Make the android-app:// scheme hierarchical

This CL marks (on Android) the android-app scheme as hierarchical ("standard") in order for them to not get butchered by "truncate to origin" referrer policies, such as the new default policy (currently in the process of rolling out; crbug.com/1014207) of strict-origin-when-cross-origin. URLs of the android-app scheme are of the form android-app://my.package.name/some/more/information; because they're not "standard" (GURL) / "hierarchical" (KURL), when you take their origin you get an opaque origin; because they're cross-origin with everything else, a policy of "truncate to origin on cross-origin requests" (which is the new default) ends up zeroing these referrers out, which might not be what we want. Marking the scheme as standard means that you can meaningfully take the origin (usually yielding the package name), which gives the behavior we want. Bug: 1046384 Change-Id: Ib5b80b197964ba2f0623699c0e33e945c20a0ba2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2024691Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Peter Conn <peconn@chromium.org> Commit-Queue: David Van Cleve <davidvc@chromium.org> Cr-Commit-Position: refs/heads/master@{#737337}

Make the android-app:// scheme hierarchical
This CL marks (on Android) the android-app scheme as hierarchical ("standard") in order for them to not get butchered by "truncate to origin" referrer policies, such as the new default policy (currently in the process of rolling out; crbug.com/1014207) of strict-origin-when-cross-origin. URLs of the android-app scheme are of the form android-app://my.package.name/some/more/information; because they're not "standard" (GURL) / "hierarchical" (KURL), when you take their origin you get an opaque origin; because they're cross-origin with everything else, a policy of "truncate to origin on cross-origin requests" (which is the new default) ends up zeroing these referrers out, which might not be what we want. Marking the scheme as standard means that you can meaningfully take the origin (usually yielding the package name), which gives the behavior we want. Bug: 1046384 Change-Id: Ib5b80b197964ba2f0623699c0e33e945c20a0ba2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2024691Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Peter Conn <peconn@chromium.org> Commit-Queue: David Van Cleve <davidvc@chromium.org> Cr-Commit-Position: refs/heads/master@{#737337}
b2996bd3 · David Van Cleve · Commit Bot · 06429d8b · b2996bd3 · b2996bd3
Commit b2996bd3 authored Jan 31, 2020 by David Van Cleve Committed by Commit Bot Jan 31, 2020
2 changed files
--- a/chrome/android/javatests/src/org/chromium/chrome/browser/TabsOpenedFromExternalAppTest.java
+++ b/chrome/android/javatests/src/org/chromium/chrome/browser/TabsOpenedFromExternalAppTest.java
@@ -67,7 +67,7 @@ public class TabsOpenedFromExternalAppTest {
    private static final String EXTERNAL_APP_1_ID = "app1";
    private static final String EXTERNAL_APP_2_ID = "app2";
-    private static final String ANDROID_APP_REFERRER = "android-app://com.my.great.great.app";
+    private static final String ANDROID_APP_REFERRER = "android-app://com.my.great.great.app/";
    private static final String HTTPS_REFERRER = "https://chromium.org/";
    private static final String HTTPS_REFERRER_WITH_PATH = "https://chromium.org/path1/path2";

--- a/chrome/common/chrome_content_client.cc
+++ b/chrome/common/chrome_content_client.cc
@@ -706,10 +706,11 @@ void ChromeContentClient::AddContentDecryptionModules(
 // Example standard schemes: https://, chrome-extension://, chrome://, file://
 // Example nonstandard schemes: mailto:, data:, javascript:, about:
 static const char* const kChromeStandardURLSchemes[] = {
-    extensions::kExtensionScheme,
+    extensions::kExtensionScheme, chrome::kChromeNativeScheme,
-    chrome::kChromeNativeScheme,
+    chrome::kChromeSearchScheme,  dom_distiller::kDomDistillerScheme,
-    chrome::kChromeSearchScheme,
+#if defined(OS_ANDROID)
-    dom_distiller::kDomDistillerScheme,
+    chrome::kAndroidAppScheme,
+#endif
 #if defined(OS_CHROMEOS)
    chrome::kCrosScheme,
 #endif