Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(658)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: pdf/out_of_process_instance.cc

Issue 1311973002: Prevent leaking PDF data cross-origin (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/resources/pdf/pdf.js ('K') | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: pdf/out_of_process_instance.cc
diff --git a/pdf/out_of_process_instance.cc b/pdf/out_of_process_instance.cc
index 705da85ab7d9bf424d5a2a23b06568420d3c7405..946202b20b634a3a3e5cdfc37aae88910294d37b 100644
--- a/pdf/out_of_process_instance.cc
+++ b/pdf/out_of_process_instance.cc
@@ -305,23 +305,25 @@ bool OutOfProcessInstance::Init(uint32_t argc,
const char* argn[],
const char* argv[]) {
// Check if the PDF is being loaded in the PDF chrome extension. We only allow
- // the plugin to be put into "full frame" mode when it is being loaded in the
- // extension because this enables some features that we don't want pages
- // abusing outside of the extension.
+ // the plugin to be loaded in the extension to avoid exposing sensitive APIs
Sam McNally 2015/08/25 03:11:20 And print preview?
raymes 2015/08/25 04:02:23 Done.
+ // directly to external websites.
pp::Var document_url_var = pp::URLUtil_Dev::Get()->GetDocumentURL(this);
std::string document_url = document_url_var.is_string() ?
Sam McNally 2015/08/25 03:11:20 if (!document_url_var.is_string()) return false;
raymes 2015/08/25 04:02:23 Done.
document_url_var.AsString() : std::string();
std::string extension_url = std::string(kChromeExtension);
- bool in_extension =
- !document_url.compare(0, extension_url.size(), extension_url);
-
- if (in_extension) {
- // Check if the plugin is full frame. This is passed in from JS.
- for (uint32_t i = 0; i < argc; ++i) {
- if (strcmp(argn[i], "full-frame") == 0) {
- full_ = true;
- break;
- }
+ std::string print_preview_url = std::string(kChromePrint);
+ bool allowed =
+ !document_url.compare(0, extension_url.size(), extension_url) ||
Sam McNally 2015/08/25 03:11:20 if (!base::StringPiece(document_url).starts_with(k
raymes 2015/08/25 04:02:23 Done.
+ !document_url.compare(0, print_preview_url.size(), print_preview_url);
+
+ if (!allowed)
+ return false;
+
+ // Check if the plugin is full frame. This is passed in from JS.
+ for (uint32_t i = 0; i < argc; ++i) {
+ if (strcmp(argn[i], "full-frame") == 0) {
+ full_ = true;
+ break;
}
}
« chrome/browser/resources/pdf/pdf.js ('K') | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698