Chromium Code Reviews Chromium Code Reviews
Issue 9958107:
Limiting the "Cookies and site data" form to "web safe" schemes. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/browsing_data_appcache_helper.cc |
| diff --git a/chrome/browser/browsing_data_appcache_helper.cc b/chrome/browser/browsing_data_appcache_helper.cc |
| index 153fa40fcdddf61c3abb794cbf752f0f1dbf6cb3..1471af6bca4d50ce7de554d7cbdabd5b1e07f8f6 100644 |
| --- a/chrome/browser/browsing_data_appcache_helper.cc |
| +++ b/chrome/browser/browsing_data_appcache_helper.cc |
| @@ -9,6 +9,7 @@ |
| #include "chrome/browser/profiles/profile.h" |
| #include "chrome/common/url_constants.h" |
| #include "content/public/browser/browser_thread.h" |
| +#include "content/public/browser/child_process_security_policy.h" |
| #include "content/public/browser/resource_context.h" |
| #include "webkit/appcache/appcache_database.h" |
| #include "webkit/appcache/appcache_storage.h" |
| @@ -74,15 +75,17 @@ BrowsingDataAppCacheHelper::~BrowsingDataAppCacheHelper() {} |
| void BrowsingDataAppCacheHelper::OnFetchComplete(int rv) { |
| if (BrowserThread::CurrentlyOn(BrowserThread::IO)) { |
| - // Filter out appcache info entries for extensions. Extension state is not |
| - // considered browsing data. |
| + // Filter out appcache info entries for non-websafe schemes. Extension state |
| + // and DevTools, for example, are not considered browsing data. |
| typedef std::map<GURL, appcache::AppCacheInfoVector> InfoByOrigin; |
| InfoByOrigin& origin_map = info_collection_->infos_by_origin; |
| + content::ChildProcessSecurityPolicy* policy = |
| + content::ChildProcessSecurityPolicy::GetInstance(); |
| for (InfoByOrigin::iterator origin = origin_map.begin(); |
| origin != origin_map.end();) { |
| InfoByOrigin::iterator current = origin; |
| ++origin; |
| - if (current->first.SchemeIs(chrome::kExtensionScheme)) |
| + if (policy->IsWebSafeScheme(current->first.scheme())) |
|
jochen (gone - plz use gerrit)
2012/04/03 09:41:21
forgot ! ?
Mike West
2012/04/03 14:45:51
Gah.
|
| origin_map.erase(current); |
| } |
| @@ -118,6 +121,11 @@ CannedBrowsingDataAppCacheHelper* CannedBrowsingDataAppCacheHelper::Clone() { |
| } |
| void CannedBrowsingDataAppCacheHelper::AddAppCache(const GURL& manifest_url) { |
| + content::ChildProcessSecurityPolicy* policy = |
| + content::ChildProcessSecurityPolicy::GetInstance(); |
| + if (!policy->IsWebSafeScheme(manifest_url.scheme())) |
| + return; // Ignore non-websafe schemes. |
| + |
| typedef std::map<GURL, appcache::AppCacheInfoVector> InfoByOrigin; |
| InfoByOrigin& origin_map = info_collection_->infos_by_origin; |
| appcache::AppCacheInfoVector& appcache_infos_ = |
