Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2596)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/renderer/render_thread_impl.cc

Issue 647853002: Create a proprietary scheme for loading web-accessible resources. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: msvc fix Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« content/browser/resource_protocol_unittest.cc ('K') | « content/public/common/url_constants.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/renderer/render_thread_impl.cc
diff --git a/content/renderer/render_thread_impl.cc b/content/renderer/render_thread_impl.cc
index a03732c1295e8d36cfb91a3965cf49941dc08638..4b83dffa4899cdac97c1abf07c64a9699489a9cf 100644
--- a/content/renderer/render_thread_impl.cc
+++ b/content/renderer/render_thread_impl.cc
@@ -974,6 +974,14 @@ void RenderThreadImpl::RegisterSchemes() {
WebString swappedout_scheme(base::ASCIIToUTF16(kSwappedOutScheme));
WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(swappedout_scheme);
WebSecurityPolicy::registerURLSchemeAsEmptyDocument(swappedout_scheme);
+
+ // This scheme serves resources that may be injected into the
+ // web page (e.g. by Blink). This isn't mixed content, and
+ // content security policy doesn't apply.
+ WebString resource_scheme(base::ASCIIToUTF16(kResourceScheme));
+ WebSecurityPolicy::registerURLSchemeAsSecure(resource_scheme);
+ WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
Tom Sepez 2014/11/17 18:09:11 Do we need to bypass CSP? For a CSP-enabled web p
jbroman 2014/11/17 18:35:16 The goal is to be able to use this scheme to host
+ resource_scheme);
}
void RenderThreadImpl::NotifyTimezoneChange() {
« content/browser/resource_protocol_unittest.cc ('K') | « content/public/common/url_constants.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698