fc7f9ff505
The policy->CanAccessDataForOrigin CHECK in NavigationRequest:: GetOriginForURLLoaderFactory was failing because unregistered schemes (which are already considered non-standard schemes) didn't trigger the registered non-standard scheme allowance that we previously added in ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin. This change modifies GetOriginForURLLoaderFactory to always return an opaque/unique origin for non-standard schemes resulting in unregistered and non-standard schemes receiving the same treatment. New test coverage has been added for this condition, and can be run with: ceftests --gtest_filter=CorsTest.*CustomUnregistered* |
||
---|---|---|
.. | ||
browser | ||
common | ||
features | ||
renderer | ||
resources |