Skip to content
Commit 94ae9d86 authored by Alex Moshchuk's avatar Alex Moshchuk Committed by Chromium LUCI CQ
Browse files

Remove opaque origin verification exception from NoStatePrefetch. 

NoStatePrefetchProcessorImpl::Start() validates the initiator_origin_
using ChildProcessSecurityPolicy::HostsOrigin(), but it currently only
does so if the initiator_origin_ is not opaque. HostsOrigin() can now
handle opaque origins correctly, including checking their precursor,
and can also enforce tighter rules for sandboxed frame processes. It
shouldn't be necessary to skip opaque checks at this point, so this CL
enables opaque origin checking behind a kill switch (shared among a few
other places that had similar opaque origin escape hatches).

Change-Id: I313cba26bd2a0d4928d4af14b867418777d5324f
Bug: 40109437, 325410297
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5588515


Reviewed-by: default avatarHiroki Nakagawa <nhiroki@chromium.org>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Reviewed-by: default avatarRakina Zata Amni <rakina@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1312930}
parent 57eeaf58
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment