diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-25 22:53:57 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-25 22:53:57 +0000 |
| commit | 66afffffdb89d289067682d07f57d0ec9f698baa (patch) | |
| tree | bc6f485c683464e0b431acfb90bc7e3f0f3f332e /chrome_frame | |
| parent | 5f4f260ee691579c5fa91705ef2d58019eda80af (diff) | |
| download | chromium_src-66afffffdb89d289067682d07f57d0ec9f698baa.zip chromium_src-66afffffdb89d289067682d07f57d0ec9f698baa.tar.gz chromium_src-66afffffdb89d289067682d07f57d0ec9f698baa.tar.bz2 | |
Validate URLs being navigated to by ChromeFrame in the ChromeFrameAutomationClient::InitiateNavigation
method as this is a central chokepoint.
Should fix http://b/issue?id=1934996
Bug=1934996
Review URL: http://codereview.chromium.org/235017
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@27273 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome_frame')
| -rw-r--r-- | chrome_frame/chrome_frame_automation.cc | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/chrome_frame/chrome_frame_automation.cc b/chrome_frame/chrome_frame_automation.cc index 9da5e43..79c0c38 100644 --- a/chrome_frame/chrome_frame_automation.cc +++ b/chrome_frame/chrome_frame_automation.cc @@ -412,8 +412,11 @@ bool ChromeFrameAutomationClient::Initialize( #ifndef NDEBUG // In debug mode give more time to work with a debugger. - if (automation_server_launch_timeout != INFINITE) + if (IsDebuggerPresent()) { + automation_server_launch_timeout = INFINITE; + } else { automation_server_launch_timeout *= 2; + } #endif // NDEBUG // Create a window on the UI thread for marshaling messages back and forth @@ -481,7 +484,7 @@ bool ChromeFrameAutomationClient::InitiateNavigation(const std::string& url) { url_ = GURL(url); // Catch invalid URLs early. - if (!url_.is_valid()) { + if (!url_.is_valid() || !IsValidUrlScheme(UTF8ToWide(url))) { DLOG(ERROR) << "Invalid URL passed to InitiateNavigation: " << url; return false; } @@ -600,7 +603,7 @@ void ChromeFrameAutomationClient::CreateExternalTab() { "ChromeFrame.HostNetworking", !use_chrome_network_, 0, 1, 2); UMA_HISTOGRAM_CUSTOM_COUNTS( - "ChromeFrame.HandleTopLevelRequests", handle_top_level_requests_, 0, 1, + "ChromeFrame.HandleTopLevelRequests", handle_top_level_requests_, 0, 1, 2); IPC::SyncMessage* message = @@ -779,7 +782,7 @@ void ChromeFrameAutomationClient::SetParentWindow(HWND parent_window) { void ChromeFrameAutomationClient::ReleaseAutomationServer() { DLOG(INFO) << __FUNCTION__; if (automation_server_id_) { - // Cache the server id and clear the automation_server_id_ before + // Cache the server id and clear the automation_server_id_ before // calling ReleaseAutomationServer. The reason we do this is that // we must cancel pending messages before we release the automation server. // Furthermore, while ReleaseAutomationServer is running, we could get |