Chromium Code Reviews (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

Unified Diff: content/browser/loader/

Issue 1617043002: Introduce AncestorThrottle, which will process 'X-Frame-Options' headers. (Closed) Base URL:
Patch Set: CONNECTION_REFUSED Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/browser/loader/
diff --git a/content/browser/loader/ b/content/browser/loader/
index 9112f7e8d8919dba6030a0eeae48843563e48c21..9c28def41f6067418564129f489844252f5b2830 100644
--- a/content/browser/loader/
+++ b/content/browser/loader/
@@ -235,6 +235,15 @@ void NavigationResourceThrottle::OnUIChecksPerformed(
} else if (result == NavigationThrottle::CANCEL) {
+ } else if (result == NavigationThrottle::BLOCK_RESPONSE) {
+ // TODO(mkwst): If we cancel the main frame request with anything other than
+ // 'net::ERR_ABORTED', we'll trigger some special behavior that might not be
+ // desirable here (non-POSTs will reload the page, while POST has some logic
+ // around reloading to avoid duplicating actions server-side). For the
+ // moment, only child frame navigations should be blocked. If we need to
+ // block main frame navigations in the future, we'll need to carefully
+ // consider the right thing to do here.
mmenke 2016/05/05 12:36:27 Can we add a DCHECK here, too (Grab the ResourceRe
+ controller()->CancelWithError(net::ERR_BLOCKED_BY_RESPONSE);
} else {

Powered by Google App Engine
This is Rietveld 408576698