diff options
author | ellyjones <ellyjones@chromium.org> | 2015-03-31 11:41:31 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-03-31 18:42:07 +0000 |
commit | dcf033f127fc26c6bd2be42582b5b9c22e3cc8de (patch) | |
tree | 24ee2c17a5ac2873c83e12c150ffbd27b4667a43 /components/error_page | |
parent | 2683fe7e0cdc04c01afb870817116b8d62a355ca (diff) | |
download | chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.zip chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.tar.gz chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.tar.bz2 |
autoreload: don't reload non-http/https pages
Pages with other schemes are not necessarily reloadable, and reloading
them could have security implications.
BUG=471713
Review URL: https://codereview.chromium.org/1048773003
Cr-Commit-Position: refs/heads/master@{#323077}
Diffstat (limited to 'components/error_page')
-rw-r--r-- | components/error_page/renderer/net_error_helper_core.cc | 6 | ||||
-rw-r--r-- | components/error_page/renderer/net_error_helper_core_unittest.cc | 28 |
2 files changed, 28 insertions, 6 deletions
diff --git a/components/error_page/renderer/net_error_helper_core.cc b/components/error_page/renderer/net_error_helper_core.cc index bc11897..bbeffc7 100644 --- a/components/error_page/renderer/net_error_helper_core.cc +++ b/components/error_page/renderer/net_error_helper_core.cc @@ -429,6 +429,7 @@ NetErrorHelperCore::NavigationCorrectionParams::~NavigationCorrectionParams() { bool NetErrorHelperCore::IsReloadableError( const NetErrorHelperCore::ErrorPageInfo& info) { + GURL url = info.error.unreachableURL; return info.error.domain.utf8() == net::kErrorDomain && info.error.reason != net::ERR_ABORTED && // For now, net::ERR_UNKNOWN_URL_SCHEME is only being displayed on @@ -441,7 +442,10 @@ bool NetErrorHelperCore::IsReloadableError( // handshake_failure alert. // https://crbug.com/431387 info.error.reason != net::ERR_SSL_PROTOCOL_ERROR && - !info.was_failed_post; + !info.was_failed_post && + // Don't auto-reload non-http/https schemas. + // https://crbug.com/471713 + url.SchemeIsHTTPOrHTTPS(); } NetErrorHelperCore::NetErrorHelperCore(Delegate* delegate, diff --git a/components/error_page/renderer/net_error_helper_core_unittest.cc b/components/error_page/renderer/net_error_helper_core_unittest.cc index 829fef9..97897fb 100644 --- a/components/error_page/renderer/net_error_helper_core_unittest.cc +++ b/components/error_page/renderer/net_error_helper_core_unittest.cc @@ -126,20 +126,28 @@ WebURLError ProbeError(DnsProbeStatus status) { return error; } -WebURLError NetError(net::Error net_error) { +WebURLError NetErrorForURL(net::Error net_error, const GURL& url) { WebURLError error; - error.unreachableURL = GURL(kFailedUrl); + error.unreachableURL = url; error.domain = blink::WebString::fromUTF8(net::kErrorDomain); error.reason = net_error; return error; } +WebURLError NetError(net::Error net_error) { + return NetErrorForURL(net_error, GURL(kFailedUrl)); +} + // Convenience functions that create an error string for a non-POST request. std::string ProbeErrorString(DnsProbeStatus status) { return ErrorToString(ProbeError(status), false); } +std::string NetErrorStringForURL(net::Error net_error, const GURL& url) { + return ErrorToString(NetErrorForURL(net_error, url), false); +} + std::string NetErrorString(net::Error net_error) { return ErrorToString(NetError(net_error), false); } @@ -241,14 +249,14 @@ class NetErrorHelperCoreTest : public testing::Test, core()->OnNavigationCorrectionsFetched(result, "en", false); } - void DoErrorLoad(net::Error error) { + void DoErrorLoadOfURL(net::Error error, const GURL& url) { core()->OnStartLoad(NetErrorHelperCore::MAIN_FRAME, NetErrorHelperCore::NON_ERROR_PAGE); std::string html; core()->GetErrorHTML(NetErrorHelperCore::MAIN_FRAME, - NetError(error), false, &html); + NetErrorForURL(error, url), false, &html); EXPECT_FALSE(html.empty()); - EXPECT_EQ(NetErrorString(error), html); + EXPECT_EQ(NetErrorStringForURL(error, url), html); core()->OnStartLoad(NetErrorHelperCore::MAIN_FRAME, NetErrorHelperCore::ERROR_PAGE); @@ -257,6 +265,10 @@ class NetErrorHelperCoreTest : public testing::Test, core()->OnFinishLoad(NetErrorHelperCore::MAIN_FRAME); } + void DoErrorLoad(net::Error error) { + DoErrorLoadOfURL(error, GURL(kFailedUrl)); + } + void DoSuccessLoad() { core()->OnStartLoad(NetErrorHelperCore::MAIN_FRAME, NetErrorHelperCore::NON_ERROR_PAGE); @@ -2188,6 +2200,12 @@ TEST_F(NetErrorHelperCoreAutoReloadTest, DoesNotReload) { DoErrorLoad(net::ERR_BAD_SSL_CLIENT_AUTH_CERT); EXPECT_FALSE(timer()->IsRunning()); + + DoErrorLoadOfURL(net::ERR_ACCESS_DENIED, GURL("data://some-data-here")); + EXPECT_FALSE(timer()->IsRunning()); + + DoErrorLoadOfURL(net::ERR_ACCESS_DENIED, GURL("chrome-extension://foo")); + EXPECT_FALSE(timer()->IsRunning()); } TEST_F(NetErrorHelperCoreAutoReloadTest, ShouldSuppressErrorPage) { |