diff options
| author | darin@chromium.org <darin@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-03-12 18:20:44 +0000 |
|---|---|---|
| committer | darin@chromium.org <darin@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-03-12 18:20:44 +0000 |
| commit | 8881eca8976455d9138278de9843acc2da395e3c (patch) | |
| tree | 00a02f77175a436e4a3a60c3bf541fedf145d172 | |
| parent | 73b7de7dd30de0858b2d6c334868c37259f85e02 (diff) | |
| download | chromium_src-8881eca8976455d9138278de9843acc2da395e3c.zip chromium_src-8881eca8976455d9138278de9843acc2da395e3c.tar.gz chromium_src-8881eca8976455d9138278de9843acc2da395e3c.tar.bz2 | |
Chrome-side changes to use registerURLSchemeNoAccess.
R=dglazkov
Review URL: http://codereview.chromium.org/42125
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@11555 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | DEPS | 2 | ||||
| -rw-r--r-- | chrome/renderer/render_thread.cc | 8 | ||||
| -rw-r--r-- | webkit/glue/chromium_bridge_impl.cc | 6 | ||||
| -rw-r--r-- | webkit/port/bindings/v8/v8_proxy.cpp | 18 | ||||
| -rw-r--r-- | webkit/tools/test_shell/test_shell_webkit_init.h | 2 |
5 files changed, 14 insertions, 22 deletions
@@ -19,7 +19,7 @@ deps = { "http://googletest.googlecode.com/svn/trunk@167", "src/third_party/WebKit": - "/trunk/deps/third_party/WebKit@11542", + "/trunk/deps/third_party/WebKit@11552", "src/third_party/icu38": "/trunk/deps/third_party/icu38@11496", diff --git a/chrome/renderer/render_thread.cc b/chrome/renderer/render_thread.cc index 4c0bb12..1c04cc1 100644 --- a/chrome/renderer/render_thread.cc +++ b/chrome/renderer/render_thread.cc @@ -252,7 +252,13 @@ void RenderThread::EnsureWebKitInitialized() { webkit_client_.reset(new RendererWebKitClientImpl); WebKit::initialize(webkit_client_.get()); - WebKit::registerURLSchemeAsLocal(ASCIIToUTF16(chrome::kChromeUIScheme)); + + // chrome-ui pages should not be accessible by normal content, and should + // also be unable to script anything but themselves (to help limit the damage + // that a corrupt chrome-ui page could cause). + WebKit::WebString chrome_ui_scheme(ASCIIToUTF16(chrome::kChromeUIScheme)); + WebKit::registerURLSchemeAsLocal(chrome_ui_scheme); + WebKit::registerURLSchemeAsNoAccess(chrome_ui_scheme); WebKit::registerExtension(extensions_v8::GearsExtension::Get()); WebKit::registerExtension(extensions_v8::IntervalExtension::Get()); diff --git a/webkit/glue/chromium_bridge_impl.cc b/webkit/glue/chromium_bridge_impl.cc index 05d7472..db8c3d8 100644 --- a/webkit/glue/chromium_bridge_impl.cc +++ b/webkit/glue/chromium_bridge_impl.cc @@ -194,12 +194,6 @@ IntRect ChromiumBridge::screenAvailableRect(Widget* widget) { webkit_glue::GetScreenInfo(ToNativeId(widget)).available_rect); } -// URL ------------------------------------------------------------------------ - -KURL ChromiumBridge::inspectorURL() { - return webkit_glue::GURLToKURL(webkit_glue::GetInspectorURL()); -} - // Widget --------------------------------------------------------------------- void ChromiumBridge::widgetSetCursor(Widget* widget, const Cursor& cursor) { diff --git a/webkit/port/bindings/v8/v8_proxy.cpp b/webkit/port/bindings/v8/v8_proxy.cpp index 163f1c5..d3be5b09 100644 --- a/webkit/port/bindings/v8/v8_proxy.cpp +++ b/webkit/port/bindings/v8/v8_proxy.cpp @@ -1996,6 +1996,10 @@ bool V8Proxy::isEnabled() if (origin->protocol() == "http" || origin->protocol() == "https") return false; // Web site + // TODO(darin): the following are application decisions, and they should + // not be made at this layer. instead, we should bridge out to the + // embedder to allow them to override policy here. + if (origin->protocol() == ChromiumBridge::uiResourceProtocol()) return true; // Embedder's scripts are ok to run @@ -2208,20 +2212,6 @@ bool V8Proxy::CanAccessPrivate(DOMWindow* target_window) if (!target_security_origin) return false; - String ui_resource_protocol = ChromiumBridge::uiResourceProtocol(); - if (active_security_origin->protocol() == ui_resource_protocol) { - KURL inspector_url = ChromiumBridge::inspectorURL(); - ASSERT(inspector_url.protocol() == ui_resource_protocol); - - // The Inspector can access anything. - if (active_security_origin->host() == inspector_url.host()) - return true; - - // To mitigate XSS vulnerabilities on the browser itself, UI resources - // besides the Inspector can't access other documents. - return false; - } - if (active_security_origin->canAccess(target_security_origin)) return true; diff --git a/webkit/tools/test_shell/test_shell_webkit_init.h b/webkit/tools/test_shell/test_shell_webkit_init.h index d6cead8..5490f8d 100644 --- a/webkit/tools/test_shell/test_shell_webkit_init.h +++ b/webkit/tools/test_shell/test_shell_webkit_init.h @@ -28,6 +28,8 @@ class TestShellWebKitInit : public webkit_glue::WebKitClientImpl { WebKit::setLayoutTestMode(layout_test_mode); WebKit::registerURLSchemeAsLocal( ASCIIToUTF16(webkit_glue::GetUIResourceProtocol())); + WebKit::registerURLSchemeAsNoAccess( + ASCIIToUTF16(webkit_glue::GetUIResourceProtocol())); WebKit::registerExtension(extensions_v8::GearsExtension::Get()); WebKit::registerExtension(extensions_v8::IntervalExtension::Get()); } |