Block renderer-initiated main frame navigations to data URLs

content/public/common/content_features.cc

Index: content/public/common/content_features.cc
diff --git a/content/public/common/content_features.cc b/content/public/common/content_features.cc
index c1ccf0d87d5ceeb569a69fe126d8edfbb38cb6d1..d6f16c010df2019f03446062e4719f8256296636 100644
--- a/content/public/common/content_features.cc
+++ b/content/public/common/content_features.cc
@@ -16,6 +16,12 @@ const base::Feature kAccessibilityObjectModel(
     "AccessibilityObjectModel",
     base::FEATURE_DISABLED_BY_DEFAULT);
 
+// Enables content-initiated, main-frame navigations to data URLs.
+// TODO(meacer): Remove when the deprecation is complete.
+//               https://www.chromestatus.com/feature/5669602927312896
+const base::Feature kAllowInsecureDataUrlNavigations{
+    "AllowInsecureDataUrlNavigations", base::FEATURE_DISABLED_BY_DEFAULT};

[nasko, 2017/04/05 23:55:19]

Technically, content-initiated is a bit better term than insecure, as they are
just as "secure" as the document that delivered them. However, they are being
abused, which might link them to security.

[meacer, 2017/04/06 01:25:42]

I wanted to name the flag insecure to discourage people from using it, but I
don't have a strong opinion. 
 AllowContentInititatedDataUrlNavigations also sounds good.

+
 // Enables asm.js to WebAssembly V8 backend.
 // http://asmjs.org/spec/latest/
 const base::Feature kAsmJsToWebAssembly{"AsmJsToWebAssembly",