diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-12-14 04:34:43 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-12-14 04:34:43 +0000 |
| commit | 354bcbaf8603cb5800737f86a84ee465166b2b4e (patch) | |
| tree | 863753d52b8f9dfb54e676bbf3d1b38a968df061 /chrome_frame/utils.cc | |
| parent | 0e097f90d5bba038b5826ebac2870aadde28d2ca (diff) | |
| download | chromium_src-354bcbaf8603cb5800737f86a84ee465166b2b4e.zip chromium_src-354bcbaf8603cb5800737f86a84ee465166b2b4e.tar.gz chromium_src-354bcbaf8603cb5800737f86a84ee465166b2b4e.tar.bz2 | |
Add support for gcf:about:plugins in chrome frame full tab mode. The URL validation code path
in ChromeFrame now takes in an interface NavigationConstraints which allows the delegateslike
the ActiveX, ActiveDocument and the NPAPI plugins to control the navigation decisions.
We no longer refer to the InternetSecurityManager interface which is IE only for performing
zone decisions in the ChromeFrame NPAPI plugin.
Fixes bug http://code.google.com/p/chromium/issues/detail?id=66118
BUG=66118
TEST=Covered by additional CanNavigate unit tests.
Review URL: http://codereview.chromium.org/5698005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@69101 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome_frame/utils.cc')
| -rw-r--r-- | chrome_frame/utils.cc | 39 |
1 files changed, 14 insertions, 25 deletions
diff --git a/chrome_frame/utils.cc b/chrome_frame/utils.cc index f1495e8..c74a840 100644 --- a/chrome_frame/utils.cc +++ b/chrome_frame/utils.cc @@ -31,6 +31,7 @@ #include "chrome/installer/util/chrome_frame_distribution.h" #include "chrome_frame/extra_system_apis.h" #include "chrome_frame/html_utils.h" +#include "chrome_frame/navigation_constraints.h" #include "chrome_frame/policy_settings.h" #include "chrome_frame/simple_resource_loader.h" #include "googleurl/src/gurl.h" @@ -1423,44 +1424,32 @@ void ChromeFrameUrl::Reset() { profile_name_.clear(); } -bool CanNavigate(const GURL& url, IInternetSecurityManager* security_manager, - bool is_privileged) { +bool CanNavigate(const GURL& url, + NavigationConstraints* navigation_constraints) { if (!url.is_valid()) { DLOG(ERROR) << "Invalid URL passed to InitiateNavigation: " << url; return false; } + if (!navigation_constraints) { + NOTREACHED() << "Invalid NavigationConstraints passed in"; + return false; + } + // No sanity checks if unsafe URLs are allowed - if (GetConfigBool(false, kAllowUnsafeURLs)) + if (navigation_constraints->AllowUnsafeUrls()) return true; - if (!IsValidUrlScheme(url, is_privileged)) { + if (!navigation_constraints->IsSchemeAllowed(url)) { DLOG(WARNING) << __FUNCTION__ << " Disallowing navigation to url: " << url; return false; } - // Allow only about:blank or about:version - if (url.SchemeIs(chrome::kAboutScheme)) { - if (!LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL) && - !LowerCaseEqualsASCII(url.spec(), chrome::kAboutVersionURL)) { - DLOG(WARNING) << __FUNCTION__ - << " Disallowing navigation to about url: " << url; - return false; - } - } - - // Prevent navigations to URLs in untrusted zone, even in Firefox. - if (security_manager) { - DWORD zone = URLZONE_INVALID; - std::wstring unicode_url = UTF8ToWide(url.spec()); - security_manager->MapUrlToZone(unicode_url.c_str(), &zone, 0); - if (zone == URLZONE_UNTRUSTED) { - DLOG(WARNING) << __FUNCTION__ - << " Disallowing navigation to restricted url: " << url; - return false; - } + if (!navigation_constraints->IsZoneAllowed(url)) { + DLOG(WARNING) << __FUNCTION__ + << " Disallowing navigation to restricted url: " << url; + return false; } - return true; } |