summaryrefslogtreecommitdiffstats
path: root/chrome_frame/chrome_frame_activex_base.h
diff options
context:
space:
mode:
authorjoi@chromium.org <joi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-11-17 18:15:40 +0000
committerjoi@chromium.org <joi@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-11-17 18:15:40 +0000
commit2ce57c782597859abf4ae85dfe0164610df49e7a (patch)
treed16df426877bbc024ff0f9813aeec29569440084 /chrome_frame/chrome_frame_activex_base.h
parentfd28608aceedf16528eb0666dd15a9b3644fed5b (diff)
downloadchromium_src-2ce57c782597859abf4ae85dfe0164610df49e7a.zip
chromium_src-2ce57c782597859abf4ae85dfe0164610df49e7a.tar.gz
chromium_src-2ce57c782597859abf4ae85dfe0164610df49e7a.tar.bz2
Don't treat CF in privileged mode as an iframe for framebusting
headers. BUG=none TEST=none Review URL: http://codereview.chromium.org/402013 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@32183 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome_frame/chrome_frame_activex_base.h')
-rw-r--r--chrome_frame/chrome_frame_activex_base.h5
1 files changed, 4 insertions, 1 deletions
diff --git a/chrome_frame/chrome_frame_activex_base.h b/chrome_frame/chrome_frame_activex_base.h
index 4a4fe95..202f4d6 100644
--- a/chrome_frame/chrome_frame_activex_base.h
+++ b/chrome_frame/chrome_frame_activex_base.h
@@ -305,8 +305,11 @@ END_MSG_MAP()
// of this template should implement this method based on how
// it "feels" from a security perspective. If it's hosted in another
// scriptable document, return true, else false.
+ //
+ // The base implementation returns true unless we are in privileged
+ // mode, in which case we always trust our container so we return false.
bool is_frame_busting_enabled() const {
- return true;
+ return !is_privileged_;
}
// Needed to support PostTask.
generated by cgit v1.1 at 2025-02-11 06:21:30 +0000