diff options
| author | dsjang@chromium.org <dsjang@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-08-23 23:55:37 +0000 |
|---|---|---|
| committer | dsjang@chromium.org <dsjang@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-08-23 23:55:37 +0000 |
| commit | 15b5a54cb34d019f03a621c50757f89396139860 (patch) | |
| tree | f016cd5a0955620cf517b78de1bf543623ae60ec /content/public | |
| parent | 63a5a15d632771566fb2f5861e7cb26e5f2357fe (diff) | |
| download | chromium_src-15b5a54cb34d019f03a621c50757f89396139860.zip chromium_src-15b5a54cb34d019f03a621c50757f89396139860.tar.gz chromium_src-15b5a54cb34d019f03a621c50757f89396139860.tar.bz2 | |
UMA data collector for cross-site documents(XSD)
Intercept cross-site documents and apply a couple of blocking filters to measure how our cross-site document blocking policy affects the renderer behavior. This doesn't actually block anything, but just records UMA data about how these filters work. It does three things: 1) whitelists legitimate XSDs (responses with whitelisted mime types or with valid CORS headers) 2) applies an appropriate content sniffing algorithm depending on the mime type of the response, 3) if it is sniffed as a blocked document, reports its status code and the context (img, script, etc) where the request is originally issued to measure the compatibility impact of the blocking.
BUG=268640
Related Doc: https://docs.google.com/a/google.com/document/d/1nB3GruRqQmtA7OPZZAhWOsZDvfWpYpKQXE3cxGxTVfs/edit
Review URL: https://chromiumcodereview.appspot.com/22254005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@219383 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/public')
| -rw-r--r-- | content/public/common/content_switches.cc | 6 | ||||
| -rw-r--r-- | content/public/common/content_switches.h | 3 |
2 files changed, 8 insertions, 1 deletions
diff --git a/content/public/common/content_switches.cc b/content/public/common/content_switches.cc index 36f707f..51dfc72 100644 --- a/content/public/common/content_switches.cc +++ b/content/public/common/content_switches.cc @@ -41,6 +41,12 @@ const char kBlacklistAcceleratedCompositing[] = // Blacklist the GPU for WebGL. const char kBlacklistWebGL[] = "blacklist-webgl"; +// Block cross-site documents (i.e., HTML/XML/JSON) from being loaded in +// subresources when a document is not supposed to read them. This will later +// allow us to block them from the entire renderer process when site isolation +// is enabled. +const char kBlockCrossSiteDocuments[] = "block-cross-site-documents"; + // Causes the browser process to throw an assertion on startup. const char kBrowserAssertTest[] = "assert-test"; diff --git a/content/public/common/content_switches.h b/content/public/common/content_switches.h index f2a0829..7895e2e 100644 --- a/content/public/common/content_switches.h +++ b/content/public/common/content_switches.h @@ -23,6 +23,7 @@ extern const char kAuditAllHandles[]; extern const char kAuditHandles[]; CONTENT_EXPORT extern const char kBlacklistAcceleratedCompositing[]; CONTENT_EXPORT extern const char kBlacklistWebGL[]; +CONTENT_EXPORT extern const char kBlockCrossSiteDocuments[]; CONTENT_EXPORT extern const char kBrowserAssertTest[]; CONTENT_EXPORT extern const char kBrowserCrashTest[]; CONTENT_EXPORT extern const char kBrowserSubprocessPath[]; @@ -93,7 +94,7 @@ CONTENT_EXPORT extern const char kDisableThreadedCompositing[]; CONTENT_EXPORT extern const char kDisableThreadedHTMLParser[]; CONTENT_EXPORT extern const char kDisableWebAudio[]; extern const char kDisableWebKitMediaSource[]; -extern const char kDisableWebSecurity[]; +CONTENT_EXPORT extern const char kDisableWebSecurity[]; extern const char kDisableXSSAuditor[]; CONTENT_EXPORT extern const char kDomAutomationController[]; CONTENT_EXPORT extern const char kEnableAcceleratedFilters[]; |