diff options
| author | benm@chromium.org <benm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-14 00:25:02 +0000 |
|---|---|---|
| committer | benm@chromium.org <benm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-14 00:25:02 +0000 |
| commit | 7f28af6cd3cbfdbbc5b39b1911e9eef565786d29 (patch) | |
| tree | ecc3f8646f4e7d8914f98d64bc6e441abeb6904c /android_webview/renderer | |
| parent | 9b3efbc2b7775fd3719bea72d13b6c03f8c4cb9f (diff) | |
| download | chromium_src-7f28af6cd3cbfdbbc5b39b1911e9eef565786d29.zip chromium_src-7f28af6cd3cbfdbbc5b39b1911e9eef565786d29.tar.gz chromium_src-7f28af6cd3cbfdbbc5b39b1911e9eef565786d29.tar.bz2 | |
[Android WebView] Implement WebPermissionClient methods.
Add an implementation of allowDisplayingInsecureContent and
allowRunningInsecureContent that allows secure content to load
content using a custom scheme.
BUG=b/9420953
Review URL: https://chromiumcodereview.appspot.com/16940009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@206244 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'android_webview/renderer')
| -rw-r--r-- | android_webview/renderer/aw_render_view_ext.cc | 25 | ||||
| -rw-r--r-- | android_webview/renderer/aw_render_view_ext.h | 10 |
2 files changed, 35 insertions, 0 deletions
diff --git a/android_webview/renderer/aw_render_view_ext.cc b/android_webview/renderer/aw_render_view_ext.cc index 5fde596..36bf766 100644 --- a/android_webview/renderer/aw_render_view_ext.cc +++ b/android_webview/renderer/aw_render_view_ext.cc @@ -32,6 +32,15 @@ namespace android_webview { namespace { +bool AllowMixedContent(const WebKit::WebURL& url) { + // We treat non-standard schemes as "secure" in the WebView to allow them to + // be used for request interception. + // TODO(benm): Tighten this restriction by requiring embedders to register + // their custom schemes? See b/9420953. + GURL gurl(url); + return !gurl.IsStandard(); +} + GURL GetAbsoluteUrl(const WebKit::WebNode& node, const string16& url_fragment) { return GURL(node.document().completeURL(url_fragment)); } @@ -180,6 +189,22 @@ bool AwRenderViewExt::allowImage(WebKit::WebFrame* frame, url.SchemeIs(chrome::kFtpScheme)); } +bool AwRenderViewExt::allowDisplayingInsecureContent( + WebKit::WebFrame* frame, + bool enabled_per_settings, + const WebKit::WebSecurityOrigin& origin, + const WebKit::WebURL& url) { + return enabled_per_settings ? true : AllowMixedContent(url); +} + +bool AwRenderViewExt::allowRunningInsecureContent( + WebKit::WebFrame* frame, + bool enabled_per_settings, + const WebKit::WebSecurityOrigin& origin, + const WebKit::WebURL& url) { + return enabled_per_settings ? true : AllowMixedContent(url); +} + void AwRenderViewExt::DidCommitProvisionalLoad(WebKit::WebFrame* frame, bool is_new_navigation) { content::DocumentState* document_state = diff --git a/android_webview/renderer/aw_render_view_ext.h b/android_webview/renderer/aw_render_view_ext.h index 1379913..8a9b68e 100644 --- a/android_webview/renderer/aw_render_view_ext.h +++ b/android_webview/renderer/aw_render_view_ext.h @@ -54,6 +54,16 @@ class AwRenderViewExt : public content::RenderViewObserver, virtual bool allowImage(WebKit::WebFrame* frame, bool enabledPerSettings, const WebKit::WebURL& imageURL) OVERRIDE; + virtual bool allowDisplayingInsecureContent( + WebKit::WebFrame* frame, + bool enabled_per_settings, + const WebKit::WebSecurityOrigin& origin, + const WebKit::WebURL& url) OVERRIDE; + virtual bool allowRunningInsecureContent( + WebKit::WebFrame* frame, + bool enabled_per_settings, + const WebKit::WebSecurityOrigin& origin, + const WebKit::WebURL& url) OVERRIDE; bool capture_picture_enabled_; |