Manifests previously allowed overriding any URL within a given origin. Scope checking is being introduced to ensure only URLs within a manifest's scope can be overridden. The default manifest scope will be the path to the manifest's enclosing directory. Sites that desire a manifest be given a broader scope can add a response header "X-AppCache-Allowed: /" to manifest responses to preserve the previous behavior.
Chromium's AppCache implementation supports non-spec-compliant resource overrides in the CHROMIUM-INTERCEPT and FALLBACK manifest sections. Recently we discovered complicating security issues due to this support and so we're adding the concept of a scope to the AppCache manifest to ensure that only resources that fall within that scope are allowed to be overridden. Introducing these measures in this way allows mitigating the security issue while retaining the functionality sites expect. If a site requires the previous behavior of an origin-wide manifest scope, sites can add a response header "X-AppCache-Allowed: /" to manifest responses.
Explainers: No explainer is available. The description here serves as the announcement for this change.