Ensure we display all non-WebUI URLs, as a second line of defense. BUG=70819 TEST=Load a normal URL in an extension process (currently not possible). Review URL: http://codereview.chromium.org/6526030 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@75071 0039d316-1c4b-4281-b951-d872f2087c98

commit: 2b9a0640a53ae8782fa9ed11129d279cbfaf66f5 [log] [tgz]
author: [email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98> Wed Feb 16 04:57:10 2011
committer: [email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98> Wed Feb 16 04:57:10 2011
tree: b234f2ad5cb1f0db9ac46938f9096393da51ed8b
parent: 209673231470b1f6aa6b08fe0dc5602737ec2500 [diff] [blame]
diff --git a/chrome/browser/tab_contents/tab_contents.cc b/chrome/browser/tab_contents/tab_contents.cc
index 264a29d..2fd6ea12 100644
--- a/chrome/browser/tab_contents/tab_contents.cc
+++ b/chrome/browser/tab_contents/tab_contents.cc

@@ -657,6 +657,10 @@
     return true;
   }
 
+  // We always display the URL for non-WebUI URLs to prevent spoofing.
+  if (entry && !WebUIFactory::HasWebUIScheme(entry->url()))
+    return true;
+
   WebUI* web_ui = GetWebUIForCurrentState();
   if (web_ui)
     return !web_ui->should_hide_url();
commit	2b9a0640a53ae8782fa9ed11129d279cbfaf66f5	[log] [tgz]
author	[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>	Wed Feb 16 04:57:10 2011
committer	[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>	Wed Feb 16 04:57:10 2011
tree	b234f2ad5cb1f0db9ac46938f9096393da51ed8b
parent	209673231470b1f6aa6b08fe0dc5602737ec2500 [diff] [blame]