Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(166)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_impl.cc

Issue 2973433003: Block redirects to renderer-debug urls. (Closed)
Patch Set: Addressed comment (@clamy) Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/child_process_security_policy_impl.h" 5 #include "content/browser/child_process_security_policy_impl.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <utility> 8 #include <utility>
9 9
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 653 matching lines...) Expand 10 before | Expand all | Expand 10 after
664 664
665 // If the process can commit the URL, it can request it. 665 // If the process can commit the URL, it can request it.
666 if (CanCommitURL(child_id, url)) 666 if (CanCommitURL(child_id, url))
667 return true; 667 return true;
668 668
669 // Also allow URLs destined for ShellExecute and not the browser itself. 669 // Also allow URLs destined for ShellExecute and not the browser itself.
670 return !GetContentClient()->browser()->IsHandledURL(url) && 670 return !GetContentClient()->browser()->IsHandledURL(url) &&
671 !net::URLRequest::IsHandledURL(url); 671 !net::URLRequest::IsHandledURL(url);
672 } 672 }
673 673
674 bool ChildProcessSecurityPolicyImpl::CanRedirectToURL(const GURL& url) {
675 if (!url.is_valid())
676 return false; // Can't redirect to invalid URLs.
677
678 const std::string& scheme = url.scheme();
679
680 if (IsPseudoScheme(scheme)) {
681 // Redirects to a pseudo scheme (about, javascript, view-source, ...) are
682 // not allowed. An exception is made for <about:blank> and its variations.
683 return url.IsAboutBlank();
684 }
685
686 // Note about redirects and special URLs:
687 // * data-url: Blocked by net::DataProtocolHandler::IsSafeRedirectTarget().
688 // Depending on their inner origins and if the request is browser-initiated or
689 // renderer-initiated, blob-urls and filesystem-urls might get blocked by
690 // CanCommitURL or in DocumentLoader::RedirectReceived.
691 // * blob-url: If not blocked, a 'file not found' response will be
692 // generated in net::BlobURLRequestJob::DidStart().
693 // * filesystem-url: If not blocked, the response is displayed.
694
695 return true;
696 }
697
674 bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id, 698 bool ChildProcessSecurityPolicyImpl::CanCommitURL(int child_id,
675 const GURL& url) { 699 const GURL& url) {
676 if (!url.is_valid()) 700 if (!url.is_valid())
677 return false; // Can't commit invalid URLs. 701 return false; // Can't commit invalid URLs.
678 702
679 const std::string& scheme = url.scheme(); 703 const std::string& scheme = url.scheme();
680 704
681 // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to 705 // Of all the pseudo schemes, only about:blank and about:srcdoc are allowed to
682 // commit. 706 // commit.
683 if (IsPseudoScheme(scheme)) 707 if (IsPseudoScheme(scheme))
(...skipping 466 matching lines...) Expand 10 before | Expand all | Expand 10 after
1150 return found; 1174 return found;
1151 } 1175 }
1152 1176
1153 void ChildProcessSecurityPolicyImpl::RemoveIsolatedOriginForTesting( 1177 void ChildProcessSecurityPolicyImpl::RemoveIsolatedOriginForTesting(
1154 const url::Origin& origin) { 1178 const url::Origin& origin) {
1155 base::AutoLock lock(lock_); 1179 base::AutoLock lock(lock_);
1156 isolated_origins_.erase(origin); 1180 isolated_origins_.erase(origin);
1157 } 1181 }
1158 1182
1159 } // namespace content 1183 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/child_process_security_policy_impl.h ('k') | content/browser/child_process_security_policy_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698