diff options
| author | dewittj@chromium.org <dewittj@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-02-23 06:06:41 +0000 |
|---|---|---|
| committer | dewittj@chromium.org <dewittj@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-02-23 06:06:41 +0000 |
| commit | fd26947e848b8acbb37ecef8f473b1e886e1f8b5 (patch) | |
| tree | 7f72b32b42cb5e718daeac57c9256fd4ed5ce4af /chrome/common | |
| parent | 8d851e1d7269b4f70caabfda4cf68083d264dd60 (diff) | |
| download | chromium_src-fd26947e848b8acbb37ecef8f473b1e886e1f8b5.zip chromium_src-fd26947e848b8acbb37ecef8f473b1e886e1f8b5.tar.gz chromium_src-fd26947e848b8acbb37ecef8f473b1e886e1f8b5.tar.bz2 | |
Enforce CSP on images for chrome.experimental.notification.
This changes the behavior of the API by using a renderer
custom binding to enforce that all supplied URLs are
converted into data URLs. Additionally, it checks that the
URLs provided to the backend have the data:// scheme, so
new URLs added in future versions of the API will not load
unless they are also converted to data URLs.
miket:everything
ben: chrome_renderer.gypi
TBR=ben@chromium.org
BUG=173698
Review URL: https://chromiumcodereview.appspot.com/12320055
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184291 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/common')
| -rw-r--r-- | chrome/common/extensions/api/experimental_notification.idl | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/chrome/common/extensions/api/experimental_notification.idl b/chrome/common/extensions/api/experimental_notification.idl index a59c630..2c43dc0 100644 --- a/chrome/common/extensions/api/experimental_notification.idl +++ b/chrome/common/extensions/api/experimental_notification.idl @@ -35,7 +35,6 @@ TemplateType templateType; // Sender's avatar, app icon, or a thumbnail for image notifications. - // TODO(miket): see browserAction.setIcon() for a better approach. DOMString iconUrl; // Title of the notification (e.g. sender name for email). |