Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5335)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm

Issue 2346023002: Ignore Javascript urls dropped on tabs (Mac version) (Closed)
Patch Set: Move return to a new line Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/browser/ui/cocoa/toolbar/toolbar_controller.mm » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
diff --git a/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm b/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
index 5d008da722bc20cfaadfd16f1f942e5c2d2dfcdb..2df953314fb0bd30b483c4ac749cb3c5094dbb76 100644
--- a/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
+++ b/chrome/browser/ui/cocoa/tabs/tab_strip_controller.mm
@@ -2059,6 +2059,10 @@ CGFloat FlipXInView(NSView* view, CGFloat width, CGFloat x) {
}
- (void)openURL:(GURL*)url inView:(NSView*)view at:(NSPoint)point {
+ // Security: Block JavaScript to prevent self-XSS.
+ if (url->SchemeIs(url::kJavaScriptScheme))
+ return;
+
// Get the index and disposition.
NSInteger index;
WindowOpenDisposition disposition;
« no previous file with comments | « no previous file | chrome/browser/ui/cocoa/toolbar/toolbar_controller.mm » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698