Add API to create origins from nonces for sandboxed frames [chromium/src : main]

0 views

Skip to first unread message

Monica Chintala (Gerrit)

unread,

Jan 27, 2026, 4:47:43 PM (3 days ago) Jan 27

to Daniel Cheng, Rakina Zata Amni, AyeAye, Liang Zhao, Dave Risney, Chromium IPC Reviews, Chromium LUCI CQ, chromium...@chromium.org, blink-re...@chromium.org, edg...@microsoft.com, alexmo...@chromium.org, blink-re...@chromium.org, blink-revi...@chromium.org, blink-...@chromium.org, creis...@chromium.org, gavinp...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org

Attention needed from Daniel Cheng, Dave Risney, Liang Zhao and Rakina Zata Amni

Monica Chintala added 2 comments

File content/common/sandboxed_opaque_origin_creator.h

Line 42, Patchset 24: SandboxedOpaqueOriginCreator() = delete;

Rakina Zata Amni . resolved

Please fix this WARNING reported by ClangTidy: check: modernize-use-equals-delete
deleted member function should be public (ht...
check: modernize-use-equals-delete
deleted member function should be public (https://clang.llvm.org/extra/clang-tidy/checks/modernize/use-equals-delete.html)
(Note: You can add `Skip-Clang-Tidy-Checks: modernize-use-equals-delete` footer to the CL description to skip the check)
(Lint observed on `android-clang-tidy-rel`, but not on `linux-clang-tidy-rel` or `mac-clang-tidy-rel`)

Monica Chintala

Done

File third_party/blink/renderer/platform/weborigin/sandboxed_opaque_security_origin_creator.h

Line 20, Patchset 24:// with specified nonces for sandboxed iframes. This class should NOT be used

Rakina Zata Amni . resolved

Since we are expanding this to top-level frames as well, let's update mentions of "iframes" to just "frames"

Monica Chintala

Done

Open in Gerrit

Related details

Attention is currently required from:

Daniel Cheng
Dave Risney
Liang Zhao
Rakina Zata Amni

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
No-Unresolved-Comments
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Rakina Zata Amni (Gerrit)

unread,

Jan 29, 2026, 10:24:31 AM (yesterday) Jan 29

to Monica Chintala, Daniel Cheng, AyeAye, Liang Zhao, Dave Risney, Chromium IPC Reviews, Chromium LUCI CQ, chromium...@chromium.org, blink-re...@chromium.org, edg...@microsoft.com, alexmo...@chromium.org, blink-re...@chromium.org, blink-revi...@chromium.org, blink-...@chromium.org, creis...@chromium.org, gavinp...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, loading...@chromium.org, navigation...@chromium.org

Attention needed from Daniel Cheng, Dave Risney, Liang Zhao and Monica Chintala

Rakina Zata Amni added 2 comments

File content/common/sandboxed_opaque_origin_creator.h

Line 5, Patchset 29 (Latest):#ifndef CONTENT_COMMON_SANDBOXED_OPAQUE_ORIGIN_CREATOR_H_

Rakina Zata Amni . unresolved

This doesn't seem to be used in the renderer, can this be in content/browser/ instead?

File url/origin.h

Line 184, Patchset 19: // Creates an origin with the given nonce and tuple.

Rakina Zata Amni . unresolved

Let's add a comment on what the intended use case is (about:blank sandboxed iframes), and how we don't plan to add any more use cases here.

Rakina Zata Amni

Probably still needed, at least like the comment in the SecurityOrigin version.

Open in Gerrit

Related details

Attention is currently required from:

Daniel Cheng
Dave Risney
Liang Zhao

Monica Chintala

satisfied_requirement

unsatisfied_requirement

open

diffy

Reply all

Reply to author

Forward

0 new messages