autoreload: don't reload non-http/https pages

Pages with other schemes are not necessarily reloadable, and reloading them could have security implications. BUG=471713 Review URL: https://codereview.chromium.org/1048773003 Cr-Commit-Position: refs/heads/master@{#323077}
author: ellyjones <ellyjones@chromium.org> 2015-03-31 11:41:31 -0700
committer: Commit bot <commit-bot@chromium.org> 2015-03-31 18:42:07 +0000
commit: dcf033f127fc26c6bd2be42582b5b9c22e3cc8de (patch)
tree: 24ee2c17a5ac2873c83e12c150ffbd27b4667a43 /components/error_page
parent: 2683fe7e0cdc04c01afb870817116b8d62a355ca (diff)
download: chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.zip
chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.tar.gz
chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.tar.bz2
2 files changed, 28 insertions, 6 deletions
diff --git a/components/error_page/renderer/net_error_helper_core.cc b/components/error_page/renderer/net_error_helper_core.cc
index bc11897..bbeffc7 100644
--- a/components/error_page/renderer/net_error_helper_core.cc
+++ b/components/error_page/renderer/net_error_helper_core.cc
@@ -429,6 +429,7 @@ NetErrorHelperCore::NavigationCorrectionParams::~NavigationCorrectionParams() {
 
 bool NetErrorHelperCore::IsReloadableError(
     const NetErrorHelperCore::ErrorPageInfo& info) {
+  GURL url = info.error.unreachableURL;
   return info.error.domain.utf8() == net::kErrorDomain &&
          info.error.reason != net::ERR_ABORTED &&
          // For now, net::ERR_UNKNOWN_URL_SCHEME is only being displayed on
@@ -441,7 +442,10 @@ bool NetErrorHelperCore::IsReloadableError(
          // handshake_failure alert.
          // https://crbug.com/431387
          info.error.reason != net::ERR_SSL_PROTOCOL_ERROR &&
-         !info.was_failed_post;
+         !info.was_failed_post &&
+         // Don't auto-reload non-http/https schemas.
+         // https://crbug.com/471713
+         url.SchemeIsHTTPOrHTTPS();
 }
 
 NetErrorHelperCore::NetErrorHelperCore(Delegate* delegate,
diff --git a/components/error_page/renderer/net_error_helper_core_unittest.cc b/components/error_page/renderer/net_error_helper_core_unittest.cc
index 829fef9..97897fb 100644
--- a/components/error_page/renderer/net_error_helper_core_unittest.cc
+++ b/components/error_page/renderer/net_error_helper_core_unittest.cc
@@ -126,20 +126,28 @@ WebURLError ProbeError(DnsProbeStatus status) {
   return error;
 }
 
-WebURLError NetError(net::Error net_error) {
+WebURLError NetErrorForURL(net::Error net_error, const GURL& url) {
   WebURLError error;
-  error.unreachableURL = GURL(kFailedUrl);
+  error.unreachableURL = url;
   error.domain = blink::WebString::fromUTF8(net::kErrorDomain);
   error.reason = net_error;
   return error;
 }
 
+WebURLError NetError(net::Error net_error) {
+  return NetErrorForURL(net_error, GURL(kFailedUrl));
+}
+
 // Convenience functions that create an error string for a non-POST request.
 
 std::string ProbeErrorString(DnsProbeStatus status) {
   return ErrorToString(ProbeError(status), false);
 }
 
+std::string NetErrorStringForURL(net::Error net_error, const GURL& url) {
+  return ErrorToString(NetErrorForURL(net_error, url), false);
+}
+
 std::string NetErrorString(net::Error net_error) {
   return ErrorToString(NetError(net_error), false);
 }
@@ -241,14 +249,14 @@ class NetErrorHelperCoreTest : public testing::Test,
     core()->OnNavigationCorrectionsFetched(result, "en", false);
   }
 
-  void DoErrorLoad(net::Error error) {
+  void DoErrorLoadOfURL(net::Error error, const GURL& url) {
     core()->OnStartLoad(NetErrorHelperCore::MAIN_FRAME,
                        NetErrorHelperCore::NON_ERROR_PAGE);
     std::string html;
     core()->GetErrorHTML(NetErrorHelperCore::MAIN_FRAME,
-                        NetError(error), false, &html);
+                        NetErrorForURL(error, url), false, &html);
     EXPECT_FALSE(html.empty());
-    EXPECT_EQ(NetErrorString(error), html);
+    EXPECT_EQ(NetErrorStringForURL(error, url), html);
 
     core()->OnStartLoad(NetErrorHelperCore::MAIN_FRAME,
                        NetErrorHelperCore::ERROR_PAGE);
@@ -257,6 +265,10 @@ class NetErrorHelperCoreTest : public testing::Test,
     core()->OnFinishLoad(NetErrorHelperCore::MAIN_FRAME);
   }
 
+  void DoErrorLoad(net::Error error) {
+    DoErrorLoadOfURL(error, GURL(kFailedUrl));
+  }
+
   void DoSuccessLoad() {
     core()->OnStartLoad(NetErrorHelperCore::MAIN_FRAME,
                        NetErrorHelperCore::NON_ERROR_PAGE);
@@ -2188,6 +2200,12 @@ TEST_F(NetErrorHelperCoreAutoReloadTest, DoesNotReload) {
 
   DoErrorLoad(net::ERR_BAD_SSL_CLIENT_AUTH_CERT);
   EXPECT_FALSE(timer()->IsRunning());
+
+  DoErrorLoadOfURL(net::ERR_ACCESS_DENIED, GURL("data://some-data-here"));
+  EXPECT_FALSE(timer()->IsRunning());
+
+  DoErrorLoadOfURL(net::ERR_ACCESS_DENIED, GURL("chrome-extension://foo"));
+  EXPECT_FALSE(timer()->IsRunning());
 }
 
 TEST_F(NetErrorHelperCoreAutoReloadTest, ShouldSuppressErrorPage) {
author	ellyjones <ellyjones@chromium.org>	2015-03-31 11:41:31 -0700
committer	Commit bot <commit-bot@chromium.org>	2015-03-31 18:42:07 +0000
commit	dcf033f127fc26c6bd2be42582b5b9c22e3cc8de (patch)
tree	24ee2c17a5ac2873c83e12c150ffbd27b4667a43 /components/error_page
parent	2683fe7e0cdc04c01afb870817116b8d62a355ca (diff)
download	chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.zip chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.tar.gz chromium_src-dcf033f127fc26c6bd2be42582b5b9c22e3cc8de.tar.bz2