Validate the Origin HTTP header in the browser process.

content/browser/child_process_security_policy_impl.h

Index: content/browser/child_process_security_policy_impl.h
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h
index 522a377c07e37ea5d0f500d600901060450e44af..12675091b12d75d2833472510fef0791fb4fd88a 100644
--- a/content/browser/child_process_security_policy_impl.h
+++ b/content/browser/child_process_security_policy_impl.h
@@ -126,6 +126,12 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
   // request the URL.
   bool CanRequestURL(int child_id, const GURL& url);
 
+  // Whether the process is allowed to commit a page from the given URL. This is

[nasko, 2015/08/14 22:14:42]

nit: s/page/document/

[Charlie Reis, 2015/08/14 23:23:32]

Done.

+  // more restrictive than CanRequestURL, since CanRequestURL allows requests
+  // that might lead to cross-process navigations or ShellExecute (external to

[nasko, 2015/08/14 22:14:42]

nit: ShellExecute is a Windows specific API. This is related to external
protocol handlers, right? Why not state it that way, since it is already hinted
at in the parenthesized text?

[Charlie Reis, 2015/08/14 23:23:32]

Done.

+  // the browser).
+  bool CanCommitURL(int child_id, const GURL& url);
+
   // Explicit permissions checks for FileSystemURL specified files.
   bool CanReadFileSystemFile(int child_id, const storage::FileSystemURL& url);
   bool CanWriteFileSystemFile(int child_id, const storage::FileSystemURL& url);