Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(887)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome_frame/navigation_constraints.cc

Issue 126143005: Remove Chrome Frame code and resources. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: sync to r244038 Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome_frame/navigation_constraints.h ('k') | chrome_frame/npchrome_frame_dll.ver » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome_frame/navigation_constraints.h"
6
7 #include "base/strings/string_util.h"
8 #include "base/strings/utf_string_conversions.h"
9 #include "chrome/common/url_constants.h"
10 #include "chrome_frame/utils.h"
11 #include "extensions/common/constants.h"
12
13 NavigationConstraintsImpl::NavigationConstraintsImpl() : is_privileged_(false) {
14 }
15
16 // NavigationConstraintsImpl method definitions.
17 bool NavigationConstraintsImpl::AllowUnsafeUrls() {
18 // No sanity checks if unsafe URLs are allowed
19 return GetConfigBool(false, kAllowUnsafeURLs);
20 }
21
22 bool NavigationConstraintsImpl::IsSchemeAllowed(const GURL& url) {
23 if (url.is_empty())
24 return false;
25
26 if (!url.is_valid())
27 return false;
28
29 if (url.SchemeIs(content::kHttpScheme) || url.SchemeIs(content::kHttpsScheme))
30 return true;
31
32 // Additional checking for view-source. Allow only http and https
33 // URLs in view source.
34 if (url.SchemeIs(content::kViewSourceScheme)) {
35 GURL sub_url(url.GetContent());
36 if (sub_url.SchemeIs(content::kHttpScheme) ||
37 sub_url.SchemeIs(content::kHttpsScheme))
38 return true;
39 }
40
41 // Allow only about:blank or about:version
42 if (url.SchemeIs(chrome::kAboutScheme)) {
43 if (LowerCaseEqualsASCII(url.spec(), content::kAboutBlankURL) ||
44 LowerCaseEqualsASCII(url.spec(), chrome::kAboutVersionURL)) {
45 return true;
46 }
47 }
48
49 if (is_privileged_ &&
50 (url.SchemeIs(chrome::kDataScheme) ||
51 url.SchemeIs(extensions::kExtensionScheme))) {
52 return true;
53 }
54
55 return false;
56 }
57
58 bool NavigationConstraintsImpl::IsZoneAllowed(const GURL& url) {
59 if (!security_manager_) {
60 HRESULT hr = security_manager_.CreateInstance(
61 CLSID_InternetSecurityManager);
62 if (FAILED(hr)) {
63 NOTREACHED() << __FUNCTION__
64 << " Failed to create SecurityManager. Error: 0x%x"
65 << hr;
66 return true;
67 }
68 DWORD zone = URLZONE_INVALID;
69 std::wstring unicode_url = base::UTF8ToWide(url.spec());
70 security_manager_->MapUrlToZone(unicode_url.c_str(), &zone, 0);
71 if (zone == URLZONE_UNTRUSTED) {
72 DLOG(WARNING) << __FUNCTION__
73 << " Disallowing navigation to restricted url: " << url;
74 return false;
75 }
76 }
77 return true;
78 }
79
80 bool NavigationConstraintsImpl::is_privileged() const {
81 return is_privileged_;
82 }
83
84 void NavigationConstraintsImpl::set_is_privileged(bool is_privileged) {
85 is_privileged_ = is_privileged;
86 }
OLDNEW
« no previous file with comments | « chrome_frame/navigation_constraints.h ('k') | chrome_frame/npchrome_frame_dll.ver » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698