Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(182)

Unified Diff: content/browser/browser_plugin/browser_plugin_guest.cc

Issue 130183004: <webview>: Add better loadabort reason messages (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed nit Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/browser_plugin/browser_plugin_guest.h ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/browser_plugin/browser_plugin_guest.cc
diff --git a/content/browser/browser_plugin/browser_plugin_guest.cc b/content/browser/browser_plugin/browser_plugin_guest.cc
index 2e79b6335e3c8815151c1264fd21b4362542eb13..fd42b01344a7d0935bf777790307a91048ff1041 100644
--- a/content/browser/browser_plugin/browser_plugin_guest.cc
+++ b/content/browser/browser_plugin/browser_plugin_guest.cc
@@ -311,6 +311,21 @@ static std::string RetrieveDownloadURLFromRequestId(
return "";
}
+bool SupportsScheme(const GURL& url) {
+ // javascript: URLs are not supported.
+ if (url.SchemeIs(kJavaScriptScheme))
+ return false;
+
+ ChildProcessSecurityPolicyImpl* policy =
+ ChildProcessSecurityPolicyImpl::GetInstance();
+ if (policy->IsWebSafeScheme(url.scheme()) ||
+ policy->IsPseudoScheme(url.scheme())) {
+ return true;
+ }
+
+ return false;
+}
+
} // namespace
class BrowserPluginGuest::EmbedderWebContentsObserver
@@ -402,30 +417,40 @@ void BrowserPluginGuest::DestroyUnattachedWindows() {
DCHECK(pending_new_windows_.empty());
}
+void BrowserPluginGuest::ReportLoadAbort(const GURL& url,
+ bool is_top_level,
+ int reason) {
+ if (!delegate_)
+ return;
+
+ std::string error_type;
+ base::RemoveChars(net::ErrorToString(reason), "net::",
+ &error_type);
+ delegate_->LoadAbort(is_top_level, url, error_type);
+}
+
void BrowserPluginGuest::LoadURLWithParams(const GURL& url,
const Referrer& referrer,
PageTransition transition_type,
WebContents* web_contents) {
+ // If the URL is invalid, then there's nothing to do here except abort.
+ if (!url.is_valid()) {
+ ReportLoadAbort(url, true /* is_top_level */, net::ERR_INVALID_URL);
+ return;
+ }
+
// Do not allow navigating a guest to schemes other than known safe schemes.
// This will block the embedder trying to load unwanted schemes, e.g.
// chrome://settings.
- bool scheme_is_blocked =
- (!ChildProcessSecurityPolicyImpl::GetInstance()->IsWebSafeScheme(
- url.scheme()) &&
- !ChildProcessSecurityPolicyImpl::GetInstance()->IsPseudoScheme(
- url.scheme())) ||
- url.SchemeIs(kJavaScriptScheme);
- bool can_commit =
- GetContentClient()->browser()->CanCommitURL(
- GetWebContents()->GetRenderProcessHost(), url);
- if (scheme_is_blocked || !url.is_valid() || !can_commit) {
- if (delegate_) {
- // TODO(fsamuel): Need better error reporting here.
- std::string error_type;
- base::RemoveChars(net::ErrorToString(net::ERR_ABORTED), "net::",
- &error_type);
- delegate_->LoadAbort(true /* is_top_level */, url, error_type);
- }
+ if (!SupportsScheme(url)) {
+ ReportLoadAbort(url, true /* is_top_level */,
+ net::ERR_DISALLOWED_URL_SCHEME);
+ return;
+ }
+
+ if (!GetContentClient()->browser()->CanCommitURL(
+ GetWebContents()->GetRenderProcessHost(), url)) {
+ ReportLoadAbort(url, true /* is_top_level */, net::ERR_ACCESS_DENIED);
return;
}
« no previous file with comments | « content/browser/browser_plugin/browser_plugin_guest.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698