diff options
| author | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-13 23:42:28 +0000 |
|---|---|---|
| committer | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-01-13 23:42:28 +0000 |
| commit | c8310d8c58b1b51d6565abd3792622237283c564 (patch) | |
| tree | b837a6f4449c70b22d3a38d5fcea365507bf546e /chrome/renderer | |
| parent | 2e610e9cd18750dc905a4f4feea8f5478256a28d (diff) | |
| download | chromium_src-c8310d8c58b1b51d6565abd3792622237283c564.zip chromium_src-c8310d8c58b1b51d6565abd3792622237283c564.tar.gz chromium_src-c8310d8c58b1b51d6565abd3792622237283c564.tar.bz2 | |
Changing the security model for "chrome" URLs
This patch changes the security model for "chrome" URLs to make implementing
some features in DOMUI easier. Instead of registering "chrome" as a NoAccess
and a Local scheme, we register it as a DisplayIsolated scheme. That should
have the effects outlined in this email:
http://groups.google.com/a/chromium.org/group/chromium-dev/browse_thread/thread/863700bf99b3f3ed
See also https://bugs.webkit.org/show_bug.cgi?id=50182 which introduces the
necessary API into WebKit.
BUG=69140
Review URL: http://codereview.chromium.org/5268006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71382 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/renderer')
| -rw-r--r-- | chrome/renderer/render_thread.cc | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/chrome/renderer/render_thread.cc b/chrome/renderer/render_thread.cc index 2935304..67c3f7d 100644 --- a/chrome/renderer/render_thread.cc +++ b/chrome/renderer/render_thread.cc @@ -870,12 +870,18 @@ void RenderThread::EnsureWebKitInitialized() { WebScriptController::enableV8SingleThreadMode(); + const CommandLine& command_line = *CommandLine::ForCurrentProcess(); + // chrome: pages should not be accessible by normal content, and should // also be unable to script anything but themselves (to help limit the damage // that a corrupt chrome: page could cause). WebString chrome_ui_scheme(ASCIIToUTF16(chrome::kChromeUIScheme)); - WebSecurityPolicy::registerURLSchemeAsLocal(chrome_ui_scheme); - WebSecurityPolicy::registerURLSchemeAsNoAccess(chrome_ui_scheme); + if (command_line.HasSwitch(switches::kNewChromeUISecurityModel)) { + WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_ui_scheme); + } else { + WebSecurityPolicy::registerURLSchemeAsLocal(chrome_ui_scheme); + WebSecurityPolicy::registerURLSchemeAsNoAccess(chrome_ui_scheme); + } // chrome-extension: resources shouldn't trigger insecure content warnings. WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme)); @@ -894,8 +900,6 @@ void RenderThread::EnsureWebKitInitialized() { if (search_extension) RegisterExtension(search_extension, false); - const CommandLine& command_line = *CommandLine::ForCurrentProcess(); - if (command_line.HasSwitch(switches::kEnableBenchmarking)) RegisterExtension(extensions_v8::BenchmarkingExtension::Get(), false); |