Bug 85574

Summary: Treat drive: schema as unique origin schema
Product: WebKit Reporter: Zelidrag Hornung <zelidrag>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WONTFIX    
Severity: Normal CC: abarth, jschuh
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Other   
OS: Other   
Attachments:
Description Flags
Added chromium drive: schema to the list of unique origin schemas. abarth: review-

Zelidrag Hornung
Reported 2012-05-03 20:22:06 PDT
Google Drive assets on ChromeOS are exposed via drive://... schema. We need to treat these URLs as unique origin in order to prevent all XHR requests within this schema.
Attachments
Added chromium drive: schema to the list of unique origin schemas. (1.20 KB, patch)
2012-05-03 20:31 PDT, Zelidrag Hornung 		abarth: review-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Zelidrag Hornung
Comment 1 2012-05-03 20:31:24 PDT
Created attachment 140152 [details] Added chromium drive: schema to the list of unique origin schemas.
Adam Barth
Comment 2 2012-05-03 20:52:30 PDT
Comment on attachment 140152 [details] Added chromium drive: schema to the list of unique origin schemas. There is a WebKit API for adding schemes to this list. You should add the scheme from the Chromium side.
Adam Barth
Comment 3 2012-05-03 20:53:51 PDT
http://trac.webkit.org/browser/trunk/Source/WebKit/chromium/public/WebSecurityPolicy.h#L49 If you grep the Chromium side, you'll see where we register these sorts of schemes.
Zelidrag Hornung
Comment 4 2012-05-03 21:53:24 PDT
found chromium code pointed out by Adam, moving the registration there
Note You need to log in before you can comment on or make changes to this bug.