| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/chrome_content_renderer_client.h" | 5 #include "chrome/renderer/chrome_content_renderer_client.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 211 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 222 // URLs typed in the omnibox. | 222 // URLs typed in the omnibox. |
| 223 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs( | 223 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs( |
| 224 chrome_ui_scheme); | 224 chrome_ui_scheme); |
| 225 | 225 |
| 226 // chrome:, and chrome-extension: resources shouldn't trigger insecure | 226 // chrome:, and chrome-extension: resources shouldn't trigger insecure |
| 227 // content warnings. | 227 // content warnings. |
| 228 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme); | 228 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme); |
| 229 | 229 |
| 230 WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme)); | 230 WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme)); |
| 231 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme); | 231 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme); |
| 232 |
| 233 // chrome-extension: resources should be allowed to receive CORS requests. |
| 234 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme); |
| 232 } | 235 } |
| 233 | 236 |
| 234 void ChromeContentRendererClient::RenderViewCreated( | 237 void ChromeContentRendererClient::RenderViewCreated( |
| 235 content::RenderView* render_view) { | 238 content::RenderView* render_view) { |
| 236 ContentSettingsObserver* content_settings = | 239 ContentSettingsObserver* content_settings = |
| 237 new ContentSettingsObserver(render_view); | 240 new ContentSettingsObserver(render_view); |
| 238 if (chrome_observer_.get()) { | 241 if (chrome_observer_.get()) { |
| 239 content_settings->SetContentSettingRules( | 242 content_settings->SetContentSettingRules( |
| 240 chrome_observer_->content_setting_rules()); | 243 chrome_observer_->content_setting_rules()); |
| 241 } | 244 } |
| (...skipping 577 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 819 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { | 822 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { |
| 820 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); | 823 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); |
| 821 } | 824 } |
| 822 | 825 |
| 823 bool ChromeContentRendererClient::AllowSocketAPI(const GURL& url) { | 826 bool ChromeContentRendererClient::AllowSocketAPI(const GURL& url) { |
| 824 return allowed_socket_origins_.find(url.host()) != | 827 return allowed_socket_origins_.find(url.host()) != |
| 825 allowed_socket_origins_.end(); | 828 allowed_socket_origins_.end(); |
| 826 } | 829 } |
| 827 | 830 |
| 828 } // namespace chrome | 831 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9152022:
Add Access-Control-Allow-Origin: * header for extension resources specifically listed as web acce... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/