OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 649 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
660 | 660 |
661 // If the process can commit the URL, it can request it. | 661 // If the process can commit the URL, it can request it. |
662 if (CanCommitURL(child_id, url)) | 662 if (CanCommitURL(child_id, url)) |
663 return true; | 663 return true; |
664 | 664 |
665 // Also allow URLs destined for ShellExecute and not the browser itself. | 665 // Also allow URLs destined for ShellExecute and not the browser itself. |
666 return !GetContentClient()->browser()->IsHandledURL(url) && | 666 return !GetContentClient()->browser()->IsHandledURL(url) && |
667 !net::URLRequest::IsHandledURL(url); | 667 !net::URLRequest::IsHandledURL(url); |
668 } | 668 } |
669 | 669 |
670 bool ChildProcessSecurityPolicyImpl::CanRedirectToURL(const GURL& url) { | |
Charlie Reis
2017/07/07 17:12:59
It makes me nervous to be doing a narrower version
clamy
2017/07/10 12:29:19
The issue is that we need to block redirects to re
Charlie Reis
2017/07/10 21:16:21
I'm happy with where we ended up. I think there's
| |
671 if (!url.is_valid()) | |
672 return false; // Can't redirect to invalid URLs. | |
673 | |
674 const std::string& scheme = url.scheme(); | |
675 | |
676 if (IsPseudoScheme(scheme)) { | |
677 // Redirects to a pseudo scheme (about, javascript, view-source, ...) are | |
678 // not allowed. An exception is made for <about:blank> and its variations. | |
679 return url.IsAboutBlank(); | |
680 } | |
681 | |
682 // Redirects to blob-url or filesystem-url are not allowed. | |
683 if (url.SchemeIsBlob() || url.SchemeIsFileSystem()) | |
684 return false; | |
685 | |
686 return IsWebSafeScheme(scheme); | |
Charlie Reis
2017/07/07 17:12:59
We're basically skipping the CanCommitURL and IsHa
clamy
2017/07/10 12:29:19
As explained above, we can't really use the proces
Charlie Reis
2017/07/10 21:16:21
Sure. If we need to, we can tighten it in a separ
| |
687 } | |
688 | |
670 bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id, | 689 bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id, |
671 const GURL& url) { | 690 const GURL& url) { |
672 if (!url.is_valid()) | 691 if (!url.is_valid()) |
673 return false; // Can't commit invalid URLs. | 692 return false; // Can't commit invalid URLs. |
674 | 693 |
675 // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to | 694 // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to |
676 // commit. | 695 // commit. |
677 if (IsPseudoScheme(url.scheme())) | 696 if (IsPseudoScheme(url.scheme())) |
678 return url == url::kAboutBlankURL || url == kAboutSrcDocURL; | 697 return url == url::kAboutBlankURL || url == kAboutSrcDocURL; |
679 | 698 |
(...skipping 463 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1143 return found; | 1162 return found; |
1144 } | 1163 } |
1145 | 1164 |
1146 void ChildProcessSecurityPolicyImpl::RemoveIsolatedOriginForTesting( | 1165 void ChildProcessSecurityPolicyImpl::RemoveIsolatedOriginForTesting( |
1147 const url::Origin& origin) { | 1166 const url::Origin& origin) { |
1148 base::AutoLock lock(lock_); | 1167 base::AutoLock lock(lock_); |
1149 isolated_origins_.erase(origin); | 1168 isolated_origins_.erase(origin); |
1150 } | 1169 } |
1151 | 1170 |
1152 } // namespace content | 1171 } // namespace content |
OLD | NEW |