summaryrefslogtreecommitdiffstats
path: root/chrome/renderer/render_thread.cc
diff options
context:
space:
mode:
Diffstat (limited to 'chrome/renderer/render_thread.cc')
-rw-r--r--chrome/renderer/render_thread.cc12
1 files changed, 8 insertions, 4 deletions
diff --git a/chrome/renderer/render_thread.cc b/chrome/renderer/render_thread.cc
index 2935304..67c3f7d 100644
--- a/chrome/renderer/render_thread.cc
+++ b/chrome/renderer/render_thread.cc
@@ -870,12 +870,18 @@ void RenderThread::EnsureWebKitInitialized() {
WebScriptController::enableV8SingleThreadMode();
+ const CommandLine& command_line = *CommandLine::ForCurrentProcess();
+
// chrome: pages should not be accessible by normal content, and should
// also be unable to script anything but themselves (to help limit the damage
// that a corrupt chrome: page could cause).
WebString chrome_ui_scheme(ASCIIToUTF16(chrome::kChromeUIScheme));
- WebSecurityPolicy::registerURLSchemeAsLocal(chrome_ui_scheme);
- WebSecurityPolicy::registerURLSchemeAsNoAccess(chrome_ui_scheme);
+ if (command_line.HasSwitch(switches::kNewChromeUISecurityModel)) {
+ WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_ui_scheme);
+ } else {
+ WebSecurityPolicy::registerURLSchemeAsLocal(chrome_ui_scheme);
+ WebSecurityPolicy::registerURLSchemeAsNoAccess(chrome_ui_scheme);
+ }
// chrome-extension: resources shouldn't trigger insecure content warnings.
WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme));
@@ -894,8 +900,6 @@ void RenderThread::EnsureWebKitInitialized() {
if (search_extension)
RegisterExtension(search_extension, false);
- const CommandLine& command_line = *CommandLine::ForCurrentProcess();
-
if (command_line.HasSwitch(switches::kEnableBenchmarking))
RegisterExtension(extensions_v8::BenchmarkingExtension::Get(), false);
generated by cgit v1.1 at 2025-05-20 04:11:50 +0000