Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(62)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/browser/guest_view/web_view/web_view_guest.cc

Issue 1234403005: Don't refer browser-initiated navigations to web-safe URLs to delegate. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Improve comments. Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/apps/guest_view/web_view_browsertest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/browser/guest_view/web_view/web_view_guest.h" 5 #include "extensions/browser/guest_view/web_view/web_view_guest.h"
6 6
7 #include "base/message_loop/message_loop.h" 7 #include "base/message_loop/message_loop.h"
8 #include "base/strings/stringprintf.h" 8 #include "base/strings/stringprintf.h"
9 #include "base/strings/utf_string_conversions.h" 9 #include "base/strings/utf_string_conversions.h"
10 #include "components/browsing_data/storage_partition_http_cache_data_remover.h" 10 #include "components/browsing_data/storage_partition_http_cache_data_remover.h"
(...skipping 1195 matching lines...) Expand 10 before | Expand all | Expand 10 after
1206 *was_blocked = false; 1206 *was_blocked = false;
1207 RequestNewWindowPermission(disposition, 1207 RequestNewWindowPermission(disposition,
1208 initial_rect, 1208 initial_rect,
1209 user_gesture, 1209 user_gesture,
1210 new_contents); 1210 new_contents);
1211 } 1211 }
1212 1212
1213 content::WebContents* WebViewGuest::OpenURLFromTab( 1213 content::WebContents* WebViewGuest::OpenURLFromTab(
1214 content::WebContents* source, 1214 content::WebContents* source,
1215 const content::OpenURLParams& params) { 1215 const content::OpenURLParams& params) {
1216 // There are two use cases to consider from a security perspective: 1216 // Most navigations should be handled by WebViewGuest::LoadURLWithParams,
1217 // 1.) Renderer-initiated navigation to chrome:// must always be blocked even 1217 // which takes care of blocking chrome:// URLs and other web-unsafe schemes.
1218 // if the <webview> is in WebUI. This is handled by 1218 // (NavigateGuest and CreateNewGuestWebViewWindow also go through
1219 // WebViewGuest::LoadURLWithParams. WebViewGuest::NavigateGuest will also 1219 // LoadURLWithParams.)
1220 // call LoadURLWithParams. CreateNewGuestWebViewWindow creates a new 1220 //
1221 // WebViewGuest which will call NavigateGuest in DidInitialize. 1221 // We make an exception here for context menu items, since the Language
1222 // 2.) The Language Settings context menu item should always work, both in 1222 // Settings item uses a browser-initiated navigation to a chrome:// URL.
1223 // Chrome Apps and WebUI. This is a browser initiated request and so 1223 // These can be passed to the embedder's WebContentsDelegate so that the
1224 // we pass it along to the embedder's WebContentsDelegate to get the 1224 // browser performs the action for the <webview>.
1225 // browser to perform the action for the <webview>. 1225 if (!params.is_renderer_initiated &&
1226 if (!params.is_renderer_initiated) { 1226 !content::ChildProcessSecurityPolicy::GetInstance()->IsWebSafeScheme(
1227 params.url.scheme())) {
1227 if (!owner_web_contents()->GetDelegate()) 1228 if (!owner_web_contents()->GetDelegate())
1228 return nullptr; 1229 return nullptr;
1229 return owner_web_contents()->GetDelegate()->OpenURLFromTab( 1230 return owner_web_contents()->GetDelegate()->OpenURLFromTab(
1230 owner_web_contents(), params); 1231 owner_web_contents(), params);
1231 } 1232 }
1232 1233
1233 // If the guest wishes to navigate away prior to attachment then we save the 1234 // If the guest wishes to navigate away prior to attachment then we save the
1234 // navigation to perform upon attachment. Navigation initializes a lot of 1235 // navigation to perform upon attachment. Navigation initializes a lot of
1235 // state that assumes an embedder exists, such as RenderWidgetHostViewGuest. 1236 // state that assumes an embedder exists, such as RenderWidgetHostViewGuest.
1236 // Navigation also resumes resource loading which we don't want to allow 1237 // Navigation also resumes resource loading which we don't want to allow
(...skipping 213 matching lines...) Expand 10 before | Expand all | Expand 10 after
1450 scoped_ptr<base::DictionaryValue> args(new base::DictionaryValue()); 1451 scoped_ptr<base::DictionaryValue> args(new base::DictionaryValue());
1451 DispatchEventToView( 1452 DispatchEventToView(
1452 new GuestViewEvent(webview::kEventExitFullscreen, args.Pass())); 1453 new GuestViewEvent(webview::kEventExitFullscreen, args.Pass()));
1453 } 1454 }
1454 // Since we changed fullscreen state, sending a Resize message ensures that 1455 // Since we changed fullscreen state, sending a Resize message ensures that
1455 // renderer/ sees the change. 1456 // renderer/ sees the change.
1456 web_contents()->GetRenderViewHost()->WasResized(); 1457 web_contents()->GetRenderViewHost()->WasResized();
1457 } 1458 }
1458 1459
1459 } // namespace extensions 1460 } // namespace extensions
OLDNEW
« no previous file with comments | « chrome/browser/apps/guest_view/web_view_browsertest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698