Prevent registerProtocolHandler for pseudo-schemes and disabled schemes.

Review URL: http://codereview.chromium.org/7069006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86799 0039d316-1c4b-4281-b951-d872f2087c98

Prevent registerProtocolHandler for pseudo-schemes and disabled schemes.
Review URL: http://codereview.chromium.org/7069006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86799 0039d316-1c4b-4281-b951-d872f2087c98
82616d31 · koz@chromium.org · 847de66e · 82616d31
Commit 82616d31 authored May 26, 2011 by koz@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 2 deletions

chrome/browser/ui/tab_contents/tab_contents_wrapper.cc chrome/browser/ui/tab_contents/tab_contents_wrapper.cc +8 -2

No files found.
--- a/chrome/browser/ui/tab_contents/tab_contents_wrapper.cc
+++ b/chrome/browser/ui/tab_contents/tab_contents_wrapper.cc
@@ -45,6 +45,7 @@
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/render_messages.h"
+#include "content/browser/child_process_security_policy.h"
 #include "content/browser/renderer_host/render_view_host.h"
 #include "content/browser/tab_contents/tab_contents.h"
 #include "content/common/notification_service.h"
@@ -503,10 +504,15 @@ void TabContentsWrapper::OnJSOutOfMemory() {
 void TabContentsWrapper::OnRegisterProtocolHandler(const std::string& protocol,
                                                   const GURL& url,
                                                   const string16& title) {
+  ChildProcessSecurityPolicy* policy =
+      ChildProcessSecurityPolicy::GetInstance();
+  if (policy->IsPseudoScheme(protocol) || policy->IsDisabledScheme(protocol))
+    return;
  ProtocolHandlerRegistry* registry = profile()->GetProtocolHandlerRegistry();
-  if (!registry->enabled()) {
+  if (!registry->enabled())
    return;
-  }
  ProtocolHandler handler =
      ProtocolHandler::CreateProtocolHandler(protocol, url, title);
  if (!handler.IsEmpty() &&