Prevent registerProtocolHandler for pseudo-schemes and disabled schemes.

chrome/browser/ui/tab_contents/tab_contents_wrapper.cc

Index: chrome/browser/ui/tab_contents/tab_contents_wrapper.cc
diff --git a/chrome/browser/ui/tab_contents/tab_contents_wrapper.cc b/chrome/browser/ui/tab_contents/tab_contents_wrapper.cc
index 4f7e6746323ca004a1aa24371f85838a5ed39cba..95d34b782fd56598264dee7a3c36c52b681113b3 100644
--- a/chrome/browser/ui/tab_contents/tab_contents_wrapper.cc
+++ b/chrome/browser/ui/tab_contents/tab_contents_wrapper.cc
@@ -45,6 +45,7 @@
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/render_messages.h"
+#include "content/browser/child_process_security_policy.h"
 #include "content/browser/renderer_host/render_view_host.h"
 #include "content/browser/tab_contents/tab_contents.h"
 #include "content/common/notification_service.h"
@@ -503,10 +504,15 @@ void TabContentsWrapper::OnJSOutOfMemory() {
 void TabContentsWrapper::OnRegisterProtocolHandler(const std::string& protocol,
                                                    const GURL& url,
                                                    const string16& title) {
+  ChildProcessSecurityPolicy* policy =
+      ChildProcessSecurityPolicy::GetInstance();
+  if (policy->IsPseudoScheme(protocol) || policy->IsDisabledScheme(protocol))
+    return;
+
   ProtocolHandlerRegistry* registry = profile()->GetProtocolHandlerRegistry();
-  if (!registry->enabled()) {
+  if (!registry->enabled())
     return;
-  }
+
   ProtocolHandler handler =
       ProtocolHandler::CreateProtocolHandler(protocol, url, title);
   if (!handler.IsEmpty() &&