diff options
author | Jack Hsieh <chengweih@chromium.org> | 2023-03-13 23:37:52 +0000 |
---|---|---|
committer | Michael BrĂ¼ning <michael.bruning@qt.io> | 2023-05-15 11:36:36 +0000 |
commit | 80a4577e2a50dbc181204a4352a2488a9d1ec657 (patch) | |
tree | 0707db03959d8eaf677a8408b332c4f5752802fa /chromium/net/tools/quic/quic_client.h | |
parent | 799b46219664a8b3f005cadeb02076590f6dbcc2 (diff) | |
download | qtwebengine-chromium-80a4577e2a50dbc181204a4352a2488a9d1ec657.tar.gz |
[Backport] CVE-2023-2462: Inappropriate implementation in Prompts (9/10)
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4313307:
serial: Handle opaque top level origin in addedEventListener
In navigator.serial.addEventListener, throw an exception if the request
is coming from a context whose top level frame has an opaque origin.
Bug: 1375133
Change-Id: Ie8ad8333b901f795f55658894551c73f755029c4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4313307
Commit-Queue: Jack Hsieh <chengweih@chromium.org>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1116683}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/476783
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
Diffstat (limited to 'chromium/net/tools/quic/quic_client.h')
0 files changed, 0 insertions, 0 deletions