Chromium Code Reviews Chromium Code Reviews
Issue 2702503002:
Block renderer-initiated main frame navigations to data URLs (Closed)
| Index: third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp |
| diff --git a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp |
| index 14cc844e8339dc8ef4b2448d578680f3841a8567..4282ed667212a6090205f8ebdb10932ce6c8ba6c 100644 |
| --- a/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp |
| +++ b/third_party/WebKit/Source/platform/weborigin/SecurityOrigin.cpp |
| @@ -30,6 +30,7 @@ |
| #include <memory> |
| #include "platform/RuntimeEnabledFeatures.h" |
| +#include "platform/network/NetworkUtils.h" |
| #include "platform/weborigin/KURL.h" |
| #include "platform/weborigin/KnownPorts.h" |
| #include "platform/weborigin/SchemeRegistry.h" |
| @@ -336,6 +337,20 @@ bool SecurityOrigin::CanDisplay(const KURL& url) const { |
| return true; |
| } |
| +bool SecurityOrigin::CanNavigateInTopFrame(const KURL& url) const { |
| + if (universal_access_) |
|
dcheng
2017/04/15 00:11:24
I assume this exception is required for layout tes
meacer
2017/04/15 00:53:53
As we discussed offline, it's not required for lay
|
| + return true; |
| + |
| + // Block content-initiated loads of data URLs in the top frame. If the mime |
| + // type is supported, the URL will eventually be rendered, so block it here. |
| + // Otherwise, the load might be handled by a plugin or end up as a download, |
| + // so allow it to let the embedder figure out what to do with it. |
| + if (url.ProtocolIsData() && NetworkUtils::IsDataURLMimeTypeSupported(url)) { |
| + return false; |
| + } |
| + return true; |
| +} |
| + |
| bool SecurityOrigin::IsPotentiallyTrustworthy() const { |
| ASSERT(protocol_ != "data"); |
| if (IsUnique()) |
