Torne (Richard Coles) | 5821806 | 2012-11-14 11:43:16 +0000 | [diff] [blame^] | 1 | // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "chrome_frame/navigation_constraints.h" |
| 6 | |
| 7 | #include "base/string_util.h" |
| 8 | #include "base/utf_string_conversions.h" |
| 9 | #include "chrome/common/url_constants.h" |
| 10 | #include "chrome_frame/utils.h" |
| 11 | |
| 12 | NavigationConstraintsImpl::NavigationConstraintsImpl() : is_privileged_(false) { |
| 13 | } |
| 14 | |
| 15 | // NavigationConstraintsImpl method definitions. |
| 16 | bool NavigationConstraintsImpl::AllowUnsafeUrls() { |
| 17 | // No sanity checks if unsafe URLs are allowed |
| 18 | return GetConfigBool(false, kAllowUnsafeURLs); |
| 19 | } |
| 20 | |
| 21 | bool NavigationConstraintsImpl::IsSchemeAllowed(const GURL& url) { |
| 22 | if (url.is_empty()) |
| 23 | return false; |
| 24 | |
| 25 | if (!url.is_valid()) |
| 26 | return false; |
| 27 | |
| 28 | if (url.SchemeIs(chrome::kHttpScheme) || |
| 29 | url.SchemeIs(chrome::kHttpsScheme)) |
| 30 | return true; |
| 31 | |
| 32 | // Additional checking for view-source. Allow only http and https |
| 33 | // URLs in view source. |
| 34 | if (url.SchemeIs(chrome::kViewSourceScheme)) { |
| 35 | GURL sub_url(url.path()); |
| 36 | if (sub_url.SchemeIs(chrome::kHttpScheme) || |
| 37 | sub_url.SchemeIs(chrome::kHttpsScheme)) |
| 38 | return true; |
| 39 | } |
| 40 | |
| 41 | // Allow only about:blank or about:version |
| 42 | if (url.SchemeIs(chrome::kAboutScheme)) { |
| 43 | if (LowerCaseEqualsASCII(url.spec(), chrome::kAboutBlankURL) || |
| 44 | LowerCaseEqualsASCII(url.spec(), chrome::kAboutVersionURL)) { |
| 45 | return true; |
| 46 | } |
| 47 | } |
| 48 | |
| 49 | if (is_privileged_ && |
| 50 | (url.SchemeIs(chrome::kDataScheme) || |
| 51 | url.SchemeIs(chrome::kExtensionScheme))) { |
| 52 | return true; |
| 53 | } |
| 54 | |
| 55 | return false; |
| 56 | } |
| 57 | |
| 58 | bool NavigationConstraintsImpl::IsZoneAllowed(const GURL& url) { |
| 59 | if (!security_manager_) { |
| 60 | HRESULT hr = security_manager_.CreateInstance( |
| 61 | CLSID_InternetSecurityManager); |
| 62 | if (FAILED(hr)) { |
| 63 | NOTREACHED() << __FUNCTION__ |
| 64 | << " Failed to create SecurityManager. Error: 0x%x" |
| 65 | << hr; |
| 66 | return true; |
| 67 | } |
| 68 | DWORD zone = URLZONE_INVALID; |
| 69 | std::wstring unicode_url = UTF8ToWide(url.spec()); |
| 70 | security_manager_->MapUrlToZone(unicode_url.c_str(), &zone, 0); |
| 71 | if (zone == URLZONE_UNTRUSTED) { |
| 72 | DLOG(WARNING) << __FUNCTION__ |
| 73 | << " Disallowing navigation to restricted url: " << url; |
| 74 | return false; |
| 75 | } |
| 76 | } |
| 77 | return true; |
| 78 | } |
| 79 | |
| 80 | bool NavigationConstraintsImpl::is_privileged() const { |
| 81 | return is_privileged_; |
| 82 | } |
| 83 | |
| 84 | void NavigationConstraintsImpl::set_is_privileged(bool is_privileged) { |
| 85 | is_privileged_ = is_privileged; |
| 86 | } |