1ce9a206d4
This CL allows crossOriginIsolation enabled by DIP to always be enabled regardless of the crossOriginIsolation Permission Policy. This Permission Policy was introduced for documents enabling COI via COOP + COEP that were worried that a cross-origin iframe in the same process could use COI capabilities to attack them. However, DocumentIsolationPolicy ensures that cross-origin iframes are not in the same process, so there is no reason to abide by the permission policy, which would limit COI adoption for subframes. This CL ensures that the permission policy only applies to COI enabled by COOP and COEP, and not COI enabled by DIP. Bug: 389726682 Change-Id: I29ad09d985509ad8c9ff2965cb872a3d173cf1d0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6218367 Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Reviewed-by: Mike West <mkwst@chromium.org> Commit-Queue: Camille Lamy <clamy@chromium.org> Cr-Commit-Position: refs/heads/main@{#1416169}
Chromium
Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.
The project's web site is https://www.chromium.org.
To check out the source code locally, don't use git clone! Instead,
follow the instructions on how to get the code.
Documentation in the source is rooted in docs/README.md.
Learn how to Get Around the Chromium Source Code Directory Structure.
For historical reasons, there are some small top level directories. Now the guidance is that new top level directories are for product (e.g. Chrome, Android WebView, Ash). Even if these products have multiple executables, the code should be in subdirectories of the product.
If you found a bug, please file it at https://crbug.com/new.