From d8c1659ae97b316a2424d120f67e78b71a532976 Mon Sep 17 00:00:00 2001 From: Yoav Weiss Date: Fri, 17 Jan 2020 17:00:51 +0000 Subject: [Backport] CVE-2020-6400 - Inappropriate implementation in CORS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Manual backport of patch originally reviewed on https://chromium-review.googlesource.com/c/chromium/src/+/1994288: [resource-timing] Error status code nav requests add entry to parent In [1] we made sure that subresource requests that get a failing status code still get their resource-timing entries reported. However, it seems like we failed to do the same with navigation requests that are typically reported to their parents. This CL fixes that. [1] https://chromium-review.googlesource.com/c/chromium/src/+/1796544 (cherry picked from commit add3de3e61bdd06d217307eca97f35e38f257aa9) Bug: 1038036 Change-Id: Ibbe908e21faad41cb6e28f6deb76dbaa368064a0 Reviewed-by: Jüri Valdmann --- chromium/third_party/blink/renderer/core/loader/document_loader.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chromium/third_party/blink/renderer/core/loader/document_loader.cc b/chromium/third_party/blink/renderer/core/loader/document_loader.cc index 8440c0e98d0..66a263a9aa3 100644 --- a/chromium/third_party/blink/renderer/core/loader/document_loader.cc +++ b/chromium/third_party/blink/renderer/core/loader/document_loader.cc @@ -579,7 +579,7 @@ void DocumentLoader::BodyLoadingFinished( navigation_timing_info_->SetFinalResponse(response_); navigation_timing_info_->AddFinalTransferSize( total_encoded_data_length == -1 ? 0 : total_encoded_data_length); - if (response_.HttpStatusCode() < 400 && report_timing_info_to_parent_) { + if (report_timing_info_to_parent_) { navigation_timing_info_->SetLoadResponseEnd(completion_time); if (state_ >= kCommitted) { // Note that we currently lose timing info for empty documents, -- cgit v1.2.1