Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Augment COEP violation report #5848

Merged
merged 2 commits into from
Aug 21, 2020
Merged

Augment COEP violation report #5848

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ff00128
Augment COEP violation report
yutakahirano Aug 20, 2020
b3be65d
fix
yutakahirano Aug 21, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 17 additions & 10 deletions source
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80643,7 +80643,7 @@ interface <dfn>BarProp</dfn> {
data-x="coep-unsafe-none">unsafe-none</code>", then <span>queue a cross-origin embedder policy
inheritance violation</span> with <var>response</var>, "<code data-x="">navigation</code>",
<var>parentPolicy</var>'s <span data-x="embedder-policy-report-only-reporting-endpoint">report
only reporting endpoint</span>, and <var>target</var>'s <span
only reporting endpoint</span>, "<code data-x="">reporting</code>", and <var>target</var>'s <span
data-x="bc-container-document">container document</span>'s <span>relevant settings
object</span>.</p></li>

Expand All @@ -80654,7 +80654,8 @@ interface <dfn>BarProp</dfn> {

<li><p><span>Queue a cross-origin embedder policy inheritance violation</span> with
<var>response</var>, "<code data-x="">navigation</code>", <var>parentPolicy</var>'s <span
data-x="embedder-policy-reporting-endpoint">reporting endpoint</span>, and <var>target</var>'s
data-x="embedder-policy-reporting-endpoint">reporting endpoint</span>,
"<code data-x="">enforce</code>", and <var>target</var>'s
<span data-x="bc-container-document">container document</span>'s <span>relevant settings
object</span>.</p></li>

Expand Down Expand Up @@ -80682,7 +80683,7 @@ interface <dfn>BarProp</dfn> {
inheritance violation</span> with <var>response</var>, "<code data-x="">worker
initialization</code>", <var>owner's policy</var>'s <span
data-x="embedder-policy-report-only-reporting-endpoint">report only reporting endpoint</span>,
and <var>owner</var>.</p></li>
"<code data-x="">reporting</code>", and <var>owner</var>.</p></li>

<li><p>If <var>ownerPolicy</var>'s <span data-x="embedder-policy-value">value</span> is "<code
data-x="coep-unsafe-none">unsafe-none</code>" or <var>policy</var>'s <span
Expand All @@ -80691,15 +80692,16 @@ interface <dfn>BarProp</dfn> {

<li><p><span>Queue a cross-origin embedder policy inheritance violation</span> with
<var>response</var>, "<code data-x="">worker initialization</code>", <var>owner's policy</var>'s
<span data-x="embedder-policy-reporting-endpoint">reporting endpoint</span>, and
<var>owner</var>.</p></li>
<span data-x="embedder-policy-reporting-endpoint">reporting endpoint</span>,
"<code data-x="">enforce</code>", and <var>owner</var>.</p></li>

<li><p>Return false.</p></li>
</ol>

<p>To <dfn>queue a cross-origin embedder policy inheritance violation</dfn> given a <span
data-x="concept-response">response</span> <var>response</var>, a string <var>type</var>, a string
<var>endpoint</var>, and an <span>environment settings object</span> <var>settings</var>:</p>
<var>endpoint</var>, a string <var>disposition</var>, and an <span>environment settings
yutakahirano marked this conversation as resolved.
Show resolved Hide resolved
object</span> <var>settings</var>:</p>

<ol>
<li><p>Let <var>serialized</var> be the result of <span
Expand All @@ -80722,9 +80724,13 @@ interface <dfn>BarProp</dfn> {
<td><var>type</var></td>
</tr>
<tr>
<td>blocked-url</td>
<td>blockedURL</td>
<td><var>serialized</var></td>
</tr>
<tr>
<td>disposition</td>
<td><var>disposition</var></td>
</tr>
</tbody>
</table>
</li>
Expand Down Expand Up @@ -82860,7 +82866,7 @@ interface <dfn>Location</dfn> { // but see also <a href="#the-location-interface
flags</span> and <var>response</var>'s <span>forced sandboxing flag set</span>.</p></li>

<li><p>Set <var>responseOrigin</var> to the result of <span>determining the origin</span>
given <var>browsingContext</var>, <var>request's</var> <span
given <var>browsingContext</var>, <var>request</var>'s <span
data-x="concept-request-url">url</span>, <var>finalSandboxFlags</var>,
<var>incumbentNavigationOrigin</var>, and <var>activeDocumentNavigationOrigin</var>.</p></li>

Expand Down Expand Up @@ -82898,8 +82904,9 @@ interface <dfn>Location</dfn> { // but see also <a href="#the-location-interface
<span>cross-origin resource policy check</span> with <var>browsingContext</var>'s
<span data-x="bc-container-document">container document</span>'s <span>origin</span>,
<var>browsingContext</var>'s <span data-x="bc-container-document">container
document</span>'s <span>relevant settings object</span>, <var>response</var>, and true is
<b>blocked</b>, then set <var>response</var> to a <span>network error</span> and
document</span>'s <span>relevant settings object</span>, <var>request</var>'s <span
data-x="concept-request-destination">destination</span>, <var>response</var>, and true
is <b>blocked</b>, then set <var>response</var> to a <span>network error</span> and
<span>break</span>.</p>

<p class="note">Here we're running the <span>cross-origin resource policy check</span>
Expand Down