| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/frame_host/render_frame_host_impl.h" | 5 #include "content/browser/frame_host/render_frame_host_impl.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/containers/hash_tables.h" | 8 #include "base/containers/hash_tables.h" |
| 9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
| 10 #include "base/metrics/user_metrics_action.h" | 10 #include "base/metrics/user_metrics_action.h" |
| (...skipping 439 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 450 if (render_view_host_->IsWaitingForUnloadACK()) | 450 if (render_view_host_->IsWaitingForUnloadACK()) |
| 451 return; | 451 return; |
| 452 | 452 |
| 453 RenderProcessHost* process = GetProcess(); | 453 RenderProcessHost* process = GetProcess(); |
| 454 | 454 |
| 455 // Attempts to commit certain off-limits URL should be caught more strictly | 455 // Attempts to commit certain off-limits URL should be caught more strictly |
| 456 // than our FilterURL checks below. If a renderer violates this policy, it | 456 // than our FilterURL checks below. If a renderer violates this policy, it |
| 457 // should be killed. | 457 // should be killed. |
| 458 if (!CanCommitURL(validated_params.url)) { | 458 if (!CanCommitURL(validated_params.url)) { |
| 459 VLOG(1) << "Blocked URL " << validated_params.url.spec(); | 459 VLOG(1) << "Blocked URL " << validated_params.url.spec(); |
| 460 validated_params.url = GURL(kAboutBlankURL); | 460 validated_params.url = GURL(url::kAboutBlankURL); |
| 461 RecordAction(base::UserMetricsAction("CanCommitURL_BlockedAndKilled")); | 461 RecordAction(base::UserMetricsAction("CanCommitURL_BlockedAndKilled")); |
| 462 // Kills the process. | 462 // Kills the process. |
| 463 process->ReceivedBadMessage(); | 463 process->ReceivedBadMessage(); |
| 464 } | 464 } |
| 465 | 465 |
| 466 // Without this check, an evil renderer can trick the browser into creating | 466 // Without this check, an evil renderer can trick the browser into creating |
| 467 // a navigation entry for a banned URL. If the user clicks the back button | 467 // a navigation entry for a banned URL. If the user clicks the back button |
| 468 // followed by the forward button (or clicks reload, or round-trips through | 468 // followed by the forward button (or clicks reload, or round-trips through |
| 469 // session restore, etc), we'll think that the browser commanded the | 469 // session restore, etc), we'll think that the browser commanded the |
| 470 // renderer to load the URL and grant the renderer the privileges to request | 470 // renderer to load the URL and grant the renderer the privileges to request |
| (...skipping 419 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 890 cancel_notification_callbacks_.erase(notification_id); | 890 cancel_notification_callbacks_.erase(notification_id); |
| 891 } | 891 } |
| 892 | 892 |
| 893 void RenderFrameHostImpl::DesktopNotificationPermissionRequestDone( | 893 void RenderFrameHostImpl::DesktopNotificationPermissionRequestDone( |
| 894 int callback_context) { | 894 int callback_context) { |
| 895 Send(new DesktopNotificationMsg_PermissionRequestDone( | 895 Send(new DesktopNotificationMsg_PermissionRequestDone( |
| 896 routing_id_, callback_context)); | 896 routing_id_, callback_context)); |
| 897 } | 897 } |
| 898 | 898 |
| 899 } // namespace content | 899 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 325443002:
Move about://-related constants from //content to //url (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src