| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/content_settings_observer.h" | 5 #include "chrome/renderer/content_settings_observer.h" |
| 6 | 6 |
| 7 #include "chrome/common/render_messages.h" | 7 #include "chrome/common/render_messages.h" |
| 8 #include "chrome/common/ssl_insecure_content.h" | 8 #include "chrome/common/ssl_insecure_content.h" |
| 9 #include "content/public/common/url_constants.h" | 9 #include "content/public/common/url_constants.h" |
| 10 #include "content/public/renderer/document_state.h" | 10 #include "content/public/renderer/document_state.h" |
| (...skipping 370 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 381 } | 381 } |
| 382 | 382 |
| 383 bool ContentSettingsObserver::allowMutationEvents(bool default_value) { | 383 bool ContentSettingsObserver::allowMutationEvents(bool default_value) { |
| 384 return IsPlatformApp() ? false : default_value; | 384 return IsPlatformApp() ? false : default_value; |
| 385 } | 385 } |
| 386 | 386 |
| 387 bool ContentSettingsObserver::allowRunningInsecureContent( | 387 bool ContentSettingsObserver::allowRunningInsecureContent( |
| 388 bool allowed_per_settings, | 388 bool allowed_per_settings, |
| 389 const blink::WebSecurityOrigin& origin, | 389 const blink::WebSecurityOrigin& origin, |
| 390 const blink::WebURL& resource_url) { | 390 const blink::WebURL& resource_url) { |
| 391 // Note: this implementation is a mirror of |
| 392 // Browser::ShouldAllowRunningInsecureContent. |
| 391 FilteredReportInsecureContentRan(GURL(resource_url)); | 393 FilteredReportInsecureContentRan(GURL(resource_url)); |
| 392 | 394 |
| 393 if (!allow_running_insecure_content_ && !allowed_per_settings) { | 395 if (!allow_running_insecure_content_ && !allowed_per_settings) { |
| 394 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT); | 396 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT); |
| 395 return false; | 397 return false; |
| 396 } | 398 } |
| 397 | 399 |
| 398 return true; | 400 return true; |
| 399 } | 401 } |
| 400 | 402 |
| (...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 529 | 531 |
| 530 // If the scheme is file:, an empty file name indicates a directory listing, | 532 // If the scheme is file:, an empty file name indicates a directory listing, |
| 531 // which requires JavaScript to function properly. | 533 // which requires JavaScript to function properly. |
| 532 if (base::EqualsASCII(protocol, url::kFileScheme)) { | 534 if (base::EqualsASCII(protocol, url::kFileScheme)) { |
| 533 return document_url.SchemeIs(url::kFileScheme) && | 535 return document_url.SchemeIs(url::kFileScheme) && |
| 534 document_url.ExtractFileName().empty(); | 536 document_url.ExtractFileName().empty(); |
| 535 } | 537 } |
| 536 | 538 |
| 537 return false; | 539 return false; |
| 538 } | 540 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1905033002:
PlzNavigate: Move navigation-level mixed content checks to the browser. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@console-security-message