Add support for gcf:about:plugins in chrome frame full tab mode. The URL vali...

chrome_frame/utils.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome_frame/utils.h"
 
 #include <htiframe.h>
 #include <mshtml.h>
 #include <shlobj.h>
 
@@ skipping 11 matching lines @@
 #include "base/stringprintf.h"
 #include "base/thread_local.h"
 #include "base/utf_string_conversions.h"
 #include "base/win/registry.h"
 #include "base/win/scoped_bstr.h"
 #include "base/win/scoped_comptr.h"
 #include "base/win/scoped_variant.h"
 #include "chrome/common/chrome_paths_internal.h"
 #include "chrome/common/url_constants.h"
 #include "chrome/installer/util/chrome_frame_distribution.h"
+#include "chrome_frame/chrome_frame_delegate.h"
 #include "chrome_frame/extra_system_apis.h"
 #include "chrome_frame/html_utils.h"
 #include "chrome_frame/policy_settings.h"
 #include "chrome_frame/simple_resource_loader.h"
 #include "googleurl/src/gurl.h"
 #include "googleurl/src/url_canon.h"
 #include "grit/chromium_strings.h"
 #include "net/base/escape.h"
 #include "net/http/http_util.h"
 
+// Include without path to make GYP build see it.
+#include "chrome_tab.h"  // NOLINT
+
 using base::win::RegKey;
 using base::win::ScopedComPtr;
 
 // Note that these values are all lower case and are compared to
 // lower-case-transformed values.
 const wchar_t kMetaTag[] = L"meta";
 const wchar_t kHttpEquivAttribName[] = L"http-equiv";
 const wchar_t kContentAttribName[] = L"content";
 const wchar_t kXUACompatValue[] = L"x-ua-compatible";
 const wchar_t kBodyTag[] = L"body";
@@ skipping 1364 matching lines @@
 
 void ChromeFrameUrl::Reset() {
   attach_to_external_tab_ = false;
   is_chrome_protocol_ = false;
   cookie_ = 0;
   dimensions_.SetRect(0, 0, 0, 0);
   disposition_ = 0;
   profile_name_.clear();
 }
 
-bool CanNavigate(const GURL& url, IInternetSecurityManager* security_manager,
-                 bool is_privileged) {
+bool CanNavigate(const GURL& url,
+                 NavigationConstraints* navigation_constraints) {
   if (!url.is_valid()) {
     DLOG(ERROR) << "Invalid URL passed to InitiateNavigation: " << url;
     return false;
   }
 
-  // No sanity checks if unsafe URLs are allowed
-  if (GetConfigBool(false, kAllowUnsafeURLs))
+  if (!navigation_constraints)

[amit, 2010/12/10 23:56:17]

We must have navigation_constraints, so crash if we don't?

[ananta, 2010/12/11 02:11:11]

Replaced with a NOTREACHED and return false.

     return true;
 
-  if (!IsValidUrlScheme(url, is_privileged)) {
+  // No sanity checks if unsafe URLs are allowed
+  if (navigation_constraints->AllowUnsafeUrls())
+    return true;
+
+  if (!navigation_constraints->IsSchemeAllowed(url)) {
     DLOG(WARNING) << __FUNCTION__ << " Disallowing navigation to url: " << url;
     return false;
   }
 
-  // Allow only about:blank or about:version
-  if (url.SchemeIs(chrome::kAboutScheme)) {
-    if (!LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL) &&
-        !LowerCaseEqualsASCII(url.spec(), chrome::kAboutVersionURL)) {
-      DLOG(WARNING) << __FUNCTION__
-                    << " Disallowing navigation to about url: " << url;
-      return false;
-    }
+  if (!navigation_constraints->IsZoneAllowed(url)) {
+    DLOG(WARNING) << __FUNCTION__
+                  << " Disallowing navigation to restricted url: " << url;
+    return false;
   }
-
-  // Prevent navigations to URLs in untrusted zone, even in Firefox.
-  if (security_manager) {
-    DWORD zone = URLZONE_INVALID;
-    std::wstring unicode_url = UTF8ToWide(url.spec());
-    security_manager->MapUrlToZone(unicode_url.c_str(), &zone, 0);
-    if (zone == URLZONE_UNTRUSTED) {
-      DLOG(WARNING) << __FUNCTION__
-                    << " Disallowing navigation to restricted url: " << url;
-      return false;
-    }
-  }
-
   return true;
 }
 
 void PinModule() {
   static bool s_pinned = false;
   if (!s_pinned && !IsUnpinnedMode()) {
     FilePath module_path;
     if (PathService::Get(base::FILE_MODULE, &module_path)) {
       HMODULE unused;
       if (!GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_PIN,
@@ skipping 95 matching lines @@
 
 void EnumerateKeyValues(HKEY parent_key, const wchar_t* sub_key_name,
                         std::vector<std::wstring>* values) {
   DCHECK(values);
   base::win::RegistryValueIterator url_list(parent_key, sub_key_name);
   while (url_list.Valid()) {
     values->push_back(url_list.Value());
     ++url_list;
   }
 }
+
+bool IsChromeFrameDocument(IWebBrowser2* web_browser) {
+  ScopedComPtr<IDispatch> doc;
+  web_browser->get_Document(doc.Receive());
+  if (doc) {
+    ScopedComPtr<IChromeFrame> chrome_frame;
+    if (chrome_frame.QueryFrom(doc) == S_OK)
+      return true;
+  }
+  return false;
+}