From 82e386cab8a3184ac8be6bcb97ed622b42ffe052 Mon Sep 17 00:00:00 2001
From: "bauerb@chromium.org"
 <bauerb@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Fri, 19 Feb 2010 17:24:29 +0000
Subject: Allow opening multiple bookmarks with external links from the same
 page.

Right now, to avoid "carpet bombing" (where a malicious site initiates multiple
downloads), opening an external URL is blocked after the first access until the
user somehow interacts with the page (for example by clicking somewhere).
This doesn't account for opening external links from bookmarks though.

This patch fixes that, by resetting the block state whenever an external URL is
opened by typing it or selecting it from bookmarks.

BUG=31021

TEST=Add a bookmark like mailto://user@hostname to the bookmarks bar and click on it
multiple times in a row (without clicking anywhere else on the page in
between). Depending on your settings, *every time* either a window should open
asking you if you want to open the URL with an external application or your
mail application itself should open.

Review URL: http://codereview.chromium.org/622002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39455 0039d316-1c4b-4281-b951-d872f2087c98
---
 chrome/browser/browser.cc | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'chrome')

diff --git a/chrome/browser/browser.cc b/chrome/browser/browser.cc
index c5608a8..e3f6fefc 100644
--- a/chrome/browser/browser.cc
+++ b/chrome/browser/browser.cc
@@ -3069,6 +3069,16 @@ void Browser::OpenURLAtIndex(TabContents* source,
   bool source_tab_was_frontmost = (current_tab == GetSelectedTabContents());
   TabContents* new_contents = NULL;
 
+  // Opening a bookmark counts as a user gesture, so we don't need to avoid
+  // carpet-bombing here.
+  PageTransition::Type baseTransitionType =
+    PageTransition::StripQualifier(transition);
+  if (baseTransitionType == PageTransition::TYPED ||
+      baseTransitionType == PageTransition::AUTO_BOOKMARK) {
+    RenderViewHostDelegate::BrowserIntegration* delegate = current_tab;
+    delegate->OnUserGesture();
+  }
+
   // If the URL is part of the same web site, then load it in the same
   // SiteInstance (and thus the same process).  This is an optimization to
   // reduce process overhead; it is not necessary for compatibility.  (That is,
-- 
cgit v1.1