Block renderer-initiated main frame navigations to data URLs

content/browser/frame_host/navigation_handle_impl.cc

Index: content/browser/frame_host/navigation_handle_impl.cc
diff --git a/content/browser/frame_host/navigation_handle_impl.cc b/content/browser/frame_host/navigation_handle_impl.cc
index b34eca2b8379e722f58289572ff7ca06bd150a76..443825551cf2eed452269170def8ff4316dc55d8 100644
--- a/content/browser/frame_host/navigation_handle_impl.cc
+++ b/content/browser/frame_host/navigation_handle_impl.cc
@@ -13,6 +13,7 @@
 #include "content/browser/child_process_security_policy_impl.h"
 #include "content/browser/devtools/render_frame_devtools_agent_host.h"
 #include "content/browser/frame_host/ancestor_throttle.h"
+#include "content/browser/frame_host/data_url_navigation_throttle.h"
 #include "content/browser/frame_host/debug_urls.h"
 #include "content/browser/frame_host/form_submission_throttle.h"
 #include "content/browser/frame_host/frame_tree_node.h"
@@ -290,6 +291,10 @@ bool NavigationHandleImpl::HasCommitted() {
   return state_ == DID_COMMIT || state_ == DID_COMMIT_ERROR_PAGE;
 }
 
+bool NavigationHandleImpl::IsDownload() {
+  return is_download_;
+}
+
 bool NavigationHandleImpl::IsErrorPage() {
   return state_ == DID_COMMIT_ERROR_PAGE;
 }
@@ -680,14 +685,6 @@ void NavigationHandleImpl::DidCommitNavigation(
   } else {
     state_ = DID_COMMIT;
   }
-
-  if (url_.SchemeIs(url::kDataScheme) && IsInMainFrame() &&
-      IsRendererInitiated()) {
-    GetRenderFrameHost()->AddMessageToConsole(
-        CONSOLE_MESSAGE_LEVEL_WARNING,
-        "Upcoming versions will block content-initiated top frame navigations "
-        "to data: URLs. For more information, see https://goo.gl/BaZAea.");
-  }
 }
 
 void NavigationHandleImpl::Transfer() {
@@ -929,6 +926,13 @@ void NavigationHandleImpl::RegisterNavigationThrottles() {
   std::vector<std::unique_ptr<NavigationThrottle>> throttles_to_register =
       GetDelegate()->CreateThrottlesForNavigation(this);
 
+  // Check for top-frame, content-initiated navigations to data URLs. This is

[nasko, 2017/03/30 23:15:45]

nit: s/content-initiated/renderer-initiated/, s/top-frame/main frame/

[meacer, 2017/04/05 22:33:28]

Done.

+  // done first as it may block the top frame navigation altogether.
+  std::unique_ptr<NavigationThrottle> data_url_navigation_throttle =
+      DataUrlNavigationThrottle::CreateThrottleForNavigation(this);
+  if (data_url_navigation_throttle)
+    throttles_to_register.push_back(std::move(data_url_navigation_throttle));
+
   std::unique_ptr<content::NavigationThrottle> ancestor_throttle =
       content::AncestorThrottle::MaybeCreateThrottleFor(this);
   if (ancestor_throttle)