Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(543)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: extensions/browser/guest_view/web_view/web_view_guest.cc

Issue 1350073002: PDFs viewed inside a <webview> should navigate the same as PDFs in tabs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Pass boolean instead of tabId. Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/resources/pdf/pdf.js ('K') | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: extensions/browser/guest_view/web_view/web_view_guest.cc
diff --git a/extensions/browser/guest_view/web_view/web_view_guest.cc b/extensions/browser/guest_view/web_view/web_view_guest.cc
index e96b30e532beb8dc7dddfef4a67ba54adff6b76f..f4d1cc4fe7039f12593f52c921a9ad37c2f7acb5 100644
--- a/extensions/browser/guest_view/web_view/web_view_guest.cc
+++ b/extensions/browser/guest_view/web_view/web_view_guest.cc
@@ -1235,17 +1235,20 @@ void WebViewGuest::AddNewContents(WebContents* source,
WebContents* WebViewGuest::OpenURLFromTab(
WebContents* source,
const content::OpenURLParams& params) {
- // There are two use cases to consider from a security perspective:
- // 1.) Renderer-initiated navigation to chrome:// must always be blocked even
- // if the <webview> is in WebUI. This is handled by
- // WebViewGuest::LoadURLWithParams. WebViewGuest::NavigateGuest will also
- // call LoadURLWithParams. CreateNewGuestWebViewWindow creates a new
- // WebViewGuest which will call NavigateGuest in DidInitialize.
- // 2.) The Language Settings context menu item should always work, both in
- // Chrome Apps and WebUI. This is a browser initiated request and so
- // we pass it along to the embedder's WebContentsDelegate to get the
- // browser to perform the action for the <webview>.
- if (!params.is_renderer_initiated) {
+ // Most navigations should be handled by WebViewGuest::LoadURLWithParams,
+ // which takes care of blocking chrome:// URLs and other web-unsafe schemes.
+ // (NavigateGuest and CreateNewGuestWebViewWindow also go through
+ // LoadURLWithParams.)
+ //
+ // We make an exception here for context menu items, since the Language
+ // Settings item uses a browser-initiated navigation to a chrome:// URL.
+ // These can be passed to the embedder's WebContentsDelegate so that the
+ // browser performs the action for the <webview>. Navigations to a new
+ // tab, etc., are also handled by the WebContentsDelegate.
+ if (!params.is_renderer_initiated &&
+ (!content::ChildProcessSecurityPolicy::GetInstance()->IsWebSafeScheme(
+ params.url.scheme()) ||
+ params.disposition != CURRENT_TAB)) {
if (!owner_web_contents()->GetDelegate())
return nullptr;
return owner_web_contents()->GetDelegate()->OpenURLFromTab(
« chrome/browser/resources/pdf/pdf.js ('K') | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698