Chromium Code Reviews| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "content/browser/frame_host/data_url_navigation_throttle.h" | |
| 6 | |
| 7 #include "base/memory/ptr_util.h" | |
| 8 #include "base/strings/stringprintf.h" | |
| 9 #include "content/browser/frame_host/frame_tree.h" | |
| 10 #include "content/browser/frame_host/frame_tree_node.h" | |
| 11 #include "content/browser/frame_host/navigation_handle_impl.h" | |
| 12 #include "content/public/browser/navigation_handle.h" | |
| 13 #include "content/public/browser/render_frame_host.h" | |
| 14 #include "content/public/common/console_message_level.h" | |
| 15 #include "url/url_constants.h" | |
| 16 | |
| 17 namespace content { | |
| 18 | |
| 19 namespace { | |
| 20 const char kConsoleError[] = | |
| 21 "Not allowed to top-level navigate to resource: %s"; | |
| 22 | |
| 23 bool MayBlockDataUrlNavigation(NavigationHandle* navigation_handle) { | |
| 24 // TODO(meacer): This doesn't properly handle window.open calls. | |
| 25 // - For standard mime types (html, image etc), this is only a | |
| 26 // problem if PlzNavigate is enabled because otherwise checks | |
| 27 // are done in the renderer. | |
| 28 // - For mime types handled by plugins (e.g. PDF), this is a | |
| 29 // problem for both PlzNavigate and non-PlzNavigate as there | |
| 30 // are no renderer side checks. | |
| 31 // Proper implementation is blocked on crbug.com/651895. | |
| 32 NavigationHandleImpl* handle = | |
| 33 static_cast<NavigationHandleImpl*>(navigation_handle); | |
| 34 RenderFrameHost* top_frame = | |
| 35 handle->frame_tree_node()->frame_tree()->root()->current_frame_host(); | |
| 36 return handle->GetURL().SchemeIs(url::kDataScheme) && | |
| 37 handle->IsInMainFrame() && handle->IsRendererInitiated() && | |
| 38 !top_frame->GetLastCommittedURL().SchemeIs(url::kDataScheme); | |
| 39 } | |
| 40 } | |
| 41 | |
| 42 DataUrlNavigationThrottle::DataUrlNavigationThrottle( | |
| 43 NavigationHandle* navigation_handle) | |
| 44 : NavigationThrottle(navigation_handle) {} | |
| 45 | |
| 46 DataUrlNavigationThrottle::~DataUrlNavigationThrottle() {} | |
| 47 | |
| 48 NavigationThrottle::ThrottleCheckResult | |
| 49 DataUrlNavigationThrottle::WillProcessResponse() { | |
| 50 if (MayBlockDataUrlNavigation(navigation_handle()) && | |
|
nasko
2017/03/30 23:15:45
Why do you need to call this method here? If it fa
meacer
2017/04/05 22:33:28
Done, only checking for download here.
| |
| 51 !navigation_handle()->IsDownload()) { | |
| 52 RenderFrameHost* top_frame = | |
| 53 static_cast<NavigationHandleImpl*>(navigation_handle()) | |
| 54 ->frame_tree_node() | |
| 55 ->frame_tree() | |
| 56 ->root() | |
| 57 ->current_frame_host(); | |
| 58 top_frame->AddMessageToConsole( | |
| 59 CONSOLE_MESSAGE_LEVEL_ERROR, | |
| 60 base::StringPrintf(kConsoleError, | |
| 61 navigation_handle()->GetURL().spec().c_str())); | |
| 62 return CANCEL; | |
| 63 } | |
| 64 return PROCEED; | |
| 65 } | |
| 66 | |
| 67 // static | |
| 68 std::unique_ptr<NavigationThrottle> | |
| 69 DataUrlNavigationThrottle::CreateThrottleForNavigation( | |
| 70 NavigationHandle* navigation_handle) { | |
| 71 return MayBlockDataUrlNavigation(navigation_handle) | |
| 72 ? base::WrapUnique( | |
| 73 new DataUrlNavigationThrottle(navigation_handle)) | |
| 74 : nullptr; | |
| 75 } | |
| 76 | |
| 77 } // namespace content | |
| OLD | NEW |