| Index: chrome/browser/ui/browser_commands.cc
|
| diff --git a/chrome/browser/ui/browser_commands.cc b/chrome/browser/ui/browser_commands.cc
|
| index 8a593d55da12f375366a2edd253feb7f6b24ab29..74d6025469c49a7d5ff69ce2db3acf79f978e937 100644
|
| --- a/chrome/browser/ui/browser_commands.cc
|
| +++ b/chrome/browser/ui/browser_commands.cc
|
| @@ -1148,6 +1148,17 @@ void ViewSource(Browser* browser, WebContents* contents) {
|
| if (!entry)
|
| return;
|
|
|
| + // The URL "data:," is a special case, since Blink uses it when it wants to
|
| + // show a "blocked page" from its reflected XSS filter. When the XSS filter
|
| + // triggers, the current entry gets marked as containing an XSS, and then a
|
| + // new navigation to "data:," occurs on top of it. Showing that page in place
|
| + // of the "data:," URL permits examination of the cause of the reflection.
|
| + if (entry->GetURL() == GURL("data:,")) {
|
| + NavigationEntry* previous = contents->GetController().GetEntryAtOffset(-1);
|
| + if (previous && previous->GetXssDetected())
|
| + entry = previous;
|
| + }
|
| +
|
| ViewSource(browser, contents, entry->GetURL(), entry->GetPageState());
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 304313003:
Allow view-source of pages fully-blocked by Blink's XSS filter. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src