Index: content/browser/child_process_security_policy_impl.cc |
diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc |
index 652a7ac175420cba631376bba186834094a5d1f8..c9ad29687048abba29d2bba669e98cba807dc466 100644 |
--- a/content/browser/child_process_security_policy_impl.cc |
+++ b/content/browser/child_process_security_policy_impl.cc |
@@ -297,7 +297,9 @@ class ChildProcessSecurityPolicyImpl::SecurityState { |
ChildProcessSecurityPolicyImpl::ChildProcessSecurityPolicyImpl() { |
// We know about these schemes and believe them to be safe. |
RegisterWebSafeScheme(url::kHttpScheme); |
+ RegisterWebSafeScheme(kHttpSuboriginScheme); |
nasko
2016/09/19 22:20:21
Why not put those in url:: namespace?
jww
2016/09/20 00:24:32
See earlier comments from Mike. Mike prefers them
|
RegisterWebSafeScheme(url::kHttpsScheme); |
+ RegisterWebSafeScheme(kHttpsSuboriginScheme); |
nasko
2016/09/19 22:20:21
Registering these here is a bit dangerous, as it w
jww
2016/09/20 00:24:32
That is what I did initially. The trick I ran into
|
RegisterWebSafeScheme(url::kFtpScheme); |
RegisterWebSafeScheme(url::kDataScheme); |
RegisterWebSafeScheme("feed"); |