Google Git
Sign in
chromium / chromium / src / 63e6f83268772fd27144a82470d552967b1ca244^! / . / chrome / browser / browser_resources.grd
commit63e6f83268772fd27144a82470d552967b1ca244[log] [tgz]
author[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Fri May 20 17:08:18 2011
committer[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Fri May 20 17:08:18 2011
tree27e5fcaf250e112aba691f68d4f72e1864f34b8b
parent141eb4e0c1ffd0e7c4b05c1505b0c2d7382e2746 [diff] [blame]
Remove in-line javascript from downloads.html and history.html pages so that we may subsequently apply content-security-policy to these pages.  CSP acts as a second line of defense in case someone introduces an XSS on one of these page.

TEST=chrome://downloads, chrome://history load properly.
Review URL: http://codereview.chromium.org/6975025

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@86098 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/chrome/browser/browser_resources.grd b/chrome/browser/browser_resources.grd
index a0a2063..029b12b6 100644
--- a/chrome/browser/browser_resources.grd
+++ b/chrome/browser/browser_resources.grd

@@ -26,7 +26,8 @@
       <include name="IDR_BOOKMARKS_MANIFEST" file="resources\bookmark_manager\manifest.json" type="BINDATA" />
       <include name="IDR_CRASHES_HTML" file="resources\crashes.html" flattenhtml="true" type="BINDATA" />
       <include name="IDR_CREDITS_HTML" file="resources\about_credits.html" flattenhtml="true" type="BINDATA" />
-      <include name="IDR_DOWNLOADS_HTML" file="resources\downloads.html" flattenhtml="true" type="BINDATA" />
+      <include name="IDR_DOWNLOADS_JS" file="resources\downloads.js" type="BINDATA" />
+      <include name="IDR_DOWNLOADS_HTML" file="resources\downloads.html" flattenhtml="true" allowexternalscript="true" type="BINDATA" />
       <if expr="os == 'darwin'">
         <include name="IDR_EXTENSIONS_INFOBAR_CSS" file="resources\extensions_infobar_mac.css" flattenhtml="true" type="BINDATA" />
       </if>
@@ -38,7 +39,8 @@
       <include name="IDR_FLAGS_HTML_WARNING" file="resources\flags_warning.html" flattenhtml="true" type="BINDATA" />
       <include name="IDR_GAIA_LOGIN_HTML" file="sync\resources\gaia_login.html" flattenhtml="true" type="BINDATA" />
       <include name="IDR_GPU_INTERNALS_HTML" file="resources\gpu_internals.html" flattenhtml="true" type="BINDATA" />
-      <include name="IDR_HISTORY_HTML" file="resources\history.html" flattenhtml="true" type="BINDATA" />
+      <include name="IDR_HISTORY_JS" file="resources\history.js" type="BINDATA" />
+      <include name="IDR_HISTORY_HTML" file="resources\history.html" flattenhtml="true" allowexternalscript="true" type="BINDATA" />
       <include name="IDR_HISTORY2_HTML" file="resources\history2.html" flattenhtml="true" type="BINDATA" />
       <include name="IDR_INCOGNITO_TAB_HTML" file="resources\incognito_tab.html" flattenhtml="true" type="BINDATA" />
       <include name="IDR_KEYBOARD_MANIFEST" file="resources\keyboard\manifest.json" type="BINDATA" />