| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/renderer_host/render_view_host_impl.h" | 5 #include "content/browser/renderer_host/render_view_host_impl.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 1076 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1087 return true; | 1087 return true; |
| 1088 } | 1088 } |
| 1089 | 1089 |
| 1090 void RenderViewHostImpl::CreateNewWindow( | 1090 void RenderViewHostImpl::CreateNewWindow( |
| 1091 int route_id, | 1091 int route_id, |
| 1092 const ViewHostMsg_CreateWindow_Params& params, | 1092 const ViewHostMsg_CreateWindow_Params& params, |
| 1093 SessionStorageNamespace* session_storage_namespace) { | 1093 SessionStorageNamespace* session_storage_namespace) { |
| 1094 ViewHostMsg_CreateWindow_Params validated_params(params); | 1094 ViewHostMsg_CreateWindow_Params validated_params(params); |
| 1095 ChildProcessSecurityPolicyImpl* policy = | 1095 ChildProcessSecurityPolicyImpl* policy = |
| 1096 ChildProcessSecurityPolicyImpl::GetInstance(); | 1096 ChildProcessSecurityPolicyImpl::GetInstance(); |
| 1097 // TODO(cevans): also validate opener_url, opener_security_origin. | |
| 1098 FilterURL(policy, GetProcess(), false, &validated_params.target_url); | 1097 FilterURL(policy, GetProcess(), false, &validated_params.target_url); |
| 1098 FilterURL(policy, GetProcess(), false, &validated_params.opener_url); |
| 1099 FilterURL(policy, GetProcess(), true, |
| 1100 &validated_params.opener_security_origin); |
| 1099 | 1101 |
| 1100 delegate_->CreateNewWindow(route_id, validated_params, | 1102 delegate_->CreateNewWindow(route_id, validated_params, |
| 1101 session_storage_namespace); | 1103 session_storage_namespace); |
| 1102 } | 1104 } |
| 1103 | 1105 |
| 1104 void RenderViewHostImpl::CreateNewWidget(int route_id, | 1106 void RenderViewHostImpl::CreateNewWidget(int route_id, |
| 1105 WebKit::WebPopupType popup_type) { | 1107 WebKit::WebPopupType popup_type) { |
| 1106 delegate_->CreateNewWidget(route_id, popup_type); | 1108 delegate_->CreateNewWidget(route_id, popup_type); |
| 1107 } | 1109 } |
| 1108 | 1110 |
| (...skipping 992 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2101 GetRoutingID(), snapshot_id, snapshot_size, png)); | 2103 GetRoutingID(), snapshot_id, snapshot_size, png)); |
| 2102 return; | 2104 return; |
| 2103 } | 2105 } |
| 2104 } | 2106 } |
| 2105 | 2107 |
| 2106 Send(new ViewMsg_WindowSnapshotCompleted( | 2108 Send(new ViewMsg_WindowSnapshotCompleted( |
| 2107 GetRoutingID(), snapshot_id, gfx::Size(), png)); | 2109 GetRoutingID(), snapshot_id, gfx::Size(), png)); |
| 2108 } | 2110 } |
| 2109 | 2111 |
| 2110 } // namespace content | 2112 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12036002:
Filter more incoming URLs in the CreateWindow path. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/