diff options
| author | amit@chromium.org <amit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-03 18:32:04 +0000 |
|---|---|---|
| committer | amit@chromium.org <amit@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-03 18:32:04 +0000 |
| commit | 62ce09738b9963a76c4552f338034bfed6aac7a7 (patch) | |
| tree | 2d441ed3b1683df6cf2cdda54c5d1d8063e863f9 /chrome_frame | |
| parent | 6dd22cb5bc86ecf5e388312e05a365dc276ded12 (diff) | |
| download | chromium_src-62ce09738b9963a76c4552f338034bfed6aac7a7.zip chromium_src-62ce09738b9963a76c4552f338034bfed6aac7a7.tar.gz chromium_src-62ce09738b9963a76c4552f338034bfed6aac7a7.tar.bz2 | |
Fix regression that allowd gcf: urls used with http and https
BUG=54345
TEST=gcf:http://www.google.com should not work by default
and should work only if 'AllowUnsafeURLs' is set to a
non-zero value in registry.
Review URL: http://codereview.chromium.org/3365008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@58511 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome_frame')
| -rw-r--r-- | chrome_frame/chrome_active_document.cc | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/chrome_frame/chrome_active_document.cc b/chrome_frame/chrome_active_document.cc index 35f72f3e..b083982 100644 --- a/chrome_frame/chrome_active_document.cc +++ b/chrome_frame/chrome_active_document.cc @@ -276,6 +276,16 @@ STDMETHODIMP ChromeActiveDocument::Load(BOOL fully_avalable, referrer = prot_data->referrer(); } + // For gcf: URLs allow only about and view-source schemes to pass through for + // further inspection. + bool is_safe_scheme = cf_url.gurl().SchemeIs(chrome::kAboutScheme) || + cf_url.gurl().SchemeIs(chrome::kViewSourceScheme); + if (cf_url.is_chrome_protocol() && !is_safe_scheme && + !GetConfigBool(false, kAllowUnsafeURLs)) { + DLOG(ERROR) << __FUNCTION__ << " gcf: not allowed:" << url; + return E_INVALIDARG; + } + if (!LaunchUrl(cf_url, referrer)) { DLOG(ERROR) << __FUNCTION__ << " Failed to launch url:" << url; return E_INVALIDARG; |