OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "content/browser/frame_host/data_url_navigation_throttle.h" | |
6 | |
7 #include "base/memory/ptr_util.h" | |
8 #include "base/strings/stringprintf.h" | |
9 #include "content/browser/frame_host/frame_tree.h" | |
10 #include "content/browser/frame_host/frame_tree_node.h" | |
11 #include "content/browser/frame_host/navigation_handle_impl.h" | |
12 #include "content/public/browser/navigation_handle.h" | |
13 #include "content/public/browser/render_frame_host.h" | |
14 #include "content/public/common/console_message_level.h" | |
15 #include "url/url_constants.h" | |
16 | |
17 namespace content { | |
18 | |
19 namespace { | |
20 const char kConsoleError[] = | |
21 "Not allowed to top-level navigate to resource: %s"; | |
22 | |
23 bool MayBlockDataUrlNavigation(NavigationHandle* navigation_handle) { | |
24 // TODO(meacer): This doesn't properly handle window.open calls. | |
25 // - For standard mime types (html, image etc), this is only a | |
26 // problem if PlzNavigate is enabled because otherwise checks | |
27 // are done in the renderer. | |
28 // - For mime types handled by plugins (e.g. PDF), this is a | |
29 // problem for both PlzNavigate and non-PlzNavigate as there | |
30 // are no renderer side checks. | |
31 // Proper implementation is blocked on crbug.com/651895. | |
32 NavigationHandleImpl* handle = | |
33 static_cast<NavigationHandleImpl*>(navigation_handle); | |
34 RenderFrameHost* top_frame = | |
35 handle->frame_tree_node()->frame_tree()->root()->current_frame_host(); | |
36 return handle->GetURL().SchemeIs(url::kDataScheme) && | |
37 handle->IsInMainFrame() && handle->IsRendererInitiated() && | |
38 !top_frame->GetLastCommittedURL().SchemeIs(url::kDataScheme); | |
39 } | |
40 } | |
41 | |
42 DataUrlNavigationThrottle::DataUrlNavigationThrottle( | |
43 NavigationHandle* navigation_handle) | |
44 : NavigationThrottle(navigation_handle) {} | |
45 | |
46 DataUrlNavigationThrottle::~DataUrlNavigationThrottle() {} | |
47 | |
48 NavigationThrottle::ThrottleCheckResult | |
49 DataUrlNavigationThrottle::WillProcessResponse() { | |
50 if (MayBlockDataUrlNavigation(navigation_handle()) && | |
nasko
2017/03/30 23:15:45
Why do you need to call this method here? If it fa
meacer
2017/04/05 22:33:28
Done, only checking for download here.
| |
51 !navigation_handle()->IsDownload()) { | |
52 RenderFrameHost* top_frame = | |
53 static_cast<NavigationHandleImpl*>(navigation_handle()) | |
54 ->frame_tree_node() | |
55 ->frame_tree() | |
56 ->root() | |
57 ->current_frame_host(); | |
58 top_frame->AddMessageToConsole( | |
59 CONSOLE_MESSAGE_LEVEL_ERROR, | |
60 base::StringPrintf(kConsoleError, | |
61 navigation_handle()->GetURL().spec().c_str())); | |
62 return CANCEL; | |
63 } | |
64 return PROCEED; | |
65 } | |
66 | |
67 // static | |
68 std::unique_ptr<NavigationThrottle> | |
69 DataUrlNavigationThrottle::CreateThrottleForNavigation( | |
70 NavigationHandle* navigation_handle) { | |
71 return MayBlockDataUrlNavigation(navigation_handle) | |
72 ? base::WrapUnique( | |
73 new DataUrlNavigationThrottle(navigation_handle)) | |
74 : nullptr; | |
75 } | |
76 | |
77 } // namespace content | |
OLD | NEW |