Remove about:srcdoc url conversion.

content/browser/child_process_security_policy_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/child_process_security_policy_impl.h"
 
 #include <algorithm>
 #include <utility>
 
 #include "base/command_line.h"
@@ skipping 608 matching lines @@
 
   state->second->RevokeReadRawCookies();
 }
 
 bool ChildProcessSecurityPolicyImpl::CanRequestURL(
     int child_id, const GURL& url) {
   if (!url.is_valid())
     return false;  // Can't request invalid URLs.
 
   if (IsPseudoScheme(url.scheme())) {
-    // Every child process can request <about:blank>.
-    if (base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL))
+    // Every child process can request <about:blank> and <about:srcdoc>.
+    if (url == url::kAboutBlankURL || url == kAboutSrcDocURL)
       return true;
     // URLs like <about:version>, <about:crash>, <view-source:...> shouldn't be
     // requestable by any child process.  Also, this case covers
     // <javascript:...>, which should be handled internally by the process and
     // not kicked up to the browser.
     return false;
   }
 
   // Blob and filesystem URLs require special treatment, since they embed an
   // inner origin.
@@ skipping 16 matching lines @@
   // Also allow URLs destined for ShellExecute and not the browser itself.
   return !GetContentClient()->browser()->IsHandledURL(url) &&
          !net::URLRequest::IsHandledURL(url);
 }
 
 bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id,
                                                   const GURL& url) {
   if (!url.is_valid())
     return false;  // Can't commit invalid URLs.
 
-  // Of all the pseudo schemes, only about:blank is allowed to commit.
+  // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to
+  // commit.
   if (IsPseudoScheme(url.scheme()))
-    return base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL);
+    return url == url::kAboutBlankURL || url == kAboutSrcDocURL;
 
   // Blob and filesystem URLs require special treatment; validate the inner
   // origin they embed.
   if (url.SchemeIsBlob() || url.SchemeIsFileSystem()) {
     if (IsMalformedBlobUrl(url))
       return false;
 
     url::Origin origin(url);
     return origin.unique() || CanCommitURL(child_id, GURL(origin.Serialize()));
   }
@@ skipping 30 matching lines @@
   if (!url.is_valid())
     return false;  // Can't set invalid URLs as origin headers.
 
   // Suborigin URLs are a special case and are allowed to be an origin header.
   if (url.scheme() == url::kHttpSuboriginScheme ||
       url.scheme() == url::kHttpsSuboriginScheme) {
     DCHECK(IsPseudoScheme(url.scheme()));
     return true;
   }
 
+  // about:srcdoc cannot be used as an origin
+  if (url == kAboutSrcDocURL)
+    return false;
+
   // If this process can commit |url|, it can use |url| as an origin for
   // outbound requests.
   if (CanCommitURL(child_id, url))
     return true;
 
   // Allow schemes which may come from scripts executing in isolated worlds;
   // XHRs issued by such scripts reflect the script origin rather than the
   // document origin.
   {
     base::AutoLock lock(lock_);
@@ skipping 263 matching lines @@
   base::AutoLock lock(lock_);
 
   SecurityStateMap::iterator state = security_state_.find(child_id);
   if (state == security_state_.end())
     return false;
 
   return state->second->can_send_midi_sysex();
 }
 
 }  // namespace content