Remove "open in new tab" items from context menu if the process doesn't

content/browser/child_process_security_policy.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/child_process_security_policy.h"
 
 #include "base/file_path.h"
 #include "base/logging.h"
 #include "base/metrics/histogram.h"
 #include "base/platform_file.h"
 #include "base/stl_util.h"
 #include "base/string_util.h"
 #include "content/browser/site_instance.h"
+#include "content/public/browser/content_browser_client.h"
 #include "content/public/common/bindings_policy.h"
 #include "content/public/common/url_constants.h"
 #include "googleurl/src/gurl.h"
 #include "net/url_request/url_request.h"
+#include "net/url_request/url_request_job_factory.h"
 
 static const int kReadFilePermissions =
     base::PLATFORM_FILE_OPEN |
     base::PLATFORM_FILE_READ |
     base::PLATFORM_FILE_EXCLUSIVE_READ |
     base::PLATFORM_FILE_ASYNC;
 
 static const int kEnumerateDirectoryPermissions =
     kReadFilePermissions |
     base::PLATFORM_FILE_ENUMERATE;
@@ skipping 166 matching lines @@
 
 void ChildProcessSecurityPolicy::RegisterWebSafeScheme(
     const std::string& scheme) {
   base::AutoLock lock(lock_);
   DCHECK(web_safe_schemes_.count(scheme) == 0) << "Add schemes at most once.";
   DCHECK(pseudo_schemes_.count(scheme) == 0) << "Web-safe implies not pseudo.";
 
   web_safe_schemes_.insert(scheme);
 }
 
-bool ChildProcessSecurityPolicy::IsWebSafeScheme(const std::string& scheme) {
+bool ChildProcessSecurityPolicy::IsWebSafeScheme(
+    const std::string& scheme) const {
   base::AutoLock lock(lock_);
-
   return (web_safe_schemes_.find(scheme) != web_safe_schemes_.end());
 }
 
 void ChildProcessSecurityPolicy::RegisterPseudoScheme(
     const std::string& scheme) {
   base::AutoLock lock(lock_);
   DCHECK(pseudo_schemes_.count(scheme) == 0) << "Add schemes at most once.";
   DCHECK(web_safe_schemes_.count(scheme) == 0) <<
       "Pseudo implies not web-safe.";
 
   pseudo_schemes_.insert(scheme);
 }
 
-bool ChildProcessSecurityPolicy::IsPseudoScheme(const std::string& scheme) {
+bool ChildProcessSecurityPolicy::IsPseudoScheme(
+    const std::string& scheme) const {
   base::AutoLock lock(lock_);
-
   return (pseudo_schemes_.find(scheme) != pseudo_schemes_.end());
 }
 
 void ChildProcessSecurityPolicy::RegisterDisabledSchemes(
     const std::set<std::string>& schemes) {
   base::AutoLock lock(lock_);
   disabled_schemes_ = schemes;
 }
 
-bool ChildProcessSecurityPolicy::IsDisabledScheme(const std::string& scheme) {
+bool ChildProcessSecurityPolicy::IsDisabledScheme(
+    const std::string& scheme) const {
   base::AutoLock lock(lock_);
   return disabled_schemes_.find(scheme) != disabled_schemes_.end();
 }
 
 void ChildProcessSecurityPolicy::GrantRequestURL(
     int child_id, const GURL& url) {
 
   if (!url.is_valid())
     return;  // Can't grant the capability to request invalid URLs.
 
@@ skipping 99 matching lines @@
   base::AutoLock lock(lock_);
 
   SecurityStateMap::iterator state = security_state_.find(child_id);
   if (state == security_state_.end())
     return;
 
   state->second->RevokeReadRawCookies();
 }
 
 bool ChildProcessSecurityPolicy::CanRequestURL(
-    int child_id, const GURL& url) {
+    int child_id,
+    const GURL& url,
+    const net::URLRequestJobFactory* job_factory) const {
   if (!url.is_valid())
     return false;  // Can't request invalid URLs.
 
   if (IsDisabledScheme(url.scheme()))
     return false; // The scheme is disabled by policy.
 
   if (IsWebSafeScheme(url.scheme()))
     return true;  // The scheme has been white-listed for every child process.
 
   if (IsPseudoScheme(url.scheme())) {
     // There are a number of special cases for pseudo schemes.
 
     if (url.SchemeIs(chrome::kViewSourceScheme)) {
       // A view-source URL is allowed if the child process is permitted to
       // request the embedded URL. Careful to avoid pointless recursion.
       GURL child_url(url.path());
       if (child_url.SchemeIs(chrome::kViewSourceScheme) &&
           url.SchemeIs(chrome::kViewSourceScheme))
           return false;
 
-      return CanRequestURL(child_id, child_url);
+      return CanRequestURL(child_id, child_url, NULL);
     }
 
     if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL))
       return true;  // Every child process can request <about:blank>.
 
     // URLs like <about:memory> and <about:crash> shouldn't be requestable by
     // any child process.  Also, this case covers <javascript:...>, which should
     // be handled internally by the process and not kicked up to the browser.
     return false;
   }
 
-  if (!net::URLRequest::IsHandledURL(url))
-    return true;  // This URL request is destined for ShellExecute.
+  if (job_factory) {
+    if (!job_factory->IsHandledURL(url))
+      return true;
+  } else {
+    if (!content::GetContentClient()->browser()->IsHandledURL(url))
+      return true;
+  }
 
   {
     base::AutoLock lock(lock_);
 
-    SecurityStateMap::iterator state = security_state_.find(child_id);
+    SecurityStateMap::const_iterator state = security_state_.find(child_id);
     if (state == security_state_.end())
       return false;
 
     // Otherwise, we consult the child process's security state to see if it is
     // allowed to request the URL.
     return state->second->CanRequestURL(url);
   }
 }
 
 bool ChildProcessSecurityPolicy::CanReadFile(int child_id,
@@ skipping 73 matching lines @@
 
 void ChildProcessSecurityPolicy::LockToOrigin(int child_id, const GURL& gurl) {
   // "gurl" can be currently empty in some cases, such as file://blah.
   DCHECK(SiteInstance::GetSiteForURL(NULL, gurl) == gurl);
   base::AutoLock lock(lock_);
   SecurityStateMap::iterator state = security_state_.find(child_id);
   DCHECK(state != security_state_.end());
   state->second->LockToOrigin(gurl);
 }