Ignore Javascript urls dropped on tabs (Mac version)

chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm

Index: chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
diff --git a/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm b/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
index 5d008da722bc20cfaadfd16f1f942e5c2d2dfcdb..0b15fab4feed14ed2423a420457ee8fe0aaac28d 100644
--- a/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
+++ b/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
@@ -2059,6 +2059,9 @@ CGFloat FlipXInView(NSView* view, CGFloat width, CGFloat x) {
 }
 
 - (void)openURL:(GURL*)url inView:(NSView*)view at:(NSPoint)point {
+  // Security: Block JavaScript to prevent self-XSS.
+  if (url->SchemeIs(url::kJavaScriptScheme)) return;

[Avi (use Gerrit), 2016/09/16 19:07:49]

Strictly speaking this is allowed by the style guide, but I haven't seen it done
this way before. Can you put the "return" onto its own line? (Here and in the
other file.)

[elawrence, 2016/09/16 19:17:07]

Done.

+
   // Get the index and disposition.
   NSInteger index;
   WindowOpenDisposition disposition;