content/browser/web_contents/web_contents_impl.cc - Issue 10080018: Don't allow sending data URLs to WebUI, unless in a ChromeOS BalloonHost.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/web_contents/web_contents_impl.cc

Issue 10080018: Don't allow sending data URLs to WebUI, unless in a ChromeOS BalloonHost. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix compile errors and crash in tests. Created 8 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « content/browser/web_contents/render_view_host_manager_unittest.cc ('k') | content/browser/web_contents/web_contents_impl_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: content/browser/web_contents/web_contents_impl.cc

diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc

index 4fb699e1e978630251e3df0cdb682c6357721b33..c3faed32b97fc3f177a43910e6d1d7b83e804294 100644

--- a/content/browser/web_contents/web_contents_impl.cc

+++ b/content/browser/web_contents/web_contents_impl.cc

@@ -1072,15 +1072,14 @@ bool WebContentsImpl::NavigateToEntry(

int enabled_bindings = dest_render_view_host->GetEnabledBindings();

WebUIControllerFactory* factory =

content::GetContentClient()->browser()->GetWebUIControllerFactory();

+ bool data_urls_allowed = delegate_ && delegate_->CanLoadDataURLsInWebUI();

bool is_allowed_in_web_ui_renderer =

factory &&

- factory->IsURLAcceptableForWebUI(GetBrowserContext(), entry.GetURL());

-#if defined(OS_CHROMEOS)

- is_allowed_in_web_ui_renderer |= entry.GetURL().SchemeIs(chrome::kDataScheme);

-#endif

+ factory->IsURLAcceptableForWebUI(GetBrowserContext(), entry.GetURL(),

+ data_urls_allowed);

if ((enabled_bindings & content::BINDINGS_POLICY_WEB_UI) &&

!is_allowed_in_web_ui_renderer) {

- // Log the URL to help us diagnose http://crbug.com/72235.

+ // Log the URL to help us diagnose any future failures of this CHECK.

content::GetContentClient()->SetActiveURL(entry.GetURL());

CHECK(0);

}