Fix for "chrome://" links in PDFs.

content/browser/child_process_security_policy_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/child_process_security_policy_impl.h"
 
+#include <utility>
+
 #include "base/command_line.h"
 #include "base/files/file_path.h"
 #include "base/logging.h"
 #include "base/metrics/histogram.h"
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "content/browser/plugin_process_host.h"
 #include "content/browser/site_instance_impl.h"
 #include "content/common/site_isolation_policy.h"
 #include "content/public/browser/child_process_data.h"
@@ skipping 63 matching lines @@
         storage::IsolatedContext::GetInstance();
     for (FileSystemMap::iterator iter = filesystem_permissions_.begin();
          iter != filesystem_permissions_.end();
          ++iter) {
       isolated_context->RemoveReference(iter->first);
     }
     UMA_HISTOGRAM_COUNTS("ChildProcessSecurityPolicy.PerChildFilePermissions",
                          file_permissions_.size());
   }
 
+  // Grant permission to request URLs with the specified origin.
+  void GrantOrigin(const url::Origin& origin) {
+    origin_set_.insert(origin);
+  }
+
   // Grant permission to request URLs with the specified scheme.
   void GrantScheme(const std::string& scheme) {
     scheme_policy_[scheme] = true;
   }
 
   // Revoke permission to request URLs with the specified scheme.
   void RevokeScheme(const std::string& scheme) {
     scheme_policy_[scheme] = false;
   }
 
@@ skipping 61 matching lines @@
   void RevokeReadRawCookies() {
     can_read_raw_cookies_ = false;
   }
 
   void GrantPermissionForMidiSysEx() {
     can_send_midi_sysex_ = true;
   }
 
   // Determine whether permission has been granted to commit |url|.
   bool CanCommitURL(const GURL& url) {
-    // Having permission to a scheme implies permssion to all of its URLs.
-    SchemeMap::const_iterator judgment(scheme_policy_.find(url.scheme()));
-    if (judgment != scheme_policy_.end())
-      return judgment->second;
+    // Having permission to a scheme implies permission to all of its URLs.
+    SchemeMap::const_iterator scheme_judgment(
+        scheme_policy_.find(url.scheme()));
+    if (scheme_judgment != scheme_policy_.end())
+      return scheme_judgment->second;
+
+    // Otherwise, check for permission for specific origin.
+    if (ContainsKey(origin_set_, url::Origin(url)))
+      return true;
 
     // file:// URLs are more granular.  The child may have been given
     // permission to a specific file but not the file:// scheme in general.
     if (url.SchemeIs(url::kFileScheme)) {
       base::FilePath path;
       if (net::FileURLToFilePath(url, &path))
         return ContainsKey(request_file_set_, path);
     }
 
     return false;  // Unmentioned schemes are disallowed.
@@ skipping 50 matching lines @@
   bool can_read_raw_cookies() const {
     return can_read_raw_cookies_;
   }
 
   bool can_send_midi_sysex() const {
     return can_send_midi_sysex_;
   }
 
  private:
   typedef std::map<std::string, bool> SchemeMap;
+  typedef std::set<url::Origin> OriginSet;
 
   typedef int FilePermissionFlags;  // bit-set of base::File::Flags
   typedef std::map<base::FilePath, FilePermissionFlags> FileMap;
   typedef std::map<std::string, FilePermissionFlags> FileSystemMap;
   typedef std::set<base::FilePath> FileSet;
 
   // Maps URL schemes to whether permission has been granted or revoked:
   //   |true| means the scheme has been granted.
   //   |false| means the scheme has been revoked.
   // If a scheme is not present in the map, then it has never been granted
   // or revoked.
   SchemeMap scheme_policy_;
 
+  // The set of URL origins to which the child process has been granted
+  // permission.
+  OriginSet origin_set_;
+
   // The set of files the child process is permited to upload to the web.
   FileMap file_permissions_;
 
   // The set of files the child process is permitted to load.
   FileSet request_file_set_;
 
   int enabled_bindings_;
 
   bool can_read_raw_cookies_;
 
@@ skipping 228 matching lines @@
 void ChildProcessSecurityPolicyImpl::GrantSendMidiSysExMessage(int child_id) {
   base::AutoLock lock(lock_);
 
   SecurityStateMap::iterator state = security_state_.find(child_id);
   if (state == security_state_.end())
     return;
 
   state->second->GrantPermissionForMidiSysEx();
 }
 
+void ChildProcessSecurityPolicyImpl::GrantOrigin(int child_id,
+                                                 const url::Origin& origin) {
+  base::AutoLock lock(lock_);
+
+  SecurityStateMap::iterator state = security_state_.find(child_id);
+  if (state == security_state_.end())
+    return;
+
+  state->second->GrantOrigin(origin);
+}
+
 void ChildProcessSecurityPolicyImpl::GrantScheme(int child_id,
                                                  const std::string& scheme) {
   base::AutoLock lock(lock_);
 
   SecurityStateMap::iterator state = security_state_.find(child_id);
   if (state == security_state_.end())
     return;
 
   state->second->GrantScheme(scheme);
 }
@@ skipping 322 matching lines @@
   base::AutoLock lock(lock_);
 
   SecurityStateMap::iterator state = security_state_.find(child_id);
   if (state == security_state_.end())
     return false;
 
   return state->second->can_send_midi_sysex();
 }
 
 }  // namespace content