Block redirects to renderer-debug urls

Desktop / Chromium - arthursonzogni [chromium.org] - 12 July 2017 17:44 EDT

Redirects toward renderer-debug urls (chrome://crash, javascript:[...], ...) were not expected to happen in the NavigationHandleImpl. It caused WebContentsObserver::DidFinishNavigation not being called and consequently, bugs in some WebContentsObservers.

This CL blocks any redirects to renderer-debug urls. One test is added.

The blocking of the URL was moved (and partially removed?) in: https://crrev.com/2436253002 This CL tries to restore the previous behavior.

BUG=728398

CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation;master.tryserver.chromium.linux:linux_chromium_browser_side_navigation_rel

Review-Url: https://codereview.chromium.org/2973433003 Cr-Commit-Position: refs/heads/master@{#486091}

b980b4b Block redirects to renderer-debug urls.
.../captive_portal/captive_portal_tab_helper.cc | 9 +--
.../browser/child_process_security_policy_impl.cc | 24 +++++++
.../browser/child_process_security_policy_impl.h | 7 ++
.../child_process_security_policy_unittest.cc | 81 +++++++++++++++++++++-
.../browser/frame_host/navigation_handle_impl.cc | 19 ++---
.../browser/frame_host/navigation_handle_impl.h | 4 --
.../navigation_handle_impl_browsertest.cc | 56 +++++++++++++++
content/browser/frame_host/navigation_request.cc | 41 +++++++----
8 files changed, 202 insertions(+), 39 deletions(-)

Upstream: git.chromium.org


  • Share