Have Safe Browsing consider a portal host dangerous if the portal contents are dangerous
Currently, we're showing a Safe Browsing interstitial just within the
portal. Safe Browsing treats embedders of dangerous iframes as dangerous
themselves. The same should presumably be the case for portals.
Now when a portal loads dangerous content, we load a post commit error
page in the top level contents to show the Safe Browsing interstitial.
Bug: 1077016
Change-Id: I8f6f47df91c41747c663a7def21512d6e73d7469
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2231858
Commit-Queue: Kevin McNee <[email protected]>
Reviewed-by: Varun Khaneja <[email protected]>
Reviewed-by: Carlos IL <[email protected]>
Reviewed-by: Charlie Reis <[email protected]>
Reviewed-by: Daniel Rubery <[email protected]>
Reviewed-by: Lucas Gadani <[email protected]>
Cr-Commit-Position: refs/heads/master@{#781410}
diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
index 36a6d0a1..33072ec 100644
--- a/content/browser/web_contents/web_contents_impl.cc
+++ b/content/browser/web_contents/web_contents_impl.cc
@@ -73,6 +73,7 @@
#include "content/browser/media/media_web_contents_observer.h"
#include "content/browser/media/session/media_session_impl.h"
#include "content/browser/plugin_content_origin_allowlist.h"
+#include "content/browser/portal/portal.h"
#include "content/browser/renderer_host/frame_token_message_queue.h"
#include "content/browser/renderer_host/render_process_host_impl.h"
#include "content/browser/renderer_host/render_view_host_delegate_view.h"
@@ -5272,6 +5273,10 @@
return portal();
}
+WebContentsImpl* WebContentsImpl::GetPortalHostWebContents() {
+ return portal() ? portal()->GetPortalHostContents() : nullptr;
+}
+
void WebContentsImpl::NotifyBeforeFormRepostWarningShow() {
for (auto& observer : observers_)
observer.BeforeFormRepostWarningShow();
