Chromium Code Reviews Chromium Code Reviews
Issue 2702503002:
Block renderer-initiated main frame navigations to data URLs (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "build/build_config.h" | 5 #include "build/build_config.h" |
| 6 #include "content/public/common/content_features.h" | 6 #include "content/public/common/content_features.h" |
| 7 | 7 |
| 8 namespace features { | 8 namespace features { |
| 9 | 9 |
| 10 // All features in alphabetical order. | 10 // All features in alphabetical order. |
| 11 | 11 |
| 12 // Enables the Accessibility Object Model. | 12 // Enables the Accessibility Object Model. |
| 13 // Explainer: https://github.com/WICG/aom/blob/master/explainer.md | 13 // Explainer: https://github.com/WICG/aom/blob/master/explainer.md |
| 14 // Spec: https://wicg.github.io/aom/spec/ | 14 // Spec: https://wicg.github.io/aom/spec/ |
| 15 const base::Feature kAccessibilityObjectModel( | 15 const base::Feature kAccessibilityObjectModel( |
| 16 "AccessibilityObjectModel", | 16 "AccessibilityObjectModel", |
| 17 base::FEATURE_DISABLED_BY_DEFAULT); | 17 base::FEATURE_DISABLED_BY_DEFAULT); |
| 18 | 18 |
| 19 // Enables content-initiated, main-frame navigations to data URLs. | |
| 20 // TODO(meacer): Remove when the deprecation is complete. | |
| 21 // https://www.chromestatus.com/feature/5669602927312896 | |
| 22 const base::Feature kAllowInsecureDataUrlNavigations{ | |
| 23 "AllowInsecureDataUrlNavigations", base::FEATURE_DISABLED_BY_DEFAULT}; | |
|
nasko
2017/04/05 23:55:19
Technically, content-initiated is a bit better ter
meacer
2017/04/06 01:25:42
I wanted to name the flag insecure to discourage p
| |
| 24 | |
| 19 // Enables asm.js to WebAssembly V8 backend. | 25 // Enables asm.js to WebAssembly V8 backend. |
| 20 // http://asmjs.org/spec/latest/ | 26 // http://asmjs.org/spec/latest/ |
| 21 const base::Feature kAsmJsToWebAssembly{"AsmJsToWebAssembly", | 27 const base::Feature kAsmJsToWebAssembly{"AsmJsToWebAssembly", |
| 22 base::FEATURE_DISABLED_BY_DEFAULT}; | 28 base::FEATURE_DISABLED_BY_DEFAULT}; |
| 23 | 29 |
| 24 // Block subresource requests whose URLs contain embedded credentials (e.g. | 30 // Block subresource requests whose URLs contain embedded credentials (e.g. |
| 25 // `https://user:pass@example.com/resource`). | 31 // `https://user:pass@example.com/resource`). |
| 26 const base::Feature kBlockCredentialedSubresources{ | 32 const base::Feature kBlockCredentialedSubresources{ |
| 27 "BlockCredentialedSubresources", base::FEATURE_ENABLED_BY_DEFAULT}; | 33 "BlockCredentialedSubresources", base::FEATURE_ENABLED_BY_DEFAULT}; |
| 28 | 34 |
| (...skipping 282 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 311 #endif // !defined(OS_ANDROID) | 317 #endif // !defined(OS_ANDROID) |
| 312 | 318 |
| 313 #if defined(OS_WIN) | 319 #if defined(OS_WIN) |
| 314 // Emergency "off switch" for new Windows sandbox security mitigation, | 320 // Emergency "off switch" for new Windows sandbox security mitigation, |
| 315 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE. | 321 // sandbox::MITIGATION_EXTENSION_POINT_DISABLE. |
| 316 const base::Feature kWinSboxDisableExtensionPoints{ | 322 const base::Feature kWinSboxDisableExtensionPoints{ |
| 317 "WinSboxDisableExtensionPoint", base::FEATURE_ENABLED_BY_DEFAULT}; | 323 "WinSboxDisableExtensionPoint", base::FEATURE_ENABLED_BY_DEFAULT}; |
| 318 #endif | 324 #endif |
| 319 | 325 |
| 320 } // namespace features | 326 } // namespace features |
| OLD | NEW |
