content/browser/renderer_host/resource_dispatcher_host.cc - Issue 7873007: Restricting redirects to chrome:

Side by Side Diff: content/browser/renderer_host/resource_dispatcher_host.cc

Issue 7873007: Restricting redirects to chrome: (Closed) Base URL: http://git.chromium.org/git/chromium.git@trunk

Patch Set: Improving that path so it doesn't break things Created 9 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« content/browser/child_process_security_policy.cc ('K') | « content/browser/child_process_security_policy_unittest.cc ('k') | no next file » | no next file with comments »

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading	5 // See http://dev.chromium.org/developers/design-documents/multi-process-resourc e-loading

6	6

7 #include "content/browser/renderer_host/resource_dispatcher_host.h"	7 #include "content/browser/renderer_host/resource_dispatcher_host.h"

8	8

9 #include <set>	9 #include <set>

10 #include <vector>	10 #include <vector>

(...skipping 1171 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1182 void ResourceDispatcherHost::OnReceivedRedirect(net::URLRequest* request,	1182 void ResourceDispatcherHost::OnReceivedRedirect(net::URLRequest* request,

1183 const GURL& new_url,	1183 const GURL& new_url,

1184 bool* defer_redirect) {	1184 bool* defer_redirect) {

1185 VLOG(1) << "OnReceivedRedirect: " << request->url().spec();	1185 VLOG(1) << "OnReceivedRedirect: " << request->url().spec();

1186 ResourceDispatcherHostRequestInfo* info = InfoForRequest(request);	1186 ResourceDispatcherHostRequestInfo* info = InfoForRequest(request);

1187	1187

1188 DCHECK(request->status().is_success());	1188 DCHECK(request->status().is_success());

1189	1189

1190 if (info->process_type() != ChildProcessInfo::PLUGIN_PROCESS &&	1190 if (info->process_type() != ChildProcessInfo::PLUGIN_PROCESS &&

1191 !ChildProcessSecurityPolicy::GetInstance()->	1191 !ChildProcessSecurityPolicy::GetInstance()->

1192 CanRequestURL(info->child_id(), new_url)) {	1192 CanRedirectURL(info->child_id(), new_url)) {

1193 VLOG(1) << "Denied unauthorized request for "	1193 VLOG(1) << "Denied unauthorized request for "

1194 << new_url.possibly_invalid_spec();	1194 << new_url.possibly_invalid_spec();

1195	1195

1196 // Tell the renderer that this request was disallowed.	1196 // Tell the renderer that this request was disallowed.

1197 CancelRequestInternal(request, false);	1197 CancelRequestInternal(request, false);

1198 return;	1198 return;

1199 }	1199 }

1200	1200

1201 NotifyReceivedRedirect(request, info->child_id(), new_url);	1201 NotifyReceivedRedirect(request, info->child_id(), new_url);

1202	1202

(...skipping 929 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
2132 return HTTP_AUTH_RESOURCE_BLOCKED_CROSS;	2132 return HTTP_AUTH_RESOURCE_BLOCKED_CROSS;

2133 }	2133 }

2134	2134

2135 bool ResourceDispatcherHost::allow_cross_origin_auth_prompt() {	2135 bool ResourceDispatcherHost::allow_cross_origin_auth_prompt() {

2136 return allow_cross_origin_auth_prompt_;	2136 return allow_cross_origin_auth_prompt_;

2137 }	2137 }

2138	2138

2139 void ResourceDispatcherHost::set_allow_cross_origin_auth_prompt(bool value) {	2139 void ResourceDispatcherHost::set_allow_cross_origin_auth_prompt(bool value) {

2140 allow_cross_origin_auth_prompt_ = value;	2140 allow_cross_origin_auth_prompt_ = value;

2141 }	2141 }

OLD	NEW