Generate origins from nonces for sandboxed frames in browser process [chromium/src : main]
0 views
Skip to first unread message
Rakina Zata Amni (Gerrit)
Jan 29, 2026, 10:18:49 AM (yesterday) Jan 29
to Monica Chintala, Liang Zhao, Chromium LUCI CQ, chromium...@chromium.org, Nate Chapin, edg...@microsoft.com, alexmo...@chromium.org, blink-re...@chromium.org, blink-re...@chromium.org, blink-revi...@chromium.org, blink-...@chromium.org, creis...@chromium.org, gavinp...@chromium.org, loading...@chromium.org, navigation...@chromium.org
Attention needed from Liang Zhao and Monica Chintala
Rakina Zata Amni added 4 comments![]( "Open in Gerrit")
Patchset-level comments
File content/browser/renderer_host/render_frame_host_impl.cc
Line 5516, Patchset 16 (Latest):
if (new_frame_should_be_sandboxed) {Rakina Zata Amni . unresolved
Can you please protect this (and other paths if needed) behind a killswitch flag so that we can turn it off easily in case there are some bugs found in the wild?
Line 10113, Patchset 16 (Latest):
} else {
// For non-sandboxed windows, derive a new opaque origin from creator.
sandbox_new_window_origin =
sandbox_new_window_origin.DeriveNewOpaqueOrigin();Rakina Zata Amni . unresolved
What if we don't send an origin for the non-sandboxed case? Also why is the non-sandboxed case also opaque?
File content/common/render_message_filter.mojom
Line 17, Patchset 16 (Latest):
mojo_base.mojom.UnguessableToken? sandbox_origin_token;Rakina Zata Amni . unresolved
Let's add some comments here since this one isn't needed for routing
Related details
Attention is currently required from:
- Liang Zhao
- Monica Chintala
Submit Requirements:
Code-Coverage
Code-Owners
Code-Review
No-Unresolved-Comments
Review-Enforcement
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages