diff options
| author | caseq@google.com <caseq@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-01 13:52:45 +0000 |
|---|---|---|
| committer | caseq@google.com <caseq@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-01 13:52:45 +0000 |
| commit | 0d7ae864f7b1a9a47d5dc02168a00b5196c7f834 (patch) | |
| tree | 68a8ee998a851cc37c504c8b7b00473d06e44270 /chrome/renderer | |
| parent | 3606592f61a1569aa211aa968ecc75952f11e9a2 (diff) | |
| download | chromium_src-0d7ae864f7b1a9a47d5dc02168a00b5196c7f834.zip chromium_src-0d7ae864f7b1a9a47d5dc02168a00b5196c7f834.tar.gz chromium_src-0d7ae864f7b1a9a47d5dc02168a00b5196c7f834.tar.bz2 | |
Do not expose DOM UI bindings to subframes other than chrome://
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/3330016
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61174 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/renderer')
| -rw-r--r-- | chrome/renderer/render_view.cc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/chrome/renderer/render_view.cc b/chrome/renderer/render_view.cc index 3c0c57a..5c00e11 100644 --- a/chrome/renderer/render_view.cc +++ b/chrome/renderer/render_view.cc @@ -3079,7 +3079,9 @@ void RenderView::didCommitProvisionalLoad(WebFrame* frame, void RenderView::didClearWindowObject(WebFrame* frame) { if (BindingsPolicy::is_dom_automation_enabled(enabled_bindings_)) BindDOMAutomationController(frame); - if (BindingsPolicy::is_dom_ui_enabled(enabled_bindings_)) { + GURL frame_url = frame->url(); + if (BindingsPolicy::is_dom_ui_enabled(enabled_bindings_) && + frame_url.SchemeIs(chrome::kChromeUIScheme)) { GetDOMUIBindings()->set_message_sender(this); GetDOMUIBindings()->set_routing_id(routing_id_); GetDOMUIBindings()->BindToJavascript(frame, L"chrome"); |