diff options
| author | tsepez@chromium.org <tsepez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-07-17 09:43:40 +0000 |
|---|---|---|
| committer | tsepez@chromium.org <tsepez@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-07-17 09:43:40 +0000 |
| commit | 5d7495738335bbd2014c4eb3e8df998530f0e1db (patch) | |
| tree | bc35c528028ff0c82b700dc25d054ac5e56dd137 /content/browser/web_contents/web_contents_impl.h | |
| parent | 58e1a27d4716dab191ab0a23328686841801c6be (diff) | |
| download | chromium_src-5d7495738335bbd2014c4eb3e8df998530f0e1db.zip chromium_src-5d7495738335bbd2014c4eb3e8df998530f0e1db.tar.gz chromium_src-5d7495738335bbd2014c4eb3e8df998530f0e1db.tar.bz2 | |
Allow view-source of pages fully blocked by blinks XSS filter.
Unlike the other kinds of errors which are detected earlier in navigation
(SSL certs, etc), when the Blink reflected XSS filter encounters an
XSS and the page needs to be blocked (per the server's request), we
already are have a commited navigation, and are well past the point
where interstitials and the like would do us any good.
Consequently, blink just aborts the load, and schedules a navigation to
data:, with history replacement enabled, so that the offending entry
is lost (note https://codereview.chromium.org/301163006/ changes this
behaviour blink-side to add to the back-forward list).
This is less than ideal when a webmaster would like to do a view-source on
the offending page so as to diagnose the cause, so what I've done is to set
up a way to flag the offending entry when the reflection is detected.
I'd really like to just continue with navigating to data:, rather than
trying to deal with the UX issue -- there's nothing to be done, and
screaming about XSS isn't helpful to the user -- and we aren't going
to ever add a "revisit the page with protection disabled" option neither.
So, when a block is detected, we make an IPC call to flag the current entry
in the navigation controller. The navigation then continues to data:,.
When we encounter a view-source on the data:, page URL, we check if the
previous page was explicitly flagged prior to the block. If so, show its
source instead.
Review URL: https://codereview.chromium.org/304313003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@283728 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/browser/web_contents/web_contents_impl.h')
| -rw-r--r-- | content/browser/web_contents/web_contents_impl.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/content/browser/web_contents/web_contents_impl.h b/content/browser/web_contents/web_contents_impl.h index 30c4eee..b001642 100644 --- a/content/browser/web_contents/web_contents_impl.h +++ b/content/browser/web_contents/web_contents_impl.h @@ -711,6 +711,7 @@ class CONTENT_EXPORT WebContentsImpl void OnDidDisplayInsecureContent(); void OnDidRunInsecureContent(const std::string& security_origin, const GURL& target_url); + void OnDidDetectXSS(int32 page_id, const GURL& url, bool blocked_entire_page); void OnDocumentLoadedInFrame(); void OnDidFinishLoad(const GURL& url); void OnDidStartLoading(bool to_different_document); |