Index: content/browser/child_process_security_policy_impl.h |
diff --git a/content/browser/child_process_security_policy_impl.h b/content/browser/child_process_security_policy_impl.h |
index 5a5e7407064fe1a0ba9dcb3c8ae2985d74e4051f..1ef48ca3cdd7b2ec01f61ff17cf28c5c37284459 100644 |
--- a/content/browser/child_process_security_policy_impl.h |
+++ b/content/browser/child_process_security_policy_impl.h |
@@ -270,6 +270,13 @@ class CONTENT_EXPORT ChildProcessSecurityPolicyImpl |
// as ensuring that there are no active SiteInstances in that origin. |
void RemoveIsolatedOriginForTesting(const url::Origin& origin); |
+ // Returns false for redirects that must be blocked no matter which renderer |
+ // process initiated the request (if any). |
+ // Note: Checking CanRedirectToURL is not enough. CanRequestURL(child_id, url) |
+ // represents a stricter subset. It must be used when appropriate (i.e. |
Charlie Reis
2017/07/10 21:16:22
Slight rephrase: It must also be used for renderer
arthursonzogni
2017/07/11 16:21:31
Done.
|
+ // for renderer initiated navigations). |
+ bool CanRedirectToURL(const GURL& url); |
+ |
private: |
friend class ChildProcessSecurityPolicyInProcessBrowserTest; |
friend class ChildProcessSecurityPolicyTest; |