Chromium Code Reviews Chromium Code Reviews
Issue 11416121:
Prevent cross-site pages when --site-per-process is passed (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/renderer_host/render_view_host_impl.h" | 5 #include "content/browser/renderer_host/render_view_host_impl.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 1719 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1730 // The renderer treats all URLs in the about: scheme as being about:blank. | 1730 // The renderer treats all URLs in the about: scheme as being about:blank. |
| 1731 // Canonicalize about: URLs to about:blank. | 1731 // Canonicalize about: URLs to about:blank. |
| 1732 *url = GURL(chrome::kAboutBlankURL); | 1732 *url = GURL(chrome::kAboutBlankURL); |
| 1733 } | 1733 } |
| 1734 | 1734 |
| 1735 // Do not allow browser plugin guests to navigate to non-web URLs, since they | 1735 // Do not allow browser plugin guests to navigate to non-web URLs, since they |
| 1736 // cannot swap processes or grant bindings. | 1736 // cannot swap processes or grant bindings. |
| 1737 bool non_web_url_in_guest = process->IsGuest() && | 1737 bool non_web_url_in_guest = process->IsGuest() && |
| 1738 !(url->is_valid() && policy->IsWebSafeScheme(url->scheme())); | 1738 !(url->is_valid() && policy->IsWebSafeScheme(url->scheme())); |
| 1739 | 1739 |
| 1740 if (non_web_url_in_guest || !policy->CanRequestURL(process->GetID(), *url)) { | 1740 if (non_web_url_in_guest || |
| 1741 !policy->CanRequestURL(process->GetID(), | |
| 1742 *url, ResourceType::MAIN_FRAME)) { | |
|
irobert
2012/11/28 01:27:57
It is hard to tell whether this navigation is main
Charlie Reis
2012/11/28 18:58:26
Hmm, actually, this is problematic. FilterURL get
irobert
2012/11/28 22:50:41
Done.
| |
| 1741 // If this renderer is not permitted to request this URL, we invalidate the | 1743 // If this renderer is not permitted to request this URL, we invalidate the |
| 1742 // URL. This prevents us from storing the blocked URL and becoming confused | 1744 // URL. This prevents us from storing the blocked URL and becoming confused |
| 1743 // later. | 1745 // later. |
| 1744 VLOG(1) << "Blocked URL " << url->spec(); | 1746 VLOG(1) << "Blocked URL " << url->spec(); |
| 1745 *url = GURL(chrome::kAboutBlankURL); | 1747 *url = GURL(chrome::kAboutBlankURL); |
| 1746 } | 1748 } |
| 1747 } | 1749 } |
| 1748 | 1750 |
| 1749 void RenderViewHostImpl::SetAltErrorPageURL(const GURL& url) { | 1751 void RenderViewHostImpl::SetAltErrorPageURL(const GURL& url) { |
| 1750 Send(new ViewMsg_SetAltErrorPageURL(GetRoutingID(), url)); | 1752 Send(new ViewMsg_SetAltErrorPageURL(GetRoutingID(), url)); |
| (...skipping 277 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2028 is_waiting_for_beforeunload_ack_ = false; | 2030 is_waiting_for_beforeunload_ack_ = false; |
| 2029 is_waiting_for_unload_ack_ = false; | 2031 is_waiting_for_unload_ack_ = false; |
| 2030 has_timed_out_on_unload_ = false; | 2032 has_timed_out_on_unload_ = false; |
| 2031 } | 2033 } |
| 2032 | 2034 |
| 2033 void RenderViewHostImpl::ClearPowerSaveBlockers() { | 2035 void RenderViewHostImpl::ClearPowerSaveBlockers() { |
| 2034 STLDeleteValues(&power_save_blockers_); | 2036 STLDeleteValues(&power_save_blockers_); |
| 2035 } | 2037 } |
| 2036 | 2038 |
| 2037 } // namespace content | 2039 } // namespace content |
| OLD | NEW |
