extensions/shell/browser/shell_browser_main_parts.cc - Issue 2364633004: Lock down the registration of blob:chrome-extension:// URLs

Unified Diff: extensions/shell/browser/shell_browser_main_parts.cc

Issue 2364633004: Lock down the registration of blob:chrome-extension:// URLs (Closed)

Patch Set: Pare down CL Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: extensions/shell/browser/shell_browser_main_parts.cc

diff --git a/extensions/shell/browser/shell_browser_main_parts.cc b/extensions/shell/browser/shell_browser_main_parts.cc

index a1c702add4cc90943d43ee35595c857a6b427da6..5b47a2f05c37ab5ab3ca1f3ab8af83e8710aa4e3 100644

--- a/extensions/shell/browser/shell_browser_main_parts.cc

+++ b/extensions/shell/browser/shell_browser_main_parts.cc

@@ -128,10 +128,13 @@ void ShellBrowserMainParts::PreEarlyInitialization() {

int ShellBrowserMainParts::PreCreateThreads() {

// TODO(jamescook): Initialize chromeos::CrosSettings here?

- content::ChildProcessSecurityPolicy::GetInstance()->RegisterWebSafeScheme(

- kExtensionScheme);

- content::ChildProcessSecurityPolicy::GetInstance()->RegisterWebSafeScheme(

- kExtensionResourceScheme);

+ // chrome-extension:// URLs are safe to request anywhere, but may only

+ // commit (including in iframes) in extension processes.

+ content::ChildProcessSecurityPolicy::GetInstance()

+ ->RegisterWebSafeIsolatedScheme(extensions::kExtensionScheme);

+ // TODO(nick): Kill off kExtensionResourceScheme.

+ content::ChildProcessSecurityPolicy::GetInstance()

+ ->RegisterWebSafeIsolatedScheme(extensions::kExtensionResourceScheme);

ncarter (slow) 2016/09/29 16:27:43 reillyg's comment prompted me to rethink this. If

Devlin 2016/09/29 17:31:09 My $0.02: If this moves us toward parity, I'd say

ncarter (slow) 2016/09/29 21:01:46 I decided to revert this hunk, with the logic that

// Return no error.

return 0;