Don't treat CF in privileged mode as an iframe for framebusting

headers.

BUG=none
TEST=none

Review URL: http://codereview.chromium.org/402013

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@32183 0039d316-1c4b-4281-b951-d872f2087c98

2 files changed, 5 insertions, 2 deletions

diff --git a/chrome_frame/chrome_frame_activex_base.h b/chrome_frame/chrome_frame_activex_base.h
index 4a4fe95..202f4d6 100644
--- a/chrome_frame/chrome_frame_activex_base.h
+++ b/chrome_frame/chrome_frame_activex_base.h
@@ -305,8 +305,11 @@ END_MSG_MAP()
   // of this template should implement this method based on how
   // it "feels" from a security perspective. If it's hosted in another
   // scriptable document, return true, else false.
+  //
+  // The base implementation returns true unless we are in privileged
+  // mode, in which case we always trust our container so we return false.
   bool is_frame_busting_enabled() const {
-    return true;
+    return !is_privileged_;
   }
 
   // Needed to support PostTask.
diff --git a/chrome_frame/chrome_frame_npapi.cc b/chrome_frame/chrome_frame_npapi.cc
index 620db8d..509f083 100644
--- a/chrome_frame/chrome_frame_npapi.cc
+++ b/chrome_frame/chrome_frame_npapi.cc
@@ -669,7 +669,7 @@ void ChromeFrameNPAPI::OnRequestStart(int tab_handle, int request_id,
   if (new_request->Initialize(automation_client_.get(), tab_handle,
                               request_id, request.url, request.method,
                               request.referrer, request.extra_request_headers,
-                              request.upload_data.get(), true)) {
+                              request.upload_data.get(), !is_privileged_)) {
     if (new_request->Start()) {
       // Keep additional reference on request for NPSTREAM
       // This will be released in NPP_UrlNotify