Plumb network_restrictions_id through CreateWebSocket [chromium/src : main]

0 views
Skip to first unread message

Tianyi Hu (Gerrit)

unread,
Mar 13, 2026, 11:36:50 AM (10 days ago) Mar 13
to Andrew Verge, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Hiroki Nakagawa, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
Attention needed from Andrew Verge

Tianyi Hu added 1 comment

Patchset-level comments
File-level comment, Patchset 2 (Latest):
Tianyi Hu . resolved

CQ passes, feel free to take a look when you have time. Thanks!

Open in Gerrit

Related details

Attention is currently required from:
  • Andrew Verge
Submit Requirements:
  • requirement satisfiedCode-Coverage
  • requirement is not satisfiedCode-Owners
  • requirement is not satisfiedCode-Review
  • requirement is not satisfiedReview-Enforcement
Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
Gerrit-MessageType: comment
Gerrit-Project: chromium/src
Gerrit-Branch: main
Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
Gerrit-Change-Number: 7656843
Gerrit-PatchSet: 2
Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
Gerrit-CC: Heron Yang <hero...@google.com>
Gerrit-CC: Hiroki Nakagawa <nhi...@chromium.org>
Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
Gerrit-Attention: Andrew Verge <ave...@chromium.org>
Gerrit-Comment-Date: Fri, 13 Mar 2026 15:36:21 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
satisfied_requirement
unsatisfied_requirement
open
diffy

Andrew Verge (Gerrit)

unread,
Mar 16, 2026, 10:59:27 AM (7 days ago) Mar 16
to Tianyi Hu, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Hiroki Nakagawa, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org

Andrew Verge added 1 comment

File services/network/websocket_factory.cc
Line 136, Patchset 2 (Latest): // Convert ws(s):// to http(s):// for allowlist matching, since the allowlist
// patterns use HTTP schemes.
Andrew Verge . unresolved

I don't think this is strictly true. We do append HTTPS scheme in situations like DNS where there's no relevant scheme available, but it's probably fine to just leave the ws(s):// scheme as is here. mk...@chromium.org what do you think?

Open in Gerrit

Related details

Attention set is empty
Submit Requirements:
    • requirement satisfiedCode-Coverage
    • requirement is not satisfiedCode-Owners
    • requirement is not satisfiedCode-Review
    • requirement is not satisfiedNo-Unresolved-Comments
    • requirement is not satisfiedReview-Enforcement
    Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
    Gerrit-MessageType: comment
    Gerrit-Project: chromium/src
    Gerrit-Branch: main
    Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
    Gerrit-Change-Number: 7656843
    Gerrit-PatchSet: 2
    Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
    Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
    Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
    Gerrit-CC: Heron Yang <hero...@google.com>
    Gerrit-CC: Hiroki Nakagawa <nhi...@chromium.org>
    Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
    Gerrit-CC: Mike West <mk...@chromium.org>
    Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
    Gerrit-Comment-Date: Mon, 16 Mar 2026 14:59:21 +0000
    Gerrit-HasComments: Yes
    Gerrit-Has-Labels: No
    satisfied_requirement
    unsatisfied_requirement
    open
    diffy

    Andrew Verge (Gerrit)

    unread,
    Mar 16, 2026, 12:15:25 PM (7 days ago) Mar 16
    to Tianyi Hu, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Hiroki Nakagawa, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
    Attention needed from Tianyi Hu

    Andrew Verge added 2 comments

    Patchset-level comments
    Andrew Verge . resolved

    This looks great, thanks! We just need to determine if mapping ws(s) to http(s) is actually necessary or not. Once that's resolved, I can add OWNERS for the relevant directories to take another look.

    File services/network/websocket_factory.cc
    Line 136, Patchset 2 (Latest): // Convert ws(s):// to http(s):// for allowlist matching, since the allowlist
    // patterns use HTTP schemes.
    Andrew Verge . unresolved

    I don't think this is strictly true. We do append HTTPS scheme in situations like DNS where there's no relevant scheme available, but it's probably fine to just leave the ws(s):// scheme as is here. mk...@chromium.org what do you think?

    Andrew Verge

    I see there are other parts of the code that convert WebSocket schemes to HTTP for origin checks, so there's precedent for doing this (see line 151 below, even). But I'm also inclined to leave the URL as-is to avoid confusion for developers who are setting WebSocket URLs in the header.

    Open in Gerrit

    Related details

    Attention is currently required from:
    • Tianyi Hu
    Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
    Gerrit-Comment-Date: Mon, 16 Mar 2026 16:15:19 +0000
    Gerrit-HasComments: Yes
    Gerrit-Has-Labels: No
    Comment-In-Reply-To: Andrew Verge <ave...@chromium.org>
    satisfied_requirement
    unsatisfied_requirement
    open
    diffy

    Andrew Verge (Gerrit)

    unread,
    Mar 17, 2026, 9:32:46 AM (6 days ago) Mar 17
    to Tianyi Hu, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Hiroki Nakagawa, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
    Attention needed from Tianyi Hu

    Andrew Verge added 1 comment

    File services/network/websocket_factory.cc
    Line 136, Patchset 2 (Latest): // Convert ws(s):// to http(s):// for allowlist matching, since the allowlist
    // patterns use HTTP schemes.
    Andrew Verge . resolved

    I don't think this is strictly true. We do append HTTPS scheme in situations like DNS where there's no relevant scheme available, but it's probably fine to just leave the ws(s):// scheme as is here. mk...@chromium.org what do you think?

    Andrew Verge

    I see there are other parts of the code that convert WebSocket schemes to HTTP for origin checks, so there's precedent for doing this (see line 151 below, even). But I'm also inclined to leave the URL as-is to avoid confusion for developers who are setting WebSocket URLs in the header.

    Andrew Verge

    Chatted w/ mkwst offline and it sounds like matching against HTTP has enough alignment with other web features that we also want to do it here. So will resolve this.

    Open in Gerrit

    Related details

    Attention is currently required from:
    • Tianyi Hu
    Submit Requirements:
      • requirement satisfiedCode-Coverage
      • requirement is not satisfiedCode-Owners
      • requirement is not satisfiedCode-Review
      • requirement is not satisfiedReview-Enforcement
      Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
      Gerrit-MessageType: comment
      Gerrit-Project: chromium/src
      Gerrit-Branch: main
      Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
      Gerrit-Change-Number: 7656843
      Gerrit-PatchSet: 2
      Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
      Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
      Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
      Gerrit-CC: Heron Yang <hero...@google.com>
      Gerrit-CC: Hiroki Nakagawa <nhi...@chromium.org>
      Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
      Gerrit-CC: Mike West <mk...@chromium.org>
      Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
      Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
      Gerrit-Comment-Date: Tue, 17 Mar 2026 13:32:40 +0000
      satisfied_requirement
      unsatisfied_requirement
      open
      diffy

      Andrew Verge (Gerrit)

      unread,
      Mar 17, 2026, 9:32:57 AM (6 days ago) Mar 17
      to Tianyi Hu, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Hiroki Nakagawa, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
      Attention needed from Tianyi Hu

      Andrew Verge voted Code-Review+1

      Code-Review+1
      Gerrit-Comment-Date: Tue, 17 Mar 2026 13:32:47 +0000
      Gerrit-HasComments: No
      Gerrit-Has-Labels: Yes
      satisfied_requirement
      unsatisfied_requirement
      open
      diffy

      Andrew Verge (Gerrit)

      unread,
      Mar 17, 2026, 10:02:30 AM (6 days ago) Mar 17
      to Tianyi Hu, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
      Attention needed from Hiroki Nakagawa, Ken Buchanan and Tianyi Hu

      Andrew Verge added 2 comments

      Patchset-level comments
      Andrew Verge . resolved

      Adding kenrb for fido OWNERS

      Adding nhiroki for worker OWNERS

      File services/network/websocket_factory.cc
      Line 136, Patchset 2 (Latest): // Convert ws(s):// to http(s):// for allowlist matching, since the allowlist
      // patterns use HTTP schemes.
      Andrew Verge . unresolved

      I don't think this is strictly true. We do append HTTPS scheme in situations like DNS where there's no relevant scheme available, but it's probably fine to just leave the ws(s):// scheme as is here. mk...@chromium.org what do you think?

      Andrew Verge

      I see there are other parts of the code that convert WebSocket schemes to HTTP for origin checks, so there's precedent for doing this (see line 151 below, even). But I'm also inclined to leave the URL as-is to avoid confusion for developers who are setting WebSocket URLs in the header.

      Andrew Verge

      Chatted w/ mkwst offline and it sounds like matching against HTTP has enough alignment with other web features that we also want to do it here. So will resolve this.

      Andrew Verge

      oscar...@gmail.com Could you file a Github issue for specification of WebSocket behavior, pointing to this CL? https://github.com/WICG/connection-allowlists/issues

      We need to make sure that matching against http instead of ws is captured in the spec.

      Open in Gerrit

      Related details

      Attention is currently required from:
      • Hiroki Nakagawa
      • Ken Buchanan
      • Tianyi Hu
      Submit Requirements:
        • requirement satisfiedCode-Coverage
        • requirement is not satisfiedCode-Owners
        • requirement is not satisfiedCode-Review
        • requirement is not satisfiedNo-Unresolved-Comments
        • requirement is not satisfiedReview-Enforcement
        Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
        Gerrit-MessageType: comment
        Gerrit-Project: chromium/src
        Gerrit-Branch: main
        Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
        Gerrit-Change-Number: 7656843
        Gerrit-PatchSet: 2
        Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
        Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
        Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
        Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
        Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
        Gerrit-CC: Heron Yang <hero...@google.com>
        Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
        Gerrit-CC: Mike West <mk...@chromium.org>
        Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
        Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
        Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
        Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
        Gerrit-Comment-Date: Tue, 17 Mar 2026 14:01:55 +0000
        satisfied_requirement
        unsatisfied_requirement
        open
        diffy

        Andrew Verge (Gerrit)

        unread,
        Mar 17, 2026, 10:05:18 AM (6 days ago) Mar 17
        to Tianyi Hu, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
        Attention needed from Hiroki Nakagawa, Ken Buchanan, Kenichi Ishibashi and Tianyi Hu

        Andrew Verge added 1 comment

        Patchset-level comments
        Andrew Verge . resolved

        Adding bashi@ for network service OWNERS

        Open in Gerrit

        Related details

        Attention is currently required from:
        • Hiroki Nakagawa
        • Ken Buchanan
        • Kenichi Ishibashi
        • Tianyi Hu
        Submit Requirements:
        • requirement satisfiedCode-Coverage
        • requirement is not satisfiedCode-Owners
        • requirement is not satisfiedCode-Review
        • requirement is not satisfiedNo-Unresolved-Comments
        • requirement is not satisfiedReview-Enforcement
        Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
        Gerrit-MessageType: comment
        Gerrit-Project: chromium/src
        Gerrit-Branch: main
        Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
        Gerrit-Change-Number: 7656843
        Gerrit-PatchSet: 2
        Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
        Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
        Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
        Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
        Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
        Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
        Gerrit-CC: Heron Yang <hero...@google.com>
        Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
        Gerrit-CC: Mike West <mk...@chromium.org>
        Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
        Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
        Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
        Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
        Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
        Gerrit-Comment-Date: Tue, 17 Mar 2026 14:05:08 +0000
        Gerrit-HasComments: Yes
        Gerrit-Has-Labels: No
        satisfied_requirement
        unsatisfied_requirement
        open
        diffy

        Ken Buchanan (Gerrit)

        unread,
        Mar 17, 2026, 10:59:18 AM (6 days ago) Mar 17
        to Tianyi Hu, Kenichi Ishibashi, Hiroki Nakagawa, Andrew Verge, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
        Attention needed from Hiroki Nakagawa, Kenichi Ishibashi and Tianyi Hu

        Ken Buchanan voted and added 1 comment

        Votes added by Ken Buchanan

        Code-Review+1

        1 comment

        Patchset-level comments
        Ken Buchanan . resolved

        lgtm device/fido

        Open in Gerrit

        Related details

        Attention is currently required from:
        • Hiroki Nakagawa
        • Kenichi Ishibashi
        • Tianyi Hu
        Submit Requirements:
          • requirement satisfiedCode-Coverage
          • requirement is not satisfiedCode-Owners
          • requirement satisfiedCode-Review
          • requirement is not satisfiedNo-Unresolved-Comments
          • requirement satisfiedReview-Enforcement
          Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
          Gerrit-MessageType: comment
          Gerrit-Project: chromium/src
          Gerrit-Branch: main
          Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
          Gerrit-Change-Number: 7656843
          Gerrit-PatchSet: 2
          Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
          Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
          Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
          Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
          Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
          Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
          Gerrit-CC: Heron Yang <hero...@google.com>
          Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
          Gerrit-CC: Mike West <mk...@chromium.org>
          Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
          Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
          Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
          Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
          Gerrit-Comment-Date: Tue, 17 Mar 2026 14:59:09 +0000
          Gerrit-HasComments: Yes
          Gerrit-Has-Labels: Yes
          satisfied_requirement
          unsatisfied_requirement
          open
          diffy

          Tianyi Hu (Gerrit)

          unread,
          Mar 17, 2026, 12:27:43 PM (6 days ago) Mar 17
          to Ken Buchanan, Kenichi Ishibashi, Hiroki Nakagawa, Andrew Verge, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
          Attention needed from Andrew Verge, Hiroki Nakagawa and Kenichi Ishibashi

          Tianyi Hu added 1 comment

          File services/network/websocket_factory.cc
          Line 136, Patchset 2 (Latest): // Convert ws(s):// to http(s):// for allowlist matching, since the allowlist
          // patterns use HTTP schemes.
          Andrew Verge . unresolved

          I don't think this is strictly true. We do append HTTPS scheme in situations like DNS where there's no relevant scheme available, but it's probably fine to just leave the ws(s):// scheme as is here. mk...@chromium.org what do you think?

          Andrew Verge

          I see there are other parts of the code that convert WebSocket schemes to HTTP for origin checks, so there's precedent for doing this (see line 151 below, even). But I'm also inclined to leave the URL as-is to avoid confusion for developers who are setting WebSocket URLs in the header.

          Andrew Verge

          Chatted w/ mkwst offline and it sounds like matching against HTTP has enough alignment with other web features that we also want to do it here. So will resolve this.

          Andrew Verge

          oscar...@gmail.com Could you file a Github issue for specification of WebSocket behavior, pointing to this CL? https://github.com/WICG/connection-allowlists/issues

          We need to make sure that matching against http instead of ws is captured in the spec.

          Tianyi Hu
          Open in Gerrit

          Related details

          Attention is currently required from:
          • Andrew Verge
          • Hiroki Nakagawa
          • Kenichi Ishibashi
          Gerrit-Attention: Andrew Verge <ave...@chromium.org>
          Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
          Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
          Gerrit-Comment-Date: Tue, 17 Mar 2026 16:27:12 +0000
          Gerrit-HasComments: Yes
          Gerrit-Has-Labels: No
          Comment-In-Reply-To: Andrew Verge <ave...@chromium.org>
          satisfied_requirement
          unsatisfied_requirement
          open
          diffy

          Andrew Verge (Gerrit)

          unread,
          Mar 17, 2026, 12:35:54 PM (6 days ago) Mar 17
          to Tianyi Hu, Ken Buchanan, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
          Attention needed from Hiroki Nakagawa, Kenichi Ishibashi and Tianyi Hu

          Andrew Verge added 2 comments

          File content/browser/worker_host/shared_worker_host.cc
          Line 690, Patchset 2 (Latest): // TODO(crbug.com/447954811): Pass network_restrictions_id so
          Andrew Verge . unresolved

          One more request: for the TODOs for workers, can you reference crbug.com/492462310 instead? This is where we'll track remaining implementation work; once this CL merges I will mark the original bug report as fixed.

          File services/network/websocket_factory.cc
          Line 136, Patchset 2 (Latest): // Convert ws(s):// to http(s):// for allowlist matching, since the allowlist
          // patterns use HTTP schemes.
          Andrew Verge . resolved

          I don't think this is strictly true. We do append HTTPS scheme in situations like DNS where there's no relevant scheme available, but it's probably fine to just leave the ws(s):// scheme as is here. mk...@chromium.org what do you think?

          Andrew Verge

          I see there are other parts of the code that convert WebSocket schemes to HTTP for origin checks, so there's precedent for doing this (see line 151 below, even). But I'm also inclined to leave the URL as-is to avoid confusion for developers who are setting WebSocket URLs in the header.

          Andrew Verge

          Chatted w/ mkwst offline and it sounds like matching against HTTP has enough alignment with other web features that we also want to do it here. So will resolve this.

          Andrew Verge

          oscar...@gmail.com Could you file a Github issue for specification of WebSocket behavior, pointing to this CL? https://github.com/WICG/connection-allowlists/issues

          We need to make sure that matching against http instead of ws is captured in the spec.

          Tianyi Hu

          Sure thing! Here is the issue: https://github.com/WICG/connection-allowlists/issues/10

          Andrew Verge

          Thank you!

          Open in Gerrit

          Related details

          Attention is currently required from:
          • Hiroki Nakagawa
          • Kenichi Ishibashi
          • Tianyi Hu
          Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
          Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
          Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
          Gerrit-Comment-Date: Tue, 17 Mar 2026 16:35:48 +0000
          Gerrit-HasComments: Yes
          Gerrit-Has-Labels: No
          Comment-In-Reply-To: Andrew Verge <ave...@chromium.org>
          Comment-In-Reply-To: Tianyi Hu <oscar...@gmail.com>
          satisfied_requirement
          unsatisfied_requirement
          open
          diffy

          Tianyi Hu (Gerrit)

          unread,
          Mar 17, 2026, 12:58:11 PM (6 days ago) Mar 17
          to Ken Buchanan, Kenichi Ishibashi, Hiroki Nakagawa, Andrew Verge, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
          Attention needed from Andrew Verge, Hiroki Nakagawa, Ken Buchanan and Kenichi Ishibashi

          Tianyi Hu added 1 comment

          File content/browser/worker_host/shared_worker_host.cc
          Line 690, Patchset 2: // TODO(crbug.com/447954811): Pass network_restrictions_id so
          Andrew Verge . resolved

          One more request: for the TODOs for workers, can you reference crbug.com/492462310 instead? This is where we'll track remaining implementation work; once this CL merges I will mark the original bug report as fixed.

          Tianyi Hu

          Done

          Open in Gerrit

          Related details

          Attention is currently required from:
          • Andrew Verge
          • Hiroki Nakagawa
          • Ken Buchanan
          • Kenichi Ishibashi
            Submit Requirements:
              • requirement satisfiedCode-Coverage
              • requirement is not satisfiedCode-Owners
              • requirement is not satisfiedCode-Review
              • requirement is not satisfiedReview-Enforcement
              Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
              Gerrit-MessageType: comment
              Gerrit-Project: chromium/src
              Gerrit-Branch: main
              Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
              Gerrit-Change-Number: 7656843
              Gerrit-PatchSet: 3
              Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
              Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
              Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
              Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
              Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
              Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
              Gerrit-CC: Heron Yang <hero...@google.com>
              Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
              Gerrit-CC: Mike West <mk...@chromium.org>
              Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
              Gerrit-Attention: Andrew Verge <ave...@chromium.org>
              Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
              Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
              Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
              Gerrit-Comment-Date: Tue, 17 Mar 2026 16:57:30 +0000
              satisfied_requirement
              unsatisfied_requirement
              open
              diffy

              Andrew Verge (Gerrit)

              unread,
              Mar 17, 2026, 1:19:07 PM (6 days ago) Mar 17
              to Tianyi Hu, Ken Buchanan, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
              Attention needed from Hiroki Nakagawa, Ken Buchanan, Kenichi Ishibashi and Tianyi Hu

              Andrew Verge voted Code-Review+1

              Code-Review+1
              Open in Gerrit

              Related details

              Attention is currently required from:
              • Hiroki Nakagawa
              • Ken Buchanan
              • Kenichi Ishibashi
              • Tianyi Hu
              Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
              Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
              Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
              Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
              Gerrit-Comment-Date: Tue, 17 Mar 2026 17:19:01 +0000
              Gerrit-HasComments: No
              Gerrit-Has-Labels: Yes
              satisfied_requirement
              unsatisfied_requirement
              open
              diffy

              Shivani Sharma (Gerrit)

              unread,
              Mar 17, 2026, 1:24:57 PM (6 days ago) Mar 17
              to Tianyi Hu, Andrew Verge, Ken Buchanan, Kenichi Ishibashi, Hiroki Nakagawa, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
              Attention needed from Hiroki Nakagawa, Ken Buchanan, Kenichi Ishibashi and Tianyi Hu

              Shivani Sharma added 1 comment

              Commit Message
              Line 7, Patchset 3 (Latest):Plumb network_restrictions_id through CreateWebSocket
              Shivani Sharma . unresolved

              drive-by nit: Could you please add the prefix "[Connection-Allowlist]" similar to other CLs so it gets the hashtag.
              https://chromium-review.googlesource.com/q/hashtag:%22connection-allowlist%22+(status:open%20OR%20status:merged)

              Open in Gerrit

              Related details

              Attention is currently required from:
              • Hiroki Nakagawa
              • Ken Buchanan
              • Kenichi Ishibashi
              • Tianyi Hu
              Submit Requirements:
                • requirement satisfiedCode-Coverage
                • requirement is not satisfiedCode-Owners
                • requirement is not satisfiedCode-Review
                • requirement is not satisfiedNo-Unresolved-Comments
                Gerrit-Comment-Date: Tue, 17 Mar 2026 17:24:49 +0000
                Gerrit-HasComments: Yes
                Gerrit-Has-Labels: No
                satisfied_requirement
                unsatisfied_requirement
                open
                diffy

                Tianyi Hu (Gerrit)

                unread,
                Mar 17, 2026, 1:41:39 PM (6 days ago) Mar 17
                to Andrew Verge, Ken Buchanan, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                Attention needed from Hiroki Nakagawa, Ken Buchanan, Kenichi Ishibashi and Shivani Sharma

                Tianyi Hu added 1 comment

                Commit Message
                Line 7, Patchset 3:Plumb network_restrictions_id through CreateWebSocket
                Shivani Sharma . resolved

                drive-by nit: Could you please add the prefix "[Connection-Allowlist]" similar to other CLs so it gets the hashtag.
                https://chromium-review.googlesource.com/q/hashtag:%22connection-allowlist%22+(status:open%20OR%20status:merged)

                Tianyi Hu

                Done

                Open in Gerrit

                Related details

                Attention is currently required from:
                • Hiroki Nakagawa
                • Ken Buchanan
                • Kenichi Ishibashi
                • Shivani Sharma
                Submit Requirements:
                  • requirement satisfiedCode-Coverage
                  • requirement is not satisfiedCode-Owners
                  • requirement is not satisfiedCode-Review
                  • requirement is not satisfiedReview-Enforcement
                  Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                  Gerrit-MessageType: comment
                  Gerrit-Project: chromium/src
                  Gerrit-Branch: main
                  Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                  Gerrit-Change-Number: 7656843
                  Gerrit-PatchSet: 6
                  Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                  Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                  Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                  Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                  Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                  Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                  Gerrit-CC: Heron Yang <hero...@google.com>
                  Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                  Gerrit-CC: Mike West <mk...@chromium.org>
                  Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                  Gerrit-Attention: Shivani Sharma <shiva...@chromium.org>
                  Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
                  Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                  Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                  Gerrit-Comment-Date: Tue, 17 Mar 2026 17:41:10 +0000
                  Gerrit-HasComments: Yes
                  Gerrit-Has-Labels: No
                  Comment-In-Reply-To: Shivani Sharma <shiva...@chromium.org>
                  satisfied_requirement
                  unsatisfied_requirement
                  open
                  diffy

                  Ken Buchanan (Gerrit)

                  unread,
                  Mar 17, 2026, 6:10:32 PM (6 days ago) Mar 17
                  to Tianyi Hu, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                  Attention needed from Hiroki Nakagawa, Kenichi Ishibashi, Shivani Sharma and Tianyi Hu

                  Ken Buchanan voted Code-Review+1

                  Code-Review+1
                  Open in Gerrit

                  Related details

                  Attention is currently required from:
                  • Hiroki Nakagawa
                  • Kenichi Ishibashi
                  • Shivani Sharma
                  • Tianyi Hu
                  Submit Requirements:
                    • requirement satisfiedCode-Coverage
                    • requirement is not satisfiedCode-Owners
                    • requirement satisfiedCode-Review
                    • requirement satisfiedReview-Enforcement
                    Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                    Gerrit-MessageType: comment
                    Gerrit-Project: chromium/src
                    Gerrit-Branch: main
                    Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                    Gerrit-Change-Number: 7656843
                    Gerrit-PatchSet: 6
                    Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                    Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                    Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                    Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                    Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                    Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                    Gerrit-CC: Heron Yang <hero...@google.com>
                    Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                    Gerrit-CC: Mike West <mk...@chromium.org>
                    Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                    Gerrit-Attention: Shivani Sharma <shiva...@chromium.org>
                    Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                    Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                    Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                    Gerrit-Comment-Date: Tue, 17 Mar 2026 22:10:21 +0000
                    Gerrit-HasComments: No
                    Gerrit-Has-Labels: Yes
                    satisfied_requirement
                    unsatisfied_requirement
                    open
                    diffy

                    Kenichi Ishibashi (Gerrit)

                    unread,
                    Mar 18, 2026, 3:15:59 AM (5 days ago) Mar 18
                    to Tianyi Hu, Ken Buchanan, Andrew Verge, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                    Attention needed from Hiroki Nakagawa, Shivani Sharma and Tianyi Hu

                    Kenichi Ishibashi added 1 comment

                    File services/network/network_context.h
                    Line 397, Patchset 6 (Latest): const std::optional<base::UnguessableToken>& network_restrictions_id)
                    Kenichi Ishibashi . unresolved

                    I'm a little concerned that having two std::optionals in the signature might be confusing. Would it be able to pass actual unguessable token always?

                    Open in Gerrit

                    Related details

                    Attention is currently required from:
                    • Hiroki Nakagawa
                    • Shivani Sharma
                    • Tianyi Hu
                    Submit Requirements:
                      • requirement satisfiedCode-Coverage
                      • requirement is not satisfiedCode-Owners
                      • requirement satisfiedCode-Review
                      • requirement is not satisfiedNo-Unresolved-Comments
                      • requirement satisfiedReview-Enforcement
                      Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                      Gerrit-MessageType: comment
                      Gerrit-Project: chromium/src
                      Gerrit-Branch: main
                      Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                      Gerrit-Change-Number: 7656843
                      Gerrit-PatchSet: 6
                      Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                      Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                      Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                      Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                      Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                      Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                      Gerrit-CC: Heron Yang <hero...@google.com>
                      Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                      Gerrit-CC: Mike West <mk...@chromium.org>
                      Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                      Gerrit-Attention: Shivani Sharma <shiva...@chromium.org>
                      Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                      Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                      Gerrit-Comment-Date: Wed, 18 Mar 2026 07:15:26 +0000
                      Gerrit-HasComments: Yes
                      Gerrit-Has-Labels: No
                      satisfied_requirement
                      unsatisfied_requirement
                      open
                      diffy

                      Hiroki Nakagawa (Gerrit)

                      unread,
                      Mar 18, 2026, 3:53:17 AM (5 days ago) Mar 18
                      to Tianyi Hu, Ken Buchanan, Andrew Verge, Kenichi Ishibashi, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                      Attention needed from Shivani Sharma and Tianyi Hu

                      Hiroki Nakagawa voted and added 1 comment

                      Votes added by Hiroki Nakagawa

                      Code-Review+1

                      1 comment

                      Patchset-level comments
                      File-level comment, Patchset 6 (Latest):
                      Hiroki Nakagawa . resolved

                      Changes in following files LGTM.

                      content/browser/service_worker/service_worker_host.cc
                      content/browser/worker_host/dedicated_worker_host.cc
                      content/browser/worker_host/shared_worker_host.cc

                      Open in Gerrit

                      Related details

                      Attention is currently required from:
                      • Shivani Sharma
                      • Tianyi Hu
                      Gerrit-Comment-Date: Wed, 18 Mar 2026 07:52:51 +0000
                      Gerrit-HasComments: Yes
                      Gerrit-Has-Labels: Yes
                      satisfied_requirement
                      unsatisfied_requirement
                      open
                      diffy

                      Tianyi Hu (Gerrit)

                      unread,
                      Mar 18, 2026, 5:43:00 AM (5 days ago) Mar 18
                      to Hiroki Nakagawa, Ken Buchanan, Andrew Verge, Kenichi Ishibashi, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                      Attention needed from Kenichi Ishibashi and Shivani Sharma

                      Tianyi Hu added 1 comment

                      File services/network/network_context.h
                      Line 397, Patchset 6 (Latest): const std::optional<base::UnguessableToken>& network_restrictions_id)
                      Kenichi Ishibashi . unresolved

                      I'm a little concerned that having two std::optionals in the signature might be confusing. Would it be able to pass actual unguessable token always?

                      Tianyi Hu

                      Not all callers have a network_restrictions_id — the feature is behind an Origin Trial, so most pages won't have one, and non-web callers (FIDO, enclave) have no concept of it. The `/*network_restrictions_id=*/` named parameter comments at each call site should help avoid confusion with `throttling_profile_id`. Happy to hear if you'd prefer a different approach though.

                      Open in Gerrit

                      Related details

                      Attention is currently required from:
                      • Kenichi Ishibashi
                      • Shivani Sharma
                      Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                      Gerrit-Comment-Date: Wed, 18 Mar 2026 09:42:36 +0000
                      Gerrit-HasComments: Yes
                      Gerrit-Has-Labels: No
                      Comment-In-Reply-To: Kenichi Ishibashi <ba...@chromium.org>
                      satisfied_requirement
                      unsatisfied_requirement
                      open
                      diffy

                      Kenichi Ishibashi (Gerrit)

                      unread,
                      Mar 18, 2026, 3:51:57 PM (5 days ago) Mar 18
                      to Tianyi Hu, Hiroki Nakagawa, Ken Buchanan, Andrew Verge, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                      Attention needed from Tianyi Hu

                      Kenichi Ishibashi voted and added 2 comments

                      Votes added by Kenichi Ishibashi

                      Code-Review+1

                      2 comments

                      Patchset-level comments
                      Kenichi Ishibashi . resolved

                      lgtm

                      File services/network/network_context.h
                      Line 397, Patchset 6 (Latest): const std::optional<base::UnguessableToken>& network_restrictions_id)
                      Kenichi Ishibashi . resolved

                      I'm a little concerned that having two std::optionals in the signature might be confusing. Would it be able to pass actual unguessable token always?

                      Tianyi Hu

                      Not all callers have a network_restrictions_id — the feature is behind an Origin Trial, so most pages won't have one, and non-web callers (FIDO, enclave) have no concept of it. The `/*network_restrictions_id=*/` named parameter comments at each call site should help avoid confusion with `throttling_profile_id`. Happy to hear if you'd prefer a different approach though.

                      Kenichi Ishibashi

                      Acknowledged

                      Open in Gerrit

                      Related details

                      Attention is currently required from:
                      • Tianyi Hu
                      Submit Requirements:
                        • requirement satisfiedCode-Coverage
                        • requirement is not satisfiedCode-Owners
                        • requirement satisfiedCode-Review
                        • requirement satisfiedReview-Enforcement
                        Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                        Gerrit-MessageType: comment
                        Gerrit-Project: chromium/src
                        Gerrit-Branch: main
                        Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                        Gerrit-Change-Number: 7656843
                        Gerrit-PatchSet: 6
                        Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                        Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                        Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                        Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                        Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                        Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                        Gerrit-CC: Heron Yang <hero...@google.com>
                        Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                        Gerrit-CC: Mike West <mk...@chromium.org>
                        Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                        Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                        Gerrit-Comment-Date: Wed, 18 Mar 2026 19:51:25 +0000
                        Gerrit-HasComments: Yes
                        Gerrit-Has-Labels: Yes
                        Comment-In-Reply-To: Kenichi Ishibashi <ba...@chromium.org>
                        Comment-In-Reply-To: Tianyi Hu <oscar...@gmail.com>
                        satisfied_requirement
                        unsatisfied_requirement
                        open
                        diffy

                        Andrew Verge (Gerrit)

                        unread,
                        Mar 18, 2026, 4:08:57 PM (5 days ago) Mar 18
                        to Tianyi Hu, Christian Dullweber, Adam Rice, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                        Attention needed from Adam Rice, Christian Dullweber and Tianyi Hu

                        Andrew Verge voted and added 1 comment

                        Votes added by Andrew Verge

                        Code-Review+1

                        1 comment

                        Patchset-level comments
                        Andrew Verge . resolved

                        Adding dullweber@ for private_ai OWNERS

                        Adding ricea@ for content/browser/websockets OWNERS

                        Open in Gerrit

                        Related details

                        Attention is currently required from:
                        • Adam Rice
                        • Christian Dullweber
                        • Tianyi Hu
                        Submit Requirements:
                        • requirement satisfiedCode-Coverage
                        • requirement is not satisfiedCode-Owners
                        • requirement satisfiedCode-Review
                        • requirement satisfiedReview-Enforcement
                        Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                        Gerrit-MessageType: comment
                        Gerrit-Project: chromium/src
                        Gerrit-Branch: main
                        Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                        Gerrit-Change-Number: 7656843
                        Gerrit-PatchSet: 6
                        Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                        Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                        Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                        Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                        Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                        Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                        Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                        Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                        Gerrit-CC: Heron Yang <hero...@google.com>
                        Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                        Gerrit-CC: Mike West <mk...@chromium.org>
                        Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                        Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                        Gerrit-Attention: Adam Rice <ri...@chromium.org>
                        Gerrit-Attention: Christian Dullweber <dull...@chromium.org>
                        Gerrit-Comment-Date: Wed, 18 Mar 2026 20:08:48 +0000
                        Gerrit-HasComments: Yes
                        Gerrit-Has-Labels: Yes
                        satisfied_requirement
                        unsatisfied_requirement
                        open
                        diffy

                        Christian Dullweber (Gerrit)

                        unread,
                        Mar 19, 2026, 5:35:33 AM (4 days ago) Mar 19
                        to Tianyi Hu, Andrew Verge, Adam Rice, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                        Attention needed from Adam Rice and Tianyi Hu

                        Christian Dullweber voted Code-Review+1

                        Code-Review+1
                        Open in Gerrit

                        Related details

                        Attention is currently required from:
                        • Adam Rice
                        • Tianyi Hu
                        Gerrit-Comment-Date: Thu, 19 Mar 2026 09:35:11 +0000
                        Gerrit-HasComments: No
                        Gerrit-Has-Labels: Yes
                        satisfied_requirement
                        unsatisfied_requirement
                        open
                        diffy

                        Adam Rice (Gerrit)

                        unread,
                        Mar 19, 2026, 11:19:43 AM (4 days ago) Mar 19
                        to Tianyi Hu, Christian Dullweber, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                        Attention needed from Tianyi Hu

                        Adam Rice voted and added 3 comments

                        Votes added by Adam Rice

                        Code-Review+1

                        3 comments

                        Patchset-level comments
                        Adam Rice . resolved

                        lgtm

                        File content/browser/loader/connection_allowlist_browsertest.cc
                        Line 580, Patchset 6 (Latest): ws.addEventListener('open', () => { ws.close(); resolve('open'); });
                        ws.addEventListener('error', () => resolve('error'));
                        Adam Rice . unresolved
                        Optional: You can use `addEventListener` if you like, but since no-one else has access to the object anyway, onopen and onerror are fine and I think easier to read:
                        ```suggestion
                              ws.onopen = () => { ws.close(); resolve('open'); };
                              ws.onerror = () => resolve('error');
                        ```
                        File third_party/blink/web_tests/external/wpt/connection-allowlist/tentative/websocket.sub.window.js
                        Line 33, Patchset 6 (Latest): SUCCESS,
                        Adam Rice . unresolved

                        Optional: I think it would be clearer just to pass `"open"` or `"error"` rather than `SUCCESS` or `FAILURE`, but up to you.

                        Open in Gerrit

                        Related details

                        Attention is currently required from:
                        • Tianyi Hu
                        Submit Requirements:
                        • requirement satisfiedCode-Coverage
                        • requirement satisfiedCode-Owners
                        • requirement satisfiedCode-Review
                        • requirement is not satisfiedNo-Unresolved-Comments
                        • requirement satisfiedReview-Enforcement
                        Gerrit-Comment-Date: Thu, 19 Mar 2026 15:19:29 +0000
                        Gerrit-HasComments: Yes
                        Gerrit-Has-Labels: Yes
                        satisfied_requirement
                        unsatisfied_requirement
                        open
                        diffy

                        Adam Rice (Gerrit)

                        unread,
                        Mar 19, 2026, 11:28:56 AM (4 days ago) Mar 19
                        to Tianyi Hu, Christian Dullweber, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                        Attention needed from Tianyi Hu

                        Adam Rice voted Code-Review+0

                        Code-Review+0
                        Open in Gerrit

                        Related details

                        Attention is currently required from:
                        • Tianyi Hu
                        Submit Requirements:
                        • requirement satisfiedCode-Coverage
                        • requirement is not satisfiedCode-Owners
                        Gerrit-Comment-Date: Thu, 19 Mar 2026 15:28:43 +0000
                        Gerrit-HasComments: No
                        Gerrit-Has-Labels: Yes
                        satisfied_requirement
                        unsatisfied_requirement
                        open
                        diffy

                        Adam Rice (Gerrit)

                        unread,
                        Mar 19, 2026, 11:29:15 AM (4 days ago) Mar 19
                        to Tianyi Hu, Christian Dullweber, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                        Attention needed from Tianyi Hu

                        Adam Rice voted Code-Review+1

                        Code-Review+1
                        Open in Gerrit

                        Related details

                        Attention is currently required from:
                        • Tianyi Hu
                        Submit Requirements:
                        • requirement satisfiedCode-Coverage
                        • requirement satisfiedCode-Owners
                        Gerrit-Comment-Date: Thu, 19 Mar 2026 15:28:58 +0000
                        Gerrit-HasComments: No
                        Gerrit-Has-Labels: Yes
                        satisfied_requirement
                        unsatisfied_requirement
                        open
                        diffy

                        Tianyi Hu (Gerrit)

                        unread,
                        Mar 19, 2026, 11:44:14 AM (4 days ago) Mar 19
                        to Adam Rice, Christian Dullweber, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                        Attention needed from Adam Rice, Andrew Verge, Christian Dullweber, Hiroki Nakagawa, Ken Buchanan and Kenichi Ishibashi

                        Tianyi Hu added 2 comments

                        File content/browser/loader/connection_allowlist_browsertest.cc
                        Line 580, Patchset 6: ws.addEventListener('open', () => { ws.close(); resolve('open'); });

                        ws.addEventListener('error', () => resolve('error'));
                        Adam Rice . resolved
                        Optional: You can use `addEventListener` if you like, but since no-one else has access to the object anyway, onopen and onerror are fine and I think easier to read:
                        ```suggestion
                              ws.onopen = () => { ws.close(); resolve('open'); };
                              ws.onerror = () => resolve('error');
                        ```
                        Tianyi Hu

                        Done

                        File third_party/blink/web_tests/external/wpt/connection-allowlist/tentative/websocket.sub.window.js
                        Line 33, Patchset 6: SUCCESS,
                        Adam Rice . resolved

                        Optional: I think it would be clearer just to pass `"open"` or `"error"` rather than `SUCCESS` or `FAILURE`, but up to you.

                        Tianyi Hu

                        Done

                        Open in Gerrit

                        Related details

                        Attention is currently required from:
                        • Adam Rice
                        • Andrew Verge
                        • Christian Dullweber
                        • Hiroki Nakagawa
                        • Ken Buchanan
                        • Kenichi Ishibashi
                          Submit Requirements:
                            • requirement satisfiedCode-Coverage
                            • requirement satisfiedCode-Owners
                            • requirement is not satisfiedCode-Review
                            • requirement is not satisfiedReview-Enforcement
                            Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                            Gerrit-MessageType: comment
                            Gerrit-Project: chromium/src
                            Gerrit-Branch: main
                            Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                            Gerrit-Change-Number: 7656843
                            Gerrit-PatchSet: 7
                            Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                            Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                            Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                            Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                            Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                            Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                            Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                            Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                            Gerrit-CC: Heron Yang <hero...@google.com>
                            Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                            Gerrit-CC: Mike West <mk...@chromium.org>
                            Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                            Gerrit-Attention: Andrew Verge <ave...@chromium.org>
                            Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                            Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
                            Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                            Gerrit-Attention: Adam Rice <ri...@chromium.org>
                            Gerrit-Attention: Christian Dullweber <dull...@chromium.org>
                            Gerrit-Comment-Date: Thu, 19 Mar 2026 15:44:04 +0000
                            Gerrit-HasComments: Yes
                            Gerrit-Has-Labels: No
                            Comment-In-Reply-To: Adam Rice <ri...@chromium.org>
                            satisfied_requirement
                            unsatisfied_requirement
                            open
                            diffy

                            Tianyi Hu (Gerrit)

                            unread,
                            Mar 19, 2026, 11:50:07 AM (4 days ago) Mar 19
                            to Adam Rice, Christian Dullweber, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                            Attention needed from Adam Rice, Andrew Verge, Christian Dullweber, Hiroki Nakagawa, Ken Buchanan and Kenichi Ishibashi

                            Tianyi Hu added 1 comment

                            Patchset-level comments
                            File-level comment, Patchset 7 (Latest):
                            Tianyi Hu . resolved

                            averge@ all owners approved, once we have 2 CR+1s again feel free to CQ+2 as I don't have the permission

                            Gerrit-Comment-Date: Thu, 19 Mar 2026 15:49:56 +0000
                            Gerrit-HasComments: Yes
                            Gerrit-Has-Labels: No
                            satisfied_requirement
                            unsatisfied_requirement
                            open
                            diffy

                            Andrew Verge (Gerrit)

                            unread,
                            Mar 19, 2026, 12:52:46 PM (4 days ago) Mar 19
                            to Tianyi Hu, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Hiroki Nakagawa, Ken Buchanan, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                            Attention needed from Adam Rice, Christian Dullweber, Hiroki Nakagawa, Ken Buchanan, Kenichi Ishibashi and Tianyi Hu

                            Andrew Verge voted Code-Review+1

                            Code-Review+1
                            Open in Gerrit

                            Related details

                            Attention is currently required from:
                            • Adam Rice
                            • Christian Dullweber
                            • Hiroki Nakagawa
                            • Ken Buchanan
                            • Kenichi Ishibashi
                            • Tianyi Hu
                            Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                            Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
                            Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                            Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                            Gerrit-Attention: Adam Rice <ri...@chromium.org>
                            Gerrit-Attention: Christian Dullweber <dull...@chromium.org>
                            Gerrit-Comment-Date: Thu, 19 Mar 2026 16:52:36 +0000
                            Gerrit-HasComments: No
                            Gerrit-Has-Labels: Yes
                            satisfied_requirement
                            unsatisfied_requirement
                            open
                            diffy

                            Ken Buchanan (Gerrit)

                            unread,
                            Mar 20, 2026, 9:42:42 AM (3 days ago) Mar 20
                            to Tianyi Hu, Andrew Verge, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                            Attention needed from Adam Rice, Hiroki Nakagawa, Kenichi Ishibashi and Tianyi Hu

                            Ken Buchanan voted Code-Review+1

                            Code-Review+1
                            Open in Gerrit

                            Related details

                            Attention is currently required from:
                            • Adam Rice
                            • Hiroki Nakagawa
                            • Kenichi Ishibashi
                            • Tianyi Hu
                            Submit Requirements:
                              • requirement satisfiedCode-Coverage
                              • requirement satisfiedCode-Owners
                              • requirement satisfiedCode-Review
                              • requirement satisfiedReview-Enforcement
                              Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                              Gerrit-MessageType: comment
                              Gerrit-Project: chromium/src
                              Gerrit-Branch: main
                              Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                              Gerrit-Change-Number: 7656843
                              Gerrit-PatchSet: 7
                              Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                              Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                              Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                              Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                              Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                              Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                              Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                              Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                              Gerrit-CC: Heron Yang <hero...@google.com>
                              Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                              Gerrit-CC: Mike West <mk...@chromium.org>
                              Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                              Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                              Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                              Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                              Gerrit-Attention: Adam Rice <ri...@chromium.org>
                              Gerrit-Comment-Date: Fri, 20 Mar 2026 13:42:33 +0000
                              Gerrit-HasComments: No
                              Gerrit-Has-Labels: Yes
                              satisfied_requirement
                              open
                              diffy

                              Blink W3C Test Autoroller (Gerrit)

                              unread,
                              Mar 20, 2026, 9:50:00 AM (3 days ago) Mar 20
                              to Tianyi Hu, Ken Buchanan, Andrew Verge, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                              Attention needed from Adam Rice, Hiroki Nakagawa, Kenichi Ishibashi and Tianyi Hu

                              Message from Blink W3C Test Autoroller

                              Exportable changes to web-platform-tests were detected in this CL and a pull request in the upstream repo has been made: https://github.com/web-platform-tests/wpt/pull/58646.

                              When this CL lands, the bot will automatically merge the PR on GitHub if the required GitHub checks pass; otherwise, ecosystem-infra@ team will triage the failures and may contact you.

                              WPT Export docs:
                              https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md#Automatic-export-process

                              Gerrit-CC: Blink W3C Test Autoroller <blink-w3c-te...@chromium.org>
                              Gerrit-CC: Heron Yang <hero...@google.com>
                              Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                              Gerrit-CC: Mike West <mk...@chromium.org>
                              Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                              Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                              Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                              Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                              Gerrit-Attention: Adam Rice <ri...@chromium.org>
                              Gerrit-Comment-Date: Fri, 20 Mar 2026 13:49:53 +0000
                              Gerrit-HasComments: No
                              Gerrit-Has-Labels: No
                              satisfied_requirement
                              open
                              diffy

                              Andrew Verge (Gerrit)

                              unread,
                              Mar 20, 2026, 11:04:59 AM (3 days ago) Mar 20
                              to Tianyi Hu, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                              Attention needed from Adam Rice, Hiroki Nakagawa, Kenichi Ishibashi and Tianyi Hu

                              Andrew Verge voted Commit-Queue+2

                              Commit-Queue+2
                              Gerrit-Comment-Date: Fri, 20 Mar 2026 15:04:53 +0000
                              Gerrit-HasComments: No
                              Gerrit-Has-Labels: Yes
                              satisfied_requirement
                              open
                              diffy

                              Andrew Verge (Gerrit)

                              unread,
                              Mar 20, 2026, 11:57:05 AM (3 days ago) Mar 20
                              to Tianyi Hu, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Hiroki Nakagawa, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                              Attention needed from Adam Rice, Hiroki Nakagawa, Kenichi Ishibashi and Tianyi Hu

                              Andrew Verge voted and added 1 comment

                              Votes added by Andrew Verge

                              Code-Review+1

                              1 comment

                              Patchset-level comments
                              File-level comment, Patchset 8 (Latest):
                              Andrew Verge . unresolved

                              oscar...@gmail.com looks like network_context_configuration_browsertest.cc needs to be updated with the new network_restrictions_id for websockets, since it's breaking the builds. If you upload a fix I'll review and rerun the CQ.

                              Open in Gerrit

                              Related details

                              Attention is currently required from:
                              • Adam Rice
                              • Hiroki Nakagawa
                              • Kenichi Ishibashi
                              • Tianyi Hu
                              Submit Requirements:
                                • requirement satisfiedCode-Coverage
                                • requirement satisfiedCode-Owners
                                • requirement satisfiedCode-Review
                                • requirement is not satisfiedNo-Unresolved-Comments
                                • requirement satisfiedReview-Enforcement
                                Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                                Gerrit-MessageType: comment
                                Gerrit-Project: chromium/src
                                Gerrit-Branch: main
                                Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                                Gerrit-Change-Number: 7656843
                                Gerrit-PatchSet: 8
                                Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                                Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                                Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                                Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                                Gerrit-Reviewer: Hiroki Nakagawa <nhi...@chromium.org>
                                Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                                Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                                Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                                Gerrit-CC: Blink W3C Test Autoroller <blink-w3c-te...@chromium.org>
                                Gerrit-CC: Heron Yang <hero...@google.com>
                                Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                                Gerrit-CC: Mike West <mk...@chromium.org>
                                Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                                Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                                Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                                Gerrit-Attention: Hiroki Nakagawa <nhi...@chromium.org>
                                Gerrit-Attention: Adam Rice <ri...@chromium.org>
                                Gerrit-Comment-Date: Fri, 20 Mar 2026 15:56:59 +0000
                                Gerrit-HasComments: Yes
                                Gerrit-Has-Labels: Yes
                                satisfied_requirement
                                unsatisfied_requirement
                                open
                                diffy

                                Tianyi Hu (Gerrit)

                                unread,
                                Mar 20, 2026, 12:26:56 PM (3 days ago) Mar 20
                                to Hiroki Nakagawa, AyeAye Python Dispatcher, Andrew Verge, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                Attention needed from Adam Rice, Andrew Verge, Ken Buchanan and Kenichi Ishibashi

                                Tianyi Hu added 1 comment

                                Patchset-level comments
                                File-level comment, Patchset 8:
                                Andrew Verge . resolved

                                oscar...@gmail.com looks like network_context_configuration_browsertest.cc needs to be updated with the new network_restrictions_id for websockets, since it's breaking the builds. If you upload a fix I'll review and rerun the CQ.

                                Tianyi Hu

                                Done. Added the missing network_restrictions_id param to network_context_configuration_browsertest.cc. Ready for re-review.

                                Open in Gerrit

                                Related details

                                Attention is currently required from:
                                • Adam Rice
                                • Andrew Verge
                                • Ken Buchanan
                                • Kenichi Ishibashi
                                Submit Requirements:
                                • requirement satisfiedCode-Coverage
                                • requirement is not satisfiedCode-Owners
                                • requirement is not satisfiedCode-Review
                                • requirement is not satisfiedReview-Enforcement
                                Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                                Gerrit-MessageType: comment
                                Gerrit-Project: chromium/src
                                Gerrit-Branch: main
                                Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                                Gerrit-Change-Number: 7656843
                                Gerrit-PatchSet: 11
                                Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                                Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                                Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                                Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                                Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                                Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                                Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                                Gerrit-CC: AyeAye Python Dispatcher <android-build-ayeay...@system.gserviceaccount.com>
                                Gerrit-CC: Blink W3C Test Autoroller <blink-w3c-te...@chromium.org>
                                Gerrit-CC: Heron Yang <hero...@google.com>
                                Gerrit-CC: Hiroki Nakagawa <nhi...@chromium.org>
                                Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                                Gerrit-CC: Mike West <mk...@chromium.org>
                                Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                                Gerrit-Attention: Andrew Verge <ave...@chromium.org>
                                Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
                                Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                                Gerrit-Attention: Adam Rice <ri...@chromium.org>
                                Gerrit-Comment-Date: Fri, 20 Mar 2026 16:26:47 +0000
                                Gerrit-HasComments: Yes
                                Gerrit-Has-Labels: No
                                Comment-In-Reply-To: Andrew Verge <ave...@chromium.org>
                                satisfied_requirement
                                unsatisfied_requirement
                                open
                                diffy

                                Andrew Verge (Gerrit)

                                unread,
                                Mar 20, 2026, 12:36:06 PM (3 days ago) Mar 20
                                to Tianyi Hu, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                Attention needed from Adam Rice, Ken Buchanan, Kenichi Ishibashi and Tianyi Hu

                                Andrew Verge voted Code-Review+1

                                Code-Review+1
                                Open in Gerrit

                                Related details

                                Attention is currently required from:
                                • Adam Rice
                                • Ken Buchanan
                                • Kenichi Ishibashi
                                • Tianyi Hu
                                Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
                                Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                                Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                                Gerrit-Attention: Adam Rice <ri...@chromium.org>
                                Gerrit-Comment-Date: Fri, 20 Mar 2026 16:35:59 +0000
                                Gerrit-HasComments: No
                                Gerrit-Has-Labels: Yes
                                satisfied_requirement
                                unsatisfied_requirement
                                open
                                diffy

                                Andrew Verge (Gerrit)

                                unread,
                                Mar 20, 2026, 4:50:19 PM (3 days ago) Mar 20
                                to Tianyi Hu, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Kenichi Ishibashi, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                Attention needed from Adam Rice, Ken Buchanan, Kenichi Ishibashi and Tianyi Hu

                                Andrew Verge added 1 comment

                                Patchset-level comments
                                File-level comment, Patchset 11 (Latest):
                                Andrew Verge . resolved

                                ri...@chromium.org ba...@chromium.org One more browsertest file was added which needs OWNERS approval, could one of you please take a look? Thanks!

                                Gerrit-Comment-Date: Fri, 20 Mar 2026 20:50:12 +0000
                                Gerrit-HasComments: Yes
                                Gerrit-Has-Labels: No
                                satisfied_requirement
                                unsatisfied_requirement
                                open
                                diffy

                                Kenichi Ishibashi (Gerrit)

                                unread,
                                Mar 22, 2026, 6:47:00 PM (18 hours ago) Mar 22
                                to Tianyi Hu, Andrew Verge, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                Attention needed from Adam Rice, Ken Buchanan and Tianyi Hu

                                Kenichi Ishibashi voted Code-Review+1

                                Code-Review+1
                                Open in Gerrit

                                Related details

                                Attention is currently required from:
                                • Adam Rice
                                • Ken Buchanan
                                • Tianyi Hu
                                Submit Requirements:
                                • requirement satisfiedCode-Coverage
                                • requirement satisfiedCode-Owners
                                • requirement satisfiedCode-Review
                                • requirement satisfiedReview-Enforcement
                                Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                                Gerrit-Attention: Adam Rice <ri...@chromium.org>
                                Gerrit-Comment-Date: Sun, 22 Mar 2026 22:46:45 +0000
                                Gerrit-HasComments: No
                                Gerrit-Has-Labels: Yes
                                satisfied_requirement
                                open
                                diffy

                                Andrew Verge (Gerrit)

                                unread,
                                Mar 22, 2026, 10:10:08 PM (15 hours ago) Mar 22
                                to Tianyi Hu, Kenichi Ishibashi, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                Attention needed from Adam Rice, Ken Buchanan and Tianyi Hu

                                Andrew Verge voted Commit-Queue+2

                                Commit-Queue+2
                                Gerrit-Comment-Date: Mon, 23 Mar 2026 02:10:02 +0000
                                Gerrit-HasComments: No
                                Gerrit-Has-Labels: Yes
                                satisfied_requirement
                                open
                                diffy

                                Tianyi Hu (Gerrit)

                                unread,
                                Mar 22, 2026, 11:49:52 PM (13 hours ago) Mar 22
                                to Kenichi Ishibashi, Andrew Verge, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                Attention needed from Adam Rice, Andrew Verge, Ken Buchanan and Kenichi Ishibashi

                                Tianyi Hu added 1 comment

                                Patchset-level comments
                                File-level comment, Patchset 12 (Latest):
                                Tianyi Hu . resolved

                                fix merge conflict

                                Open in Gerrit

                                Related details

                                Attention is currently required from:
                                • Adam Rice
                                • Andrew Verge
                                • Ken Buchanan
                                • Kenichi Ishibashi
                                  Submit Requirements:
                                    • requirement satisfiedCode-Coverage
                                    • requirement satisfiedCode-Owners
                                    • requirement is not satisfiedCode-Review
                                    • requirement is not satisfiedReview-Enforcement
                                    Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                                    Gerrit-MessageType: comment
                                    Gerrit-Project: chromium/src
                                    Gerrit-Branch: main
                                    Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                                    Gerrit-Change-Number: 7656843
                                    Gerrit-PatchSet: 12
                                    Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                                    Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                                    Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                                    Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                                    Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                                    Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                                    Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                                    Gerrit-CC: AyeAye Python Dispatcher <android-build-ayeay...@system.gserviceaccount.com>
                                    Gerrit-CC: Blink W3C Test Autoroller <blink-w3c-te...@chromium.org>
                                    Gerrit-CC: Heron Yang <hero...@google.com>
                                    Gerrit-CC: Hiroki Nakagawa <nhi...@chromium.org>
                                    Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                                    Gerrit-CC: Mike West <mk...@chromium.org>
                                    Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                                    Gerrit-Attention: Andrew Verge <ave...@chromium.org>
                                    Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                                    Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
                                    Gerrit-Attention: Adam Rice <ri...@chromium.org>
                                    Gerrit-Comment-Date: Mon, 23 Mar 2026 03:49:42 +0000
                                    Gerrit-HasComments: Yes
                                    Gerrit-Has-Labels: No
                                    satisfied_requirement
                                    unsatisfied_requirement
                                    open
                                    diffy

                                    Andrew Verge (Gerrit)

                                    unread,
                                    8:18 AM (5 hours ago) 8:18 AM
                                    to Tianyi Hu, Kenichi Ishibashi, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Ken Buchanan, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                    Attention needed from Adam Rice, Ken Buchanan, Kenichi Ishibashi and Tianyi Hu

                                    Andrew Verge voted Code-Review+1

                                    Code-Review+1
                                    Open in Gerrit

                                    Related details

                                    Attention is currently required from:
                                    • Adam Rice
                                    • Ken Buchanan
                                    • Kenichi Ishibashi
                                    • Tianyi Hu
                                    Gerrit-Attention: Kenichi Ishibashi <ba...@chromium.org>
                                    Gerrit-Attention: Ken Buchanan <ke...@chromium.org>
                                    Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                                    Gerrit-Attention: Adam Rice <ri...@chromium.org>
                                    Gerrit-Comment-Date: Mon, 23 Mar 2026 12:17:53 +0000
                                    Gerrit-HasComments: No
                                    Gerrit-Has-Labels: Yes
                                    satisfied_requirement
                                    unsatisfied_requirement
                                    open
                                    diffy

                                    Ken Buchanan (Gerrit)

                                    unread,
                                    9:13 AM (4 hours ago) 9:13 AM
                                    to Tianyi Hu, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                    Attention needed from Adam Rice, Kenichi Ishibashi and Tianyi Hu

                                    Ken Buchanan voted Code-Review+1

                                    Code-Review+1
                                    Open in Gerrit

                                    Related details

                                    Attention is currently required from:
                                    • Adam Rice
                                    • Kenichi Ishibashi
                                    • Tianyi Hu
                                    Submit Requirements:
                                      • requirement satisfiedCode-Coverage
                                      • requirement satisfiedCode-Owners
                                      • requirement satisfiedCode-Review
                                      • requirement satisfiedReview-Enforcement
                                      Gerrit-Attention: Tianyi Hu <oscar...@gmail.com>
                                      Gerrit-Attention: Adam Rice <ri...@chromium.org>
                                      Gerrit-Comment-Date: Mon, 23 Mar 2026 13:13:04 +0000
                                      Gerrit-HasComments: No
                                      Gerrit-Has-Labels: Yes
                                      satisfied_requirement
                                      open
                                      diffy

                                      Andrew Verge (Gerrit)

                                      unread,
                                      9:53 AM (3 hours ago) 9:53 AM
                                      to Tianyi Hu, Ken Buchanan, Kenichi Ishibashi, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, Chromium LUCI CQ, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org
                                      Attention needed from Adam Rice, Kenichi Ishibashi and Tianyi Hu

                                      Andrew Verge voted Commit-Queue+2

                                      Commit-Queue+2
                                      Gerrit-Comment-Date: Mon, 23 Mar 2026 13:53:07 +0000
                                      Gerrit-HasComments: No
                                      Gerrit-Has-Labels: Yes
                                      satisfied_requirement
                                      open
                                      diffy

                                      Chromium LUCI CQ (Gerrit)

                                      unread,
                                      10:11 AM (3 hours ago) 10:11 AM
                                      to Tianyi Hu, Ken Buchanan, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, AyeAye Python Dispatcher, Blink W3C Test Autoroller, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org

                                      Chromium LUCI CQ submitted the change

                                      Change information

                                      Commit message:
                                      [Connection-Allowlist] Plumb network_restrictions_id through CreateWebSocket

                                      WebSocketConnectorImpl::Connect() did not pass the
                                      network_restrictions_id from DocumentAssociatedData to
                                      NetworkContext::CreateWebSocket(), so Connection-Allowlist
                                      restrictions were not enforced on WebSocket connections.

                                      Add network_restrictions_id parameter to the CreateWebSocket
                                      mojom interface and check IsNetworkForNonceAndUrlAllowed() in
                                      WebSocketFactory::CreateWebSocket(). Convert ws(s):// to
                                      http(s):// before matching since allowlist patterns use HTTP
                                      schemes.
                                      Bug: 491719775
                                      Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                                      Reviewed-by: Ken Buchanan <ke...@chromium.org>
                                      Reviewed-by: Andrew Verge <ave...@chromium.org>
                                      Commit-Queue: Andrew Verge <ave...@chromium.org>
                                      Cr-Commit-Position: refs/heads/main@{#1603445}
                                      Files:
                                      • M chrome/browser/net/network_context_configuration_browsertest.cc
                                      • M chrome/browser/net/websocket_browsertest.cc
                                      • M components/private_ai/websocket_client.cc
                                      • M content/browser/loader/connection_allowlist_browsertest.cc
                                      • M content/browser/renderer_host/render_frame_host_impl.cc
                                      • M content/browser/service_worker/service_worker_host.cc
                                      • M content/browser/websockets/websocket_connector_impl.cc
                                      • M content/browser/websockets/websocket_connector_impl.h
                                      • M content/browser/worker_host/dedicated_worker_host.cc
                                      • M content/browser/worker_host/shared_worker_host.cc
                                      • M device/fido/cable/fido_tunnel_device.cc
                                      • M device/fido/cable/v2_authenticator.cc
                                      • M device/fido/cable/v2_discovery_unittest.cc
                                      • M device/fido/cable/v2_test_util.cc
                                      • M device/fido/enclave/enclave_websocket_client.cc
                                      • M services/network/network_context.cc
                                      • M services/network/network_context.h
                                      • M services/network/public/mojom/network_context.mojom
                                      • M services/network/test/test_network_context.h
                                      • M services/network/websocket_factory.cc
                                      • M services/network/websocket_factory.h
                                      • M services/network/websocket_factory_unittest.cc
                                      • A third_party/blink/web_tests/external/wpt/connection-allowlist/tentative/websocket.sub.window.js
                                      • A third_party/blink/web_tests/external/wpt/connection-allowlist/tentative/websocket.sub.window.js.sub.headers
                                      Change size: M
                                      Delta: 24 files changed, 183 insertions(+), 29 deletions(-)
                                      Branch: refs/heads/main
                                      Submit Requirements:
                                      • requirement satisfiedCode-Review: +1 by Andrew Verge, +1 by Ken Buchanan
                                      Open in Gerrit
                                      Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                                      Gerrit-MessageType: merged
                                      Gerrit-Project: chromium/src
                                      Gerrit-Branch: main
                                      Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                                      Gerrit-Change-Number: 7656843
                                      Gerrit-PatchSet: 13
                                      Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                                      Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                                      Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                                      Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                                      Gerrit-Reviewer: Chromium LUCI CQ <chromiu...@luci-project-accounts.iam.gserviceaccount.com>
                                      Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                                      Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                                      Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                                      Gerrit-CC: AyeAye Python Dispatcher <android-build-ayeay...@system.gserviceaccount.com>
                                      Gerrit-CC: Blink W3C Test Autoroller <blink-w3c-te...@chromium.org>
                                      open
                                      diffy
                                      satisfied_requirement

                                      Blink W3C Test Autoroller (Gerrit)

                                      unread,
                                      10:52 AM (2 hours ago) 10:52 AM
                                      to Chromium LUCI CQ, Tianyi Hu, Ken Buchanan, Andrew Verge, Kenichi Ishibashi, Hiroki Nakagawa, AyeAye Python Dispatcher, Adam Rice, Christian Dullweber, Shivani Sharma, Mike West, AyeAye, chromium...@chromium.org, Heron Yang, Mangesh Ghiware, blink-...@chromium.org, blink-revie...@chromium.org, alexmo...@chromium.org, blink-work...@chromium.org, creis...@chromium.org, derinel+wat...@google.com, fenced-fra...@chromium.org, horo+...@chromium.org, kinuko+ser...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org, net-r...@chromium.org, network-ser...@chromium.org, servicewor...@chromium.org, shimazu+se...@chromium.org, webauthn...@chromium.org

                                      Message from Blink W3C Test Autoroller

                                      The WPT PR for this CL has been merged upstream! https://github.com/web-platform-tests/wpt/pull/58646

                                      Open in Gerrit

                                      Related details

                                      Attention set is empty
                                      Submit Requirements:
                                      • requirement satisfiedCode-Coverage
                                      • requirement satisfiedCode-Owners
                                      • requirement satisfiedCode-Review
                                      • requirement satisfiedReview-Enforcement
                                      Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. DiffyGerrit
                                      Gerrit-MessageType: comment
                                      Gerrit-Project: chromium/src
                                      Gerrit-Branch: main
                                      Gerrit-Change-Id: I432792e881610fc5514ed4399c7009b491d02643
                                      Gerrit-Change-Number: 7656843
                                      Gerrit-PatchSet: 13
                                      Gerrit-Owner: Tianyi Hu <oscar...@gmail.com>
                                      Gerrit-Reviewer: Adam Rice <ri...@chromium.org>
                                      Gerrit-Reviewer: Andrew Verge <ave...@chromium.org>
                                      Gerrit-Reviewer: Christian Dullweber <dull...@chromium.org>
                                      Gerrit-Reviewer: Chromium LUCI CQ <chromiu...@luci-project-accounts.iam.gserviceaccount.com>
                                      Gerrit-Reviewer: Ken Buchanan <ke...@chromium.org>
                                      Gerrit-Reviewer: Kenichi Ishibashi <ba...@chromium.org>
                                      Gerrit-Reviewer: Tianyi Hu <oscar...@gmail.com>
                                      Gerrit-CC: AyeAye Python Dispatcher <android-build-ayeay...@system.gserviceaccount.com>
                                      Gerrit-CC: Blink W3C Test Autoroller <blink-w3c-te...@chromium.org>
                                      Gerrit-CC: Heron Yang <hero...@google.com>
                                      Gerrit-CC: Hiroki Nakagawa <nhi...@chromium.org>
                                      Gerrit-CC: Mangesh Ghiware <mghi...@google.com>
                                      Gerrit-CC: Mike West <mk...@chromium.org>
                                      Gerrit-CC: Shivani Sharma <shiva...@chromium.org>
                                      Gerrit-Comment-Date: Mon, 23 Mar 2026 14:52:19 +0000
                                      Gerrit-HasComments: No
                                      Gerrit-Has-Labels: No
                                      satisfied_requirement
                                      open
                                      diffy
                                      Reply all
                                      Reply to author
                                      Forward
                                      0 new messages