site-settings: disallow adding site exceptions for WebUI schemes

Users shouldn't be able to specify permissions for WebUIs. This CL treats WebUI URL as invalid web addresses, and prevents users from adding with add-site-dialog. Bug: 1108216 Change-Id: I4ceace41eba753a49642f67d2ad04325a9b4108e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315900Reviewed-by: Theodore Olsauskas-Warren <sauski@google.com> Commit-Queue: Jiewei Qian <qjw@chromium.org> Cr-Commit-Position: refs/heads/master@{#793542}

site-settings: disallow adding site exceptions for WebUI schemes
Users shouldn't be able to specify permissions for WebUIs. This CL treats WebUI URL as invalid web addresses, and prevents users from adding with add-site-dialog. Bug: 1108216 Change-Id: I4ceace41eba753a49642f67d2ad04325a9b4108e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2315900Reviewed-by: Theodore Olsauskas-Warren <sauski@google.com> Commit-Queue: Jiewei Qian <qjw@chromium.org> Cr-Commit-Position: refs/heads/master@{#793542}
b9fd2c5c · Jiewei Qian · Commit Bot · 792c0200 · b9fd2c5c · b9fd2c5c
Commit b9fd2c5c authored Jul 31, 2020 by Jiewei Qian Committed by Commit Bot Jul 31, 2020
2 changed files
--- a/chrome/browser/ui/webui/settings/site_settings_handler.cc
+++ b/chrome/browser/ui/webui/settings/site_settings_handler.cc
@@ -292,6 +292,18 @@ bool IsPatternValidForType(const std::string& pattern_string,
  HostContentSettingsMap* map =
      HostContentSettingsMapFactory::GetForProfile(profile);

+  // Don't allow patterns for WebUI schemes, even though it's a valid pattern.
+  // WebUI permissions are controlled by ContentSettingsRegistry
+  // WhitelistedSchemes and WebUIAllowlist. Users shouldn't be able to grant
+  // extra permissions or revoke existing permissions.
+  if (pattern.GetScheme() == ContentSettingsPattern::SCHEME_CHROME ||
+      pattern.GetScheme() == ContentSettingsPattern::SCHEME_CHROMEUNTRUSTED ||
+      pattern.GetScheme() == ContentSettingsPattern::SCHEME_DEVTOOLS ||
+      pattern.GetScheme() == ContentSettingsPattern::SCHEME_CHROMESEARCH) {
+    *out_error = l10n_util::GetStringUTF8(IDS_SETTINGS_NOT_VALID_WEB_ADDRESS);
+    return false;
+  }
+
  // Don't allow an input of '*', even though it's a valid pattern. This
  // changes the default setting.
  if (!pattern.IsValid() || pattern == ContentSettingsPattern::Wildcard()) {

--- a/chrome/browser/ui/webui/settings/site_settings_handler_unittest.cc
+++ b/chrome/browser/ui/webui/settings/site_settings_handler_unittest.cc
@@ -97,6 +97,10 @@ const struct PatternContentTypeTestCase {
    {{"https://google.com", "cookies"}, {true, ""}},
    {{";", "cookies"}, {false, "Not a valid web address"}},
    {{"*", "cookies"}, {false, "Not a valid web address"}},
+    {{"chrome://test", "popups"}, {false, "Not a valid web address"}},
+    {{"chrome-untrusted://test", "popups"}, {false, "Not a valid web address"}},
+    {{"devtools://devtools", "popups"}, {false, "Not a valid web address"}},
+    {{"chrome-search://search", "popups"}, {false, "Not a valid web address"}},
    {{"http://google.com", "location"}, {false, "Origin must be secure"}},
    {{"http://127.0.0.1", "location"}, {true, ""}},  // Localhost is secure.
    {{"http://[::1]", "location"}, {true, ""}}};