OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/child_process_security_policy_impl.h" | 5 #include "content/browser/child_process_security_policy_impl.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 653 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
664 | 664 |
665 // If the process can commit the URL, it can request it. | 665 // If the process can commit the URL, it can request it. |
666 if (CanCommitURL(child_id, url)) | 666 if (CanCommitURL(child_id, url)) |
667 return true; | 667 return true; |
668 | 668 |
669 // Also allow URLs destined for ShellExecute and not the browser itself. | 669 // Also allow URLs destined for ShellExecute and not the browser itself. |
670 return !GetContentClient()->browser()->IsHandledURL(url) && | 670 return !GetContentClient()->browser()->IsHandledURL(url) && |
671 !net::URLRequest::IsHandledURL(url); | 671 !net::URLRequest::IsHandledURL(url); |
672 } | 672 } |
673 | 673 |
| 674 bool ChildProcessSecurityPolicyImpl::CanRedirectToURL(const GURL& url) { |
| 675 if (!url.is_valid()) |
| 676 return false; // Can't redirect to invalid URLs. |
| 677 |
| 678 const std::string& scheme = url.scheme(); |
| 679 |
| 680 if (IsPseudoScheme(scheme)) { |
| 681 // Redirects to a pseudo scheme (about, javascript, view-source, ...) are |
| 682 // not allowed. An exception is made for <about:blank> and its variations. |
| 683 return url.IsAboutBlank(); |
| 684 } |
| 685 |
| 686 // Note about redirects and special URLs: |
| 687 // * data-url: Blocked by net::DataProtocolHandler::IsSafeRedirectTarget(). |
| 688 // Depending on their inner origins and if the request is browser-initiated or |
| 689 // renderer-initiated, blob-urls and filesystem-urls might get blocked by |
| 690 // CanCommitURL or in DocumentLoader::RedirectReceived. |
| 691 // * blob-url: If not blocked, a 'file not found' response will be |
| 692 // generated in net::BlobURLRequestJob::DidStart(). |
| 693 // * filesystem-url: If not blocked, the response is displayed. |
| 694 |
| 695 return true; |
| 696 } |
| 697 |
674 bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id, | 698 bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id, |
675 const GURL& url) { | 699 const GURL& url) { |
676 if (!url.is_valid()) | 700 if (!url.is_valid()) |
677 return false; // Can't commit invalid URLs. | 701 return false; // Can't commit invalid URLs. |
678 | 702 |
679 const std::string& scheme = url.scheme(); | 703 const std::string& scheme = url.scheme(); |
680 | 704 |
681 // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to | 705 // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to |
682 // commit. | 706 // commit. |
683 if (IsPseudoScheme(scheme)) | 707 if (IsPseudoScheme(scheme)) |
(...skipping 466 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1150 return found; | 1174 return found; |
1151 } | 1175 } |
1152 | 1176 |
1153 void ChildProcessSecurityPolicyImpl::RemoveIsolatedOriginForTesting( | 1177 void ChildProcessSecurityPolicyImpl::RemoveIsolatedOriginForTesting( |
1154 const url::Origin& origin) { | 1178 const url::Origin& origin) { |
1155 base::AutoLock lock(lock_); | 1179 base::AutoLock lock(lock_); |
1156 isolated_origins_.erase(origin); | 1180 isolated_origins_.erase(origin); |
1157 } | 1181 } |
1158 | 1182 |
1159 } // namespace content | 1183 } // namespace content |
OLD | NEW |