Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(552)

Unified Diff: content/browser/child_process_security_policy_impl.cc

Issue 2494633004: Remove about:srcdoc url conversion. (Closed)
Patch Set: Rebase Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/browser/child_process_security_policy_impl.cc
diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc
index f1aa1c74d71df72530020a7be37b54ab32fee7f7..3c207c2c185162d81e83cfdc34138da57563d56f 100644
--- a/content/browser/child_process_security_policy_impl.cc
+++ b/content/browser/child_process_security_policy_impl.cc
@@ -626,8 +626,8 @@ bool ChildProcessSecurityPolicyImpl::CanRequestURL(
return false; // Can't request invalid URLs.
if (IsPseudoScheme(url.scheme())) {
- // Every child process can request <about:blank>.
- if (base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL))
+ // Every child process can request <about:blank> and <about:srcdoc>.
+ if (url == url::kAboutBlankURL || url == kAboutSrcDocURL)
return true;
// URLs like <about:version>, <about:crash>, <view-source:...> shouldn't be
// requestable by any child process. Also, this case covers
@@ -664,9 +664,10 @@ bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id,
if (!url.is_valid())
return false; // Can't commit invalid URLs.
- // Of all the pseudo schemes, only about:blank is allowed to commit.
+ // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to
+ // commit.
if (IsPseudoScheme(url.scheme()))
- return base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL);
+ return url == url::kAboutBlankURL || url == kAboutSrcDocURL;
// Blob and filesystem URLs require special treatment; validate the inner
// origin they embed.
@@ -717,6 +718,10 @@ bool ChildProcessSecurityPolicyImpl::CanSetAsOriginHeader(int child_id,
return true;
}
+ // about:srcdoc cannot be used as an origin
+ if (url == kAboutSrcDocURL)
+ return false;
+
// If this process can commit |url|, it can use |url| as an origin for
// outbound requests.
if (CanCommitURL(child_id, url))
« no previous file with comments | « content/browser/android/web_contents_observer_proxy.cc ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698