Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / chromium_org / f7fa989080f1e63c6a8aa24d5434922d52d9f51e / . / chrome_frame / navigation_constraints.cc
blob: 33f4216a6a556abc50f8ee637731f8442fc3eedd [file] [log] [blame]
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]1// Copyright (c) 2010 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chrome_frame/navigation_constraints.h"
6
Torne (Richard Coles)868fa2f2013-06-11 10:57:03 +0100[diff] [blame]7#include "base/strings/string_util.h"
8#include "base/strings/utf_string_conversions.h"
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]9#include "chrome/common/url_constants.h"
10#include "chrome_frame/utils.h"
Torne (Richard Coles)2a99a7e2013-03-28 15:31:22 +0000[diff] [blame]11#include "extensions/common/constants.h"
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]12
13NavigationConstraintsImpl::NavigationConstraintsImpl() : is_privileged_(false) {
14}
15
16// NavigationConstraintsImpl method definitions.
17bool NavigationConstraintsImpl::AllowUnsafeUrls() {
18 // No sanity checks if unsafe URLs are allowed
19 return GetConfigBool(false, kAllowUnsafeURLs);
20}
21
22bool NavigationConstraintsImpl::IsSchemeAllowed(const GURL& url) {
23 if (url.is_empty())
24 return false;
25
26 if (!url.is_valid())
27 return false;
28
29 if (url.SchemeIs(chrome::kHttpScheme) ||
30 url.SchemeIs(chrome::kHttpsScheme))
31 return true;
32
33 // Additional checking for view-source. Allow only http and https
34 // URLs in view source.
Torne (Richard Coles)868fa2f2013-06-11 10:57:03 +0100[diff] [blame]35 if (url.SchemeIs(content::kViewSourceScheme)) {
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]36 GURL sub_url(url.path());
37 if (sub_url.SchemeIs(chrome::kHttpScheme) ||
38 sub_url.SchemeIs(chrome::kHttpsScheme))
39 return true;
40 }
41
42 // Allow only about:blank or about:version
43 if (url.SchemeIs(chrome::kAboutScheme)) {
Torne (Richard Coles)90dce4d2013-05-29 14:40:03 +0100[diff] [blame]44 if (LowerCaseEqualsASCII(url.spec(), content::kAboutBlankURL) ||
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]45 LowerCaseEqualsASCII(url.spec(), chrome::kAboutVersionURL)) {
46 return true;
47 }
48 }
49
50 if (is_privileged_ &&
51 (url.SchemeIs(chrome::kDataScheme) ||
Torne (Richard Coles)2a99a7e2013-03-28 15:31:22 +0000[diff] [blame]52 url.SchemeIs(extensions::kExtensionScheme))) {
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]53 return true;
54 }
55
56 return false;
57}
58
59bool NavigationConstraintsImpl::IsZoneAllowed(const GURL& url) {
60 if (!security_manager_) {
61 HRESULT hr = security_manager_.CreateInstance(
62 CLSID_InternetSecurityManager);
63 if (FAILED(hr)) {
64 NOTREACHED() << __FUNCTION__
65 << " Failed to create SecurityManager. Error: 0x%x"
66 << hr;
67 return true;
68 }
69 DWORD zone = URLZONE_INVALID;
70 std::wstring unicode_url = UTF8ToWide(url.spec());
71 security_manager_->MapUrlToZone(unicode_url.c_str(), &zone, 0);
72 if (zone == URLZONE_UNTRUSTED) {
73 DLOG(WARNING) << __FUNCTION__
74 << " Disallowing navigation to restricted url: " << url;
75 return false;
76 }
77 }
78 return true;
79}
80
81bool NavigationConstraintsImpl::is_privileged() const {
82 return is_privileged_;
83}
84
85void NavigationConstraintsImpl::set_is_privileged(bool is_privileged) {
86 is_privileged_ = is_privileged;
87}