Avoid excessive nesting / recursion in browser URL handling.

BUG=31517 TEST=ChildProcessSecurityPolicyTest Review URL: http://codereview.chromium.org/525038 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@35585 0039d316-1c4b-4281-b951-d872f2087c98
author: cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-01-06 00:19:36 +0000
committer: cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-01-06 00:19:36 +0000
commit: 690d0a9175790c4bd3abd066932bc08203c164ca (patch)
tree: 087e5938da633cdcfa7d110023b21a5b37a21072 /chrome
parent: d8debc51c55deb2df4fb08d28e98d6b4cb862e5d (diff)
download: chromium_src-690d0a9175790c4bd3abd066932bc08203c164ca.zip
chromium_src-690d0a9175790c4bd3abd066932bc08203c164ca.tar.gz
chromium_src-690d0a9175790c4bd3abd066932bc08203c164ca.tar.bz2
2 files changed, 16 insertions, 2 deletions
diff --git a/chrome/browser/child_process_security_policy.cc b/chrome/browser/child_process_security_policy.cc
index 635e0cf..7f28d31 100644
--- a/chrome/browser/child_process_security_policy.cc
+++ b/chrome/browser/child_process_security_policy.cc
@@ -302,8 +302,14 @@ bool ChildProcessSecurityPolicy::CanRequestURL(
     if (url.SchemeIs(chrome::kViewSourceScheme) ||
         url.SchemeIs(chrome::kPrintScheme)) {
       // View-source and print URL's are allowed if the renderer is permitted
-      // to request the embedded URL.
-      return CanRequestURL(renderer_id, GURL(url.path()));
+      // to request the embedded URL. Careful to avoid pointless recursion.
+      GURL child_url(url.path());
+      if (child_url.SchemeIs(chrome::kPrintScheme) ||
+          (child_url.SchemeIs(chrome::kViewSourceScheme) &&
+           url.SchemeIs(chrome::kViewSourceScheme)))
+          return false;
+
+      return CanRequestURL(renderer_id, child_url);
     }
 
     if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL))
diff --git a/chrome/browser/child_process_security_policy_unittest.cc b/chrome/browser/child_process_security_policy_unittest.cc
index 6dbb5d1..ae8645b 100644
--- a/chrome/browser/child_process_security_policy_unittest.cc
+++ b/chrome/browser/child_process_security_policy_unittest.cc
@@ -173,6 +173,14 @@ TEST_F(ChildProcessSecurityPolicyTest, ViewSource) {
   EXPECT_FALSE(p->CanRequestURL(kRendererID,
                                 GURL("view-source:file:///etc/passwd")));
   EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("file:///etc/passwd")));
+  EXPECT_FALSE(p->CanRequestURL(
+      kRendererID, GURL("view-source:view-source:http://www.google.com/")));
+  EXPECT_FALSE(p->CanRequestURL(
+      kRendererID, GURL("view-source:print:http://www.google.com/")));
+  EXPECT_TRUE(p->CanRequestURL(
+      kRendererID, GURL("print:view-source:http://www.google.com/")));
+  EXPECT_FALSE(p->CanRequestURL(kRendererID,
+                                GURL("print:print:http://www.google.com/")));
 
   p->GrantRequestURL(kRendererID, GURL("view-source:file:///etc/passwd"));
   // View source needs to be able to request the embedded scheme.
author	cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-01-06 00:19:36 +0000
committer	cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-01-06 00:19:36 +0000
commit	690d0a9175790c4bd3abd066932bc08203c164ca (patch)
tree	087e5938da633cdcfa7d110023b21a5b37a21072 /chrome
parent	d8debc51c55deb2df4fb08d28e98d6b4cb862e5d (diff)
download	chromium_src-690d0a9175790c4bd3abd066932bc08203c164ca.zip chromium_src-690d0a9175790c4bd3abd066932bc08203c164ca.tar.gz chromium_src-690d0a9175790c4bd3abd066932bc08203c164ca.tar.bz2