| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/renderer_host/render_view_host_impl.h" | 5 #include "content/browser/renderer_host/render_view_host_impl.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 1285 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1296 RenderViewHostDelegateView* view = delegate_->GetDelegateView(); | 1296 RenderViewHostDelegateView* view = delegate_->GetDelegateView(); |
| 1297 if (!view) | 1297 if (!view) |
| 1298 return; | 1298 return; |
| 1299 | 1299 |
| 1300 DropData filtered_data(drop_data); | 1300 DropData filtered_data(drop_data); |
| 1301 RenderProcessHost* process = GetProcess(); | 1301 RenderProcessHost* process = GetProcess(); |
| 1302 ChildProcessSecurityPolicyImpl* policy = | 1302 ChildProcessSecurityPolicyImpl* policy = |
| 1303 ChildProcessSecurityPolicyImpl::GetInstance(); | 1303 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 1304 | 1304 |
| 1305 // Allow drag of Javascript URLs to enable bookmarklet drag to bookmark bar. | 1305 // Allow drag of Javascript URLs to enable bookmarklet drag to bookmark bar. |
| 1306 if (!filtered_data.url.SchemeIs(kJavaScriptScheme)) | 1306 if (!filtered_data.url.SchemeIs(url::kJavaScriptScheme)) |
| 1307 process->FilterURL(true, &filtered_data.url); | 1307 process->FilterURL(true, &filtered_data.url); |
| 1308 process->FilterURL(false, &filtered_data.html_base_url); | 1308 process->FilterURL(false, &filtered_data.html_base_url); |
| 1309 // Filter out any paths that the renderer didn't have access to. This prevents | 1309 // Filter out any paths that the renderer didn't have access to. This prevents |
| 1310 // the following attack on a malicious renderer: | 1310 // the following attack on a malicious renderer: |
| 1311 // 1. StartDragging IPC sent with renderer-specified filesystem paths that it | 1311 // 1. StartDragging IPC sent with renderer-specified filesystem paths that it |
| 1312 // doesn't have read permissions for. | 1312 // doesn't have read permissions for. |
| 1313 // 2. We initiate a native DnD operation. | 1313 // 2. We initiate a native DnD operation. |
| 1314 // 3. DnD operation immediately ends since mouse is not held down. DnD events | 1314 // 3. DnD operation immediately ends since mouse is not held down. DnD events |
| 1315 // still fire though, which causes read permissions to be granted to the | 1315 // still fire though, which causes read permissions to be granted to the |
| 1316 // renderer for any file paths in the drop. | 1316 // renderer for any file paths in the drop. |
| (...skipping 410 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1727 return true; | 1727 return true; |
| 1728 } | 1728 } |
| 1729 | 1729 |
| 1730 void RenderViewHostImpl::AttachToFrameTree() { | 1730 void RenderViewHostImpl::AttachToFrameTree() { |
| 1731 FrameTree* frame_tree = delegate_->GetFrameTree(); | 1731 FrameTree* frame_tree = delegate_->GetFrameTree(); |
| 1732 | 1732 |
| 1733 frame_tree->ResetForMainFrameSwap(); | 1733 frame_tree->ResetForMainFrameSwap(); |
| 1734 } | 1734 } |
| 1735 | 1735 |
| 1736 } // namespace content | 1736 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 273193004:
Move some content url constants to /url. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master