content/browser/child_process_security_policy_impl.cc - Issue 2494633004: Remove about:srcdoc url conversion.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/child_process_security_policy_impl.cc

Issue 2494633004: Remove about:srcdoc url conversion. (Closed)

Patch Set: Rebase Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: content/browser/child_process_security_policy_impl.cc

diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc

index f1aa1c74d71df72530020a7be37b54ab32fee7f7..3c207c2c185162d81e83cfdc34138da57563d56f 100644

--- a/content/browser/child_process_security_policy_impl.cc

+++ b/content/browser/child_process_security_policy_impl.cc

@@ -626,8 +626,8 @@ bool ChildProcessSecurityPolicyImpl::CanRequestURL(

return false; // Can't request invalid URLs.

if (IsPseudoScheme(url.scheme())) {

- // Every child process can request <about:blank>.

- if (base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL))

+ // Every child process can request <about:blank> and <about:srcdoc>.

+ if (url == url::kAboutBlankURL || url == kAboutSrcDocURL)

return true;

// URLs like <about:version>, <about:crash>, <view-source:...> shouldn't be

// requestable by any child process. Also, this case covers

@@ -664,9 +664,10 @@ bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id,

if (!url.is_valid())

return false; // Can't commit invalid URLs.

- // Of all the pseudo schemes, only about:blank is allowed to commit.

+ // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to

+ // commit.

if (IsPseudoScheme(url.scheme()))

- return base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL);

+ return url == url::kAboutBlankURL || url == kAboutSrcDocURL;

// Blob and filesystem URLs require special treatment; validate the inner

// origin they embed.

@@ -717,6 +718,10 @@ bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id,

return true;

}

+ // about:srcdoc cannot be used as an origin

+ if (url == kAboutSrcDocURL)

+ return false;

// If this process can commit |url|, it can use |url| as an origin for

// outbound requests.

if (CanCommitURL(child_id, url))