This patch implements a mechanism for more granular link URL permissions (filtering on scheme/host). This fixes the bug that allowed PDFs to have working links to any "chrome://" URLs.
BUG=528505,226927
Review URL: https://codereview.chromium.org/1362433002
Cr-Commit-Position: refs/heads/master@{#351705}
diff --git a/extensions/browser/extension_web_contents_observer.cc b/extensions/browser/extension_web_contents_observer.cc
index 187cfb22..fbfb5a5c5a 100644
--- a/extensions/browser/extension_web_contents_observer.cc
+++ b/extensions/browser/extension_web_contents_observer.cc
@@ -75,19 +75,7 @@
if (!extension)
return;
- content::RenderProcessHost* process = render_view_host->GetProcess();
-
- // Some extensions use chrome:// URLs.
- // This is a temporary solution. Replace it with access to chrome-static://
- // once it is implemented. See: crbug.com/226927.
Manifest::Type type = extension->GetType();
- if (type == Manifest::TYPE_EXTENSION ||
- type == Manifest::TYPE_LEGACY_PACKAGED_APP ||
- (type == Manifest::TYPE_PLATFORM_APP &&
- extension->location() == Manifest::COMPONENT)) {
- content::ChildProcessSecurityPolicy::GetInstance()->GrantScheme(
- process->GetID(), content::kChromeUIScheme);
- }
// Some extensions use file:// URLs.
if (type == Manifest::TYPE_EXTENSION ||
@@ -95,7 +83,7 @@
ExtensionPrefs* prefs = ExtensionPrefs::Get(browser_context_);
if (prefs->AllowFileAccess(extension->id())) {
content::ChildProcessSecurityPolicy::GetInstance()->GrantScheme(
- process->GetID(), url::kFileScheme);
+ render_view_host->GetProcess()->GetID(), url::kFileScheme);
}
}
