| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
if (stream_manager && stream_manager->IsPendingNativeFallback(I wonder if this results in 2 abortAndFallbacks.. eg cached body was stored for url A, 3p extension aborted, server redirected to url B, 3p extension loads again but for url B now, server returns body for url B now, built-in extension now loads.
PS I have a pending task to avoid reloading of the embedder and rather reload the mime handler iframe instead avoiding any network requests. That must fix both problems.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
if (stream_manager && stream_manager->IsPendingNativeFallback(I wonder if this results in 2 abortAndFallbacks.. eg cached body was stored for url A, 3p extension aborted, server redirected to url B, 3p extension loads again but for url B now, server returns body for url B now, built-in extension now loads.
PS I have a pending task to avoid reloading of the embedder and rather reload the mime handler iframe instead avoiding any network requests. That must fix both problems.
I believe so, but this is probably the secure and correct behavior. We can't splice A's cached body into B's navigation, but we also cannot assume B should bypass the 3p extension. This is also likely a rare edge case and won't have large performance impact.
Unless the task is small and easy to merge, it may be better to proceed with this smaller security fix and merge back.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Code-Review | +1 |
if (stream_manager && stream_manager->IsPendingNativeFallback(Andy PhanI wonder if this results in 2 abortAndFallbacks.. eg cached body was stored for url A, 3p extension aborted, server redirected to url B, 3p extension loads again but for url B now, server returns body for url B now, built-in extension now loads.
PS I have a pending task to avoid reloading of the embedder and rather reload the mime handler iframe instead avoiding any network requests. That must fix both problems.
I believe so, but this is probably the secure and correct behavior. We can't splice A's cached body into B's navigation, but we also cannot assume B should bypass the 3p extension. This is also likely a rare edge case and won't have large performance impact.
Unless the task is small and easy to merge, it may be better to proceed with this smaller security fix and merge back.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
+thestig@ for //chrome
+rdevlin.cronin@ for //extensions/browser/api/mime_handler/mime_handler_api_unittest.cc
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Code-Review | +1 |
reload was redirected (e.g. HTTP 302) to a different origin, the
attacker's cached body could be spliced under the victim's URL, leadingMaybe this can be "a hostile 3P extension" to clarify who the attacker is?
EXPECT_GT(page_count, 1);Just check for exactly 3 pages here?
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |