Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1398)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/tab_contents/tab_contents.cc

Issue 9794009: Use about:blank as the failback URL if the filter denies a navigation. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/renderer_host/render_view_host_unittest.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/tab_contents/tab_contents.cc
===================================================================
--- content/browser/tab_contents/tab_contents.cc (revision 127913)
+++ content/browser/tab_contents/tab_contents.cc (working copy)
@@ -1435,10 +1435,17 @@
const GURL& url) {
bool is_error_page = (url.spec() == chrome::kUnreachableWebDataURL);
GURL validated_url(url);
+ GURL validated_opener_url(opener_url);
GetRenderViewHostImpl()->FilterURL(
ChildProcessSecurityPolicyImpl::GetInstance(),
GetRenderProcessHost()->GetID(),
+ false,
&validated_url);
+ GetRenderViewHostImpl()->FilterURL(
+ ChildProcessSecurityPolicyImpl::GetInstance(),
+ GetRenderProcessHost()->GetID(),
+ true,
+ &validated_opener_url);
RenderViewHost* rvh =
render_manager_.pending_render_view_host() ?
@@ -1451,7 +1458,8 @@
if (is_main_frame) {
// Notify observers about the provisional change in the main frame URL.
FOR_EACH_OBSERVER(WebContentsObserver, observers_,
- ProvisionalChangeToMainFrameUrl(url, opener_url));
+ ProvisionalChangeToMainFrameUrl(validated_url,
+ validated_opener_url));
}
}
@@ -1462,18 +1470,36 @@
// TODO(creis): Remove this method and have the pre-rendering code listen to
// the ResourceDispatcherHost's RESOURCE_RECEIVED_REDIRECT notification
// instead. See http://crbug.com/78512.
+ GURL validated_source_url(source_url);
+ GURL validated_target_url(target_url);
+ GURL validated_opener_url(opener_url);
+ GetRenderViewHostImpl()->FilterURL(
+ ChildProcessSecurityPolicyImpl::GetInstance(),
+ GetRenderProcessHost()->GetID(),
+ false,
+ &validated_source_url);
+ GetRenderViewHostImpl()->FilterURL(
+ ChildProcessSecurityPolicyImpl::GetInstance(),
+ GetRenderProcessHost()->GetID(),
+ false,
+ &validated_target_url);
+ GetRenderViewHostImpl()->FilterURL(
+ ChildProcessSecurityPolicyImpl::GetInstance(),
+ GetRenderProcessHost()->GetID(),
+ true,
+ &validated_opener_url);
NavigationEntry* entry;
if (page_id == -1)
entry = controller_.GetPendingEntry();
else
entry = controller_.GetEntryWithPageID(GetSiteInstance(), page_id);
- if (!entry || entry->GetURL() != source_url)
+ if (!entry || entry->GetURL() != validated_source_url)
return;
// Notify observers about the provisional change in the main frame URL.
FOR_EACH_OBSERVER(WebContentsObserver, observers_,
- ProvisionalChangeToMainFrameUrl(target_url,
- opener_url));
+ ProvisionalChangeToMainFrameUrl(validated_target_url,
+ validated_opener_url));
}
void TabContents::OnDidFailProvisionalLoadWithError(
@@ -1489,6 +1515,7 @@
GetRenderViewHostImpl()->FilterURL(
ChildProcessSecurityPolicyImpl::GetInstance(),
GetRenderProcessHost()->GetID(),
+ false,
&validated_url);
if (net::ERR_ABORTED == params.error_code) {
« no previous file with comments | « content/browser/renderer_host/render_view_host_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698