| Index: content/browser/child_process_security_policy_impl.cc
|
| diff --git a/content/browser/child_process_security_policy_impl.cc b/content/browser/child_process_security_policy_impl.cc
|
| index 3c207c2c185162d81e83cfdc34138da57563d56f..f1aa1c74d71df72530020a7be37b54ab32fee7f7 100644
|
| --- a/content/browser/child_process_security_policy_impl.cc
|
| +++ b/content/browser/child_process_security_policy_impl.cc
|
| @@ -626,8 +626,8 @@
|
| return false; // Can't request invalid URLs.
|
|
|
| if (IsPseudoScheme(url.scheme())) {
|
| - // Every child process can request <about:blank> and <about:srcdoc>.
|
| - if (url == url::kAboutBlankURL || url == kAboutSrcDocURL)
|
| + // Every child process can request <about:blank>.
|
| + if (base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL))
|
| return true;
|
| // URLs like <about:version>, <about:crash>, <view-source:...> shouldn't be
|
| // requestable by any child process. Also, this case covers
|
| @@ -664,10 +664,9 @@
|
| if (!url.is_valid())
|
| return false; // Can't commit invalid URLs.
|
|
|
| - // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to
|
| - // commit.
|
| + // Of all the pseudo schemes, only about:blank is allowed to commit.
|
| if (IsPseudoScheme(url.scheme()))
|
| - return url == url::kAboutBlankURL || url == kAboutSrcDocURL;
|
| + return base::LowerCaseEqualsASCII(url.spec(), url::kAboutBlankURL);
|
|
|
| // Blob and filesystem URLs require special treatment; validate the inner
|
| // origin they embed.
|
| @@ -718,10 +717,6 @@
|
| return true;
|
| }
|
|
|
| - // about:srcdoc cannot be used as an origin
|
| - if (url == kAboutSrcDocURL)
|
| - return false;
|
| -
|
| // If this process can commit |url|, it can use |url| as an origin for
|
| // outbound requests.
|
| if (CanCommitURL(child_id, url))
|
|
|
Chromium Code Reviews
Issue 2541063002:
Revert of Remove about:srcdoc url conversion. (Closed)
