This inlines all remaining DISALLOW_* macros in content/. This is done
manually (vim regex + manually finding insertion position).
IWYU cleanup is left as a separate pass that is easier when these macros
go away.
Bug: 1010217
Change-Id: I8b5ea6dd9f8a3f584cf3eef82634017a38b15be8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3193883
Commit-Queue: Peter Boström <pbos@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Auto-Submit: Peter Boström <pbos@chromium.org>
Reviewed-by: Lei Zhang <thestig@chromium.org>
Owners-Override: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#936160}
Motivation for this CL
======================
Before this CL url_formatter::FixupURL could transform URLs of
renderer-initiated navigations. This may have allowed an attacker to
"launder" URLs past early filters (if the initial URL provided by the
attacker looks benign, but after passing the filters is transformed by
FixupURL into a malicious form). The following bugs in the past seem to
have been at least partially enabled by this transformation:
- Laundering a "javascript:" URL:
https://crbug.com/1116280 and https://crbug.com/850824
- Omnibox spoof due to the modified url:
https://crbug.com/449829 and https://crbug.com/657720
- Invariant violation due to a difference between virtual url and
regular url: https://crbug.com/895065
Before this CL, url_formatter::FixupURL was called for
renderer-initiated navigations via WillHandleBrowserAboutURL. This
doesn’t seem necessary per the TODO in this function asking to
"Eliminate "about:*" constants [...] then hopefully we can remove this
forced fixup".
Note that BrowserURLHandler::SetFixupHandler has been introduced in
r316923 as a workaround to ensure URL consistency by adding FixupURL in
one more place. If FixupURL wouldn’t be called from
WillHandleBrowserAboutURL, then BrowserURLHandler::SetFixupHandler
wouldn’t be needed in the first place.
Finally, https://crbug.com/1130091#c3 points out that
url_formatter::FixupURL should only be invoked on user input (e.g. URLs
typed into the omnibox and used for browser-initiated navigations)
rather than on arbitrary URLs.
Summary of changes in this CL
=============================
Based on the above, the CL:
- Removes the FixupBrowserAboutURL call from WillHandleBrowserAboutURL
- Removes the BrowserURLHandler::SetFixupHandler method and related code
- Fixes tests so that they use the final URL form (rather than relying
on the FixupURL call)
- Adjusting expectations of tests that were testing laundering scenarios
The CL also opportunistically:
- Simplifies WillHandleBrowserAboutURL (path transformations were a
no-op; early return for kChromeUISettingsHost and kChromeUIHelpHost
can be consolidated)
Testing
=======
Manual testing:
- Verified that "about:version" typed into the omnibox still ends up
navigating to "chrome://version/"
- Verified that renderer-initiated navigations to "about:version" are
translated into "about:blank#blocked" by
RenderProcessHostImpl::FilterURL
Bug: 1130091
Change-Id: I9a9f32d4d9c0ec630c2110679efe0c1d18b4370b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2441284
Reviewed-by: Charlie Reis <creis@chromium.org>
Reviewed-by: Peter Kasting <pkasting@chromium.org>
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#818969}
If the NTP was overridden from its default state with Google as the
search provider, show a branded dialog and custom message to the user.
This requires a bit of code acrobatics in order to determine what the
previous NTP and search engine will be. In particular, we need to:
1) Determine if the default search is Google
2) Determine if the default NTP is the "secondary" NTP
1) is relatively straightforward; 2) is more complicated. The NTP can
be overridden by several different sources (extensions, policies, or
a different default search provider). In order to accommodate this,
introduce BrowserURLHandler::GetPossibleRewrites(), which iterates over
all rewriters and accumulates the list of rewrites that would happen.
This, in conjunction with also checking for multiple NTP overriding
extensions, allows us to check if the default NTP would be used if the
overriding extension were removed.
Add tests for various pieces:
- BrowserURLHandler::GetPossibleRewrites()
- ExtensionWebUI::GetNumberOfExtensionsOverridingURL()
- The dialog params generated when a non-default search is selected
- The dialog params generated when multiple NTP-overriding extensions
are installed
- UI browser tests for both the generic and the default-specific
dialogs.
Bug: 1079364
Change-Id: I6d37eb8fa85cd824155a9907253a57f1d8cfd51c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2202156
Commit-Queue: Devlin <rdevlin.cronin@chromium.org>
Reviewed-by: Elly Fong-Jones <ellyjones@chromium.org>
Reviewed-by: Brian White <bcwhite@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#774653}
This CL removes the |reverse_on_redirect| out parameter from the
//content-public version of the BrowserURLHandler::RewriteURLIfNecessary
method. This is justified by the fact that outside of //content all
callers of that method would ignore this out parameter.
The CL keeps the |reverse_on_redirect| in the //content-internal
overload of the method in BrowserURLHandlerImpl, because the
|reverse_on_redirect| out parameter is used from the
NavigationControllerImpl code.
This CL is intended to be pure refactoring and should introduce no
behavior changes. This is followup from discussion in r735048.
Bug: 1029161
Change-Id: I4d4322495604d7d67ddf22668eeab33c70fe0cf6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1993724
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#735175}
This CL makes sure we do not attempt to rewrite a subframe navigation URL in
should only be performed on main frame navigations.
NavigationControllerImpl: :CreateNavigationRequestFromLoadParams. Rewrites
Bug: 895065, 803859, 896028
Change-Id: I2a2326d802b55655d59f0c6d3d73e3060c58152b
Reviewed-on: https://chromium-review.googlesource.com/c/1282992
Commit-Queue: Charlie Reis <creis@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#601183}
Public APIs from base should live inside base:: so moved Singleton class
and structs to base{} and fixed consumers.
also fixed:
** Presubmit ERRORS **
Found Singleton<T> in the following header files.
Please move them to an appropriate source file so that the template
gets instantiated in a single compilation unit.
chrome/browser/plugins/plugin_finder.h \
chromecast/media/base/media_message_loop.h \
content/browser/media/android/media_drm_credential_manager.h
Presubmit warnings:
src/chrome/browser/extensions/warning_badge_service_factory.h:5:
#ifndef header guard has wrong style, please use:
CHROME_BROWSER_EXTENSIONS_WARNING_BADGE_SERVICE_FACTORY_H_
[build/header_guard] [5]
src/chrome/browser/extensions/warning_badge_service_factory.h:39:
#endif line should be "#endif //
CHROME_BROWSER_EXTENSIONS_WARNING_BADGE_SERVICE_FACTORY_H_"
[build/header_guard] [5]
TBR=jam@chromium.org
Review URL: https://codereview.chromium.org/1308823002
Cr-Commit-Position: refs/heads/master@{#348136}
Uses BrowserURLHandler since this depends on components and can't
live in content.
BUG=449829
TEST=See bug for repro steps.
Review URL: https://codereview.chromium.org/923183003
Cr-Commit-Position: refs/heads/master@{#316923}
This patch was automatically generated by applying clang fixit hints
generated by the plugin to the source tree.
BUG=417463
TBR=sky@chromium.org
Review URL: https://codereview.chromium.org/667943003
Cr-Commit-Position: refs/heads/master@{#300469}
The reverse writer for viewsource had an incorrect assumption about the path component of URL which was causing a duplication of query and fragment parameters. This change is to unit test the fix that went in
https://codereview.chromium.org/655023002/
BUG=336846
Review URL: https://codereview.chromium.org/659153003
Cr-Commit-Position: refs/heads/master@{#300281}
This step is a giant search and replace for OVERRIDE and FINAL to
replace them with their lowercase versions.
BUG=417463
Review URL: https://codereview.chromium.org/637183002
Cr-Commit-Position: refs/heads/master@{#298804}
Fixed most of the files found with the following command line:
$ git grep --files-without-match --name-only "namespace content {" -- content/browser/{*.cc,*.h.*.mm}
R=jam@chromium.org
Review URL: https://codereview.chromium.org/11274038
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@164120 0039d316-1c4b-4281-b951-d872f2087c98
