Chromium Code Reviews Chromium Code Reviews
Issue 5698005:
Add support for gcf:about:plugins in chrome frame full tab mode. The URL vali... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| Index: chrome_frame/chrome_frame_activex_base.h |
| =================================================================== |
| --- chrome_frame/chrome_frame_activex_base.h (revision 68604) |
| +++ chrome_frame/chrome_frame_activex_base.h (working copy) |
| @@ -149,10 +149,6 @@ |
| extern bool g_first_launch_by_process_; |
| -// Posted when the worker thread used for handling URL requests in IE finishes |
| -// uninitialization. |
| -#define WM_WORKER_THREAD_UNINITIALIZED_MSG (WM_APP + 1) |
| - |
| // Common implementation for ActiveX and Active Document |
| template <class T, const CLSID& class_id> |
| class ATL_NO_VTABLE ChromeFrameActivexBase : // NOLINT |
| @@ -173,7 +169,8 @@ |
| public IPropertyNotifySinkCP<T>, |
| public CComCoClass<T, &class_id>, |
| public CComControl<T>, |
| - public ChromeFramePlugin<T> { |
| + public ChromeFramePlugin<T>, |
| + public NavigationConstraintsImpl { |
| protected: |
| typedef std::set<base::win::ScopedComPtr<IDispatch> > EventHandlers; |
| typedef ChromeFrameActivexBase<T, class_id> BasePlugin; |
| @@ -575,6 +572,42 @@ |
| Fire_onclose(); |
| } |
| + // NavigationConstraints overrides. |
| + virtual bool IsSchemeAllowed(const GURL&url) { |
|
amit
2010/12/10 23:56:17
nit: space after &
ananta
2010/12/11 02:11:11
Done.
|
| + bool allowed = NavigationConstraintsImpl::IsSchemeAllowed(url); |
| + if (allowed) |
| + return true; |
| + |
| + if (is_privileged_ && |
| + (url.SchemeIs(chrome::kDataScheme) || |
| + url.SchemeIs(chrome::kExtensionScheme))) { |
| + return true; |
| + } |
| + return false; |
| + } |
| + |
| + virtual bool IsZoneAllowed(const GURL& url) { |
| + if (!security_manager_) { |
| + HRESULT hr = security_manager_.CreateInstance( |
| + CLSID_InternetSecurityManager); |
| + if (FAILED(hr)) { |
| + NOTREACHED() << __FUNCTION__ |
| + << " Failed to create SecurityManager. Error: 0x%x" |
| + << hr; |
| + return false; |
| + } |
| + } |
| + DWORD zone = URLZONE_INVALID; |
| + std::wstring unicode_url = UTF8ToWide(url.spec()); |
| + security_manager_->MapUrlToZone(unicode_url.c_str(), &zone, 0); |
| + if (zone == URLZONE_UNTRUSTED) { |
| + DLOG(WARNING) << __FUNCTION__ |
| + << " Disallowing navigation to restricted url: " << url; |
| + return false; |
| + } |
| + return true; |
| + } |
| + |
| // Overridden to take advantage of readystate prop changes and send those |
| // to potential listeners. |
| HRESULT FireOnChanged(DISPID dispid) { |
| @@ -611,7 +644,7 @@ |
| // of navigation just after CreateExternalTab is done. |
| if (!automation_client_->InitiateNavigation(full_url, |
| GetDocumentUrl(), |
| - is_privileged_)) { |
| + this)) { |
| // TODO(robertshield): Make InitiateNavigation return more useful |
| // error information. |
| return E_INVALIDARG; |
| @@ -1277,6 +1310,7 @@ |
| // Handle network requests when host network stack is used. Passed to the |
| // automation client on initialization. |
| scoped_ptr<UrlmonUrlRequestManager> url_fetcher_; |
| + ScopedComPtr<IInternetSecurityManager> security_manager_; |
| HINSTANCE prev_resource_instance_; |
| }; |
