Improve print preview checks in the PDF plugin

Improve print preview checks in the PDF plugin

Special functionality is available in the PDF plugin for print preview. We
don't want to allow this functionality to be exposed when not in print
preview as it may have potential security implications. This CL improves
the checks that are used:
1) Check the document URL to determine whether we are in print preview, rather
than the URL that is passed in to load, which could be chosen by an attacker.
2) Add CHECKs to ensure we are in print preview mode and trying to load a print
preview document when print preview messages are received.

Note that we should never get into a state where these checks would be invalid
but this gives us defense in depth.

BUG=654280
Committed: https://crrev.com/9fb7fed591eb80fa9653f7d027f004afb8425b17
Cr-Commit-Position: refs/heads/master@{#430802}

[raymes, 2016-11-08 07:00:18]

raymes@chromium.org changed reviewers:
+ thestig@chromium.org

[Lei Zhang, 2016-11-08 07:38:13]

lgtm

https://codereview.chromium.org/2486683002/diff/20001/pdf/out_of_process_inst...
File pdf/out_of_process_instance.cc (right):

https://codereview.chromium.org/2486683002/diff/20001/pdf/out_of_process_inst...
pdf/out_of_process_instance.cc:463: CHECK(IsPrintPreview() &&
IsPrintPreviewUrl(url));
Put these as 2 separate CHECKs. Then if one fails, we'll know which. Ditto above
on line 443.

[raymes, 2016-11-08 23:18:01]

https://codereview.chromium.org/2486683002/diff/20001/pdf/out_of_process_inst...
File pdf/out_of_process_instance.cc (right):

https://codereview.chromium.org/2486683002/diff/20001/pdf/out_of_process_inst...
pdf/out_of_process_instance.cc:463: CHECK(IsPrintPreview() &&
IsPrintPreviewUrl(url));
On 2016/11/08 07:38:13, Lei Zhang (slow) wrote:
> Put these as 2 separate CHECKs. Then if one fails, we'll know which. Ditto
above
> on line 443.

Done.

[raymes, 2016-11-08 23:18:05]

The CQ bit was checked by raymes@chromium.org

[raymes, 2016-11-08 23:18:06]

The patchset sent to the CQ was uploaded after l-g-t-m from thestig@chromium.org
Link to the patchset: https://codereview.chromium.org/2486683002/#ps40001
(title: "Improve print preview checks in the PDF plugin")

[commit-bot: I haz the power, 2016-11-08 23:18:57]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-11-09 01:07:03]

Committed patchset #3 (id:40001)

[commit-bot: I haz the power, 2016-11-09 01:19:17]

Description was changed from

==========
Improve print preview checks in the PDF plugin

Special functionality is available in the PDF plugin for print preview. We
don't want to allow this functionality to be exposed when not in print
preview as it may have potential security implications. This CL improves
the checks that are used:
1) Check the document URL to determine whether we are in print preview, rather
than the URL that is passed in to load, which could be chosen by an attacker.
2) Add CHECKs to ensure we are in print preview mode and trying to load a print
preview document when print preview messages are received.

Note that we should never get into a state where these checks would be invalid
but this gives us defense in depth.

BUG=654280
==========

to

==========
Improve print preview checks in the PDF plugin

Special functionality is available in the PDF plugin for print preview. We
don't want to allow this functionality to be exposed when not in print
preview as it may have potential security implications. This CL improves
the checks that are used:
1) Check the document URL to determine whether we are in print preview, rather
than the URL that is passed in to load, which could be chosen by an attacker.
2) Add CHECKs to ensure we are in print preview mode and trying to load a print
preview document when print preview messages are received.

Note that we should never get into a state where these checks would be invalid
but this gives us defense in depth.

BUG=654280

Committed: https://crrev.com/9fb7fed591eb80fa9653f7d027f004afb8425b17
Cr-Commit-Position: refs/heads/master@{#430802}
==========

[commit-bot: I haz the power, 2016-11-09 01:19:18]

Patchset 3 (id:??) landed as
https://crrev.com/9fb7fed591eb80fa9653f7d027f004afb8425b17
Cr-Commit-Position: refs/heads/master@{#430802}