Revert "Add browser-side checks for registerProtocolHandler"
This reverts commit 5ee1de5da38b1f1cf5ed6defec5c578b9cb4c971.
Reason for revert: This broke the SSH app
Original change's description:
> Add browser-side checks for registerProtocolHandler
>
> This adds browser-side checks for the registerProtocolHandler API. In
> particular:
> 1) Checks that the origin of the URL handler matches the origin of the RFH
> where the call originates.
> 2) Checks that the protocol being handled is one of the safelisted
> schemes.
> 3) Checks that the scheme of the URL handler is either http or https.
>
> Check (1) is implemented in the content/ layer so that non-Chrome
> embedders can benefit from this check.
>
> Checks (2) and (3) are implemented further down in Chrome because we
> need to ensure that if existing handlers are registered that we don't
> load them from prefs.
>
> Tests are added.
>
> We may want to consider restricting this API to secure contexts in a
> follow-up but this will need to be vetted by blink-dev@.
>
> Bug: 971917,952974
> Change-Id: I08b1c46b8e8493679adf7f252d09a224d67e64e7
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1652756
> Commit-Queue: Raymes Khoury <[email protected]>
> Reviewed-by: Christian Dullweber <[email protected]>
> Reviewed-by: Charlie Reis <[email protected]>
> Reviewed-by: Trent Apted <[email protected]>
> Reviewed-by: Ben Wells <[email protected]>
> Cr-Commit-Position: refs/heads/master@{#675929}
[email protected],[email protected],[email protected],[email protected],[email protected]
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: 971917, 952974
Change-Id: I4fc0a79b53233093ff49403f18e00e08365b2b53
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1701466
Commit-Queue: Ben Wells <[email protected]>
Reviewed-by: Ben Wells <[email protected]>
Cr-Commit-Position: refs/heads/master@{#677252}
diff --git a/content/browser/web_contents/web_contents_impl.cc b/content/browser/web_contents/web_contents_impl.cc
index 224d4cf..a46080d 100644
--- a/content/browser/web_contents/web_contents_impl.cc
+++ b/content/browser/web_contents/web_contents_impl.cc
@@ -303,24 +303,6 @@
return a->frame_tree_node()->depth() < b->frame_tree_node()->depth();
}
-bool AreValidRegisterProtocolHandlerArguments(const std::string& protocol,
- const GURL& url,
- const url::Origin& origin) {
- ChildProcessSecurityPolicyImpl* policy =
- ChildProcessSecurityPolicyImpl::GetInstance();
- if (policy->IsPseudoScheme(protocol))
- return false;
-
- if (!url.SchemeIsHTTPOrHTTPS())
- return false;
-
- url::Origin url_origin = url::Origin::Create(url);
- if (!url_origin.IsSameOriginWith(origin))
- return false;
-
- return true;
-}
-
} // namespace
std::unique_ptr<WebContents> WebContents::Create(
@@ -4867,12 +4849,10 @@
if (!delegate_)
return;
- if (!AreValidRegisterProtocolHandlerArguments(
- protocol, url, source->GetLastCommittedOrigin())) {
- ReceivedBadMessage(source->GetProcess(),
- bad_message::REGISTER_PROTOCOL_HANDLER_INVALID_URL);
+ ChildProcessSecurityPolicyImpl* policy =
+ ChildProcessSecurityPolicyImpl::GetInstance();
+ if (policy->IsPseudoScheme(protocol))
return;
- }
delegate_->RegisterProtocolHandler(this, protocol, url, user_gesture);
}
@@ -4886,12 +4866,10 @@
if (!delegate_)
return;
- if (!AreValidRegisterProtocolHandlerArguments(
- protocol, url, source->GetLastCommittedOrigin())) {
- ReceivedBadMessage(source->GetProcess(),
- bad_message::REGISTER_PROTOCOL_HANDLER_INVALID_URL);
+ ChildProcessSecurityPolicyImpl* policy =
+ ChildProcessSecurityPolicyImpl::GetInstance();
+ if (policy->IsPseudoScheme(protocol))
return;
- }
delegate_->UnregisterProtocolHandler(this, protocol, url, user_gesture);
}
