Block redirects to renderer-debug urls.

content/browser/child_process_security_policy_impl.h

Index: content/browser/child_process_security_policy_impl.h
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h
index 5a5e7407064fe1a0ba9dcb3c8ae2985d74e4051f..1ef48ca3cdd7b2ec01f61ff17cf28c5c37284459 100644
--- a/content/browser/child_process_security_policy_impl.h
+++ b/content/browser/child_process_security_policy_impl.h
@@ -270,6 +270,13 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl
   // as ensuring that there are no active SiteInstances in that origin.
   void RemoveIsolatedOriginForTesting(const url::Origin& origin);
 
+  // Returns false for redirects that must be blocked no matter which renderer
+  // process initiated the request (if any).
+  // Note: Checking CanRedirectToURL is not enough. CanRequestURL(child_id, url)
+  //       represents a stricter subset. It must be used when appropriate (i.e.

[Charlie Reis, 2017/07/10 21:16:22]

Slight rephrase: It must also be used for renderer-initiated navigations.

[arthursonzogni, 2017/07/11 16:21:31]

Done.

+  //       for renderer initiated navigations).
+  bool CanRedirectToURL(const GURL& url);
+
  private:
   friend class ChildProcessSecurityPolicyInProcessBrowserTest;
   friend class ChildProcessSecurityPolicyTest;