From c8310d8c58b1b51d6565abd3792622237283c564 Mon Sep 17 00:00:00 2001
From: "abarth@chromium.org"
 <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 13 Jan 2011 23:42:28 +0000
Subject: Changing the security model for "chrome" URLs

This patch changes the security model for "chrome" URLs to make implementing
some features in DOMUI easier. Instead of registering "chrome" as a NoAccess
and a Local scheme, we register it as a DisplayIsolated scheme. That should
have the effects outlined in this email:

http://groups.google.com/a/chromium.org/group/chromium-dev/browse_thread/thread/863700bf99b3f3ed

See also https://bugs.webkit.org/show_bug.cgi?id=50182 which introduces the
necessary API into WebKit.

BUG=69140

Review URL: http://codereview.chromium.org/5268006

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71382 0039d316-1c4b-4281-b951-d872f2087c98
---
 chrome/renderer/render_thread.cc | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'chrome/renderer')

diff --git a/chrome/renderer/render_thread.cc b/chrome/renderer/render_thread.cc
index 2935304..67c3f7d 100644
--- a/chrome/renderer/render_thread.cc
+++ b/chrome/renderer/render_thread.cc
@@ -870,12 +870,18 @@ void RenderThread::EnsureWebKitInitialized() {
 
   WebScriptController::enableV8SingleThreadMode();
 
+  const CommandLine& command_line = *CommandLine::ForCurrentProcess();
+
   // chrome: pages should not be accessible by normal content, and should
   // also be unable to script anything but themselves (to help limit the damage
   // that a corrupt chrome: page could cause).
   WebString chrome_ui_scheme(ASCIIToUTF16(chrome::kChromeUIScheme));
-  WebSecurityPolicy::registerURLSchemeAsLocal(chrome_ui_scheme);
-  WebSecurityPolicy::registerURLSchemeAsNoAccess(chrome_ui_scheme);
+  if (command_line.HasSwitch(switches::kNewChromeUISecurityModel)) {
+    WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_ui_scheme);
+  } else {
+    WebSecurityPolicy::registerURLSchemeAsLocal(chrome_ui_scheme);
+    WebSecurityPolicy::registerURLSchemeAsNoAccess(chrome_ui_scheme);
+  }
 
   // chrome-extension: resources shouldn't trigger insecure content warnings.
   WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme));
@@ -894,8 +900,6 @@ void RenderThread::EnsureWebKitInitialized() {
   if (search_extension)
     RegisterExtension(search_extension, false);
 
-  const CommandLine& command_line = *CommandLine::ForCurrentProcess();
-
   if (command_line.HasSwitch(switches::kEnableBenchmarking))
     RegisterExtension(extensions_v8::BenchmarkingExtension::Get(), false);
 
-- 
cgit v1.1