Index: content/browser/renderer_host/resource_loader.cc |
diff --git a/content/browser/renderer_host/resource_loader.cc b/content/browser/renderer_host/resource_loader.cc |
index be893d7c97440ff2068932fe1b17f50374fdd48b..f3f2effd500a5f71fd02d2cede419d4555ba7098 100644 |
--- a/content/browser/renderer_host/resource_loader.cc |
+++ b/content/browser/renderer_host/resource_loader.cc |
@@ -303,6 +303,29 @@ void ResourceLoader::OnResponseStarted(net::URLRequest* unused) { |
VLOG(1) << "OnResponseStarted: " << request_->url().spec(); |
+ // We should allow the following case: |
+ // Iframe page (a.com/svrRedirect.php) in page (a.com/index.html) |
+ // do the server-side redirect to page (b.com/svrRedirect.php) which |
+ // eventually redirect the iframe back to page (a.com/static.html). |
+ // Since server-side redirect does not load the page into the render |
+ // process, we are safe in this situation and should allow it. |
+ // |
+ // But we need to block the following case: |
+ // Iframe page (a.com/svrRedirect.php) in page (a.com/index.html) |
+ // do the server-side redirect to page (b.com/clientRedirect.php) which |
+ // eventually redirect the iframe back to page (a.com/static.html). |
+ // Since client-side redirect DOES load the page into the render |
+ // process, we should block it. |
Charlie Reis
2012/12/05 02:02:58
This is a nice comment but it's kind of out of pla
irobert
2012/12/05 19:00:03
Done.
|
+ ResourceRequestInfoImpl* info = GetRequestInfo(); |
+ ChildProcessSecurityPolicyImpl* policy = |
+ ChildProcessSecurityPolicyImpl::GetInstance(); |
+ if (!policy->CanLoadPage(info->GetChildID(), |
+ request_->url(), |
+ info->GetResourceType())) { |
+ Cancel(); |
+ return; |
+ } |
+ |
if (!request_->status().is_success()) { |
ResponseCompleted(); |
return; |