blink/renderer/core/loader/base_fetch_context.cc
View file @ 18d4ec4b
...@@ -131,9 +131,8 @@ void BaseFetchContext::AddAdditionalRequestHeaders(ResourceRequest& request, ...@@ -131,9 +131,8 @@ void BaseFetchContext::AddAdditionalRequestHeaders(ResourceRequest& request,
} }
} }
String value = String::Format( String value =
"cause=%s, destination=%s, target=subresource, site=%s", String::Format("destination=%s, target=subresource, site=%s",
request.HasUserGesture() ? "user-activation" : "forced",
destination_value, site_value); destination_value, site_value);
request.AddHTTPHeaderField("Sec-Metadata", AtomicString(value)); request.AddHTTPHeaderField("Sec-Metadata", AtomicString(value));
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment