Chrome-side changes to use registerURLSchemeNoAccess.

webkit/port/bindings/v8/v8_proxy.cpp

 // Copyright (c) 2008, Google Inc.
 // All rights reserved.
 //
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 // notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
@@ skipping 1978 matching lines @@
     if (!document)
         return false;
 
     SecurityOrigin* origin = document->securityOrigin();
     if (origin->protocol().isEmpty())
         return false;  // Uninitialized document
 
     if (origin->protocol() == "http" || origin->protocol() == "https")
         return false;  // Web site
 
+    // TODO(darin): the following are application decisions, and they should
+    // not be made at this layer.  instead, we should bridge out to the
+    // embedder to allow them to override policy here.
+
     if (origin->protocol() == ChromiumBridge::uiResourceProtocol())
         return true;   // Embedder's scripts are ok to run
 
     // If the scheme is ftp: or file:, an empty file name indicates a directory
     // listing, which requires JavaScript to function properly.
     const char* kDirProtocols[] = { "ftp", "file" };
     for (size_t i = 0; i < arraysize(kDirProtocols); ++i) {
         if (origin->protocol() == kDirProtocols[i]) {
             const KURL& url = document->url();
             return url.pathAfterLastSlash() == url.pathEnd();
@@ skipping 192 matching lines @@
 
     const SecurityOrigin* active_security_origin = origin_window->securityOrigin();
     const SecurityOrigin* target_security_origin = target_window->securityOrigin();
 
     // We have seen crashes were the security origin of the target has not been
     // initialized.  Defend against that.
     ASSERT(target_security_origin);
     if (!target_security_origin)
         return false;
 
-    String ui_resource_protocol = ChromiumBridge::uiResourceProtocol();
-    if (active_security_origin->protocol() == ui_resource_protocol) {
-        KURL inspector_url = ChromiumBridge::inspectorURL();
-        ASSERT(inspector_url.protocol() == ui_resource_protocol);
-
-        // The Inspector can access anything.
-        if (active_security_origin->host() == inspector_url.host())
-            return true;
-
-        // To mitigate XSS vulnerabilities on the browser itself, UI resources
-        // besides the Inspector can't access other documents.
-        return false;
-    }
-
     if (active_security_origin->canAccess(target_security_origin))
         return true;
 
     // Allow access to a "about:blank" page if the dynamic context is a
     // detached context of the same frame as the blank page.
     if (target_security_origin->isEmpty() &&
         origin_window->frame() == target_window->frame())
         return true;
 
     return false;
@@ skipping 1285 matching lines @@
     }
     return ToWebCoreString(v8::Debug::Call(frame_source_name));
 }
 
 void V8Proxy::RegisterExtension(v8::Extension* extension) {
     v8::RegisterExtension(extension);
     m_extensions.push_back(extension);
 }
 
 }  // namespace WebCore