1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome_frame/navigation_constraints.h"
7 #include "base/strings/string_util.h"
8 #include "base/strings/utf_string_conversions.h"
9 #include "chrome/common/url_constants.h"
10 #include "chrome_frame/utils.h"
11 #include "extensions/common/constants.h"
13 NavigationConstraintsImpl::NavigationConstraintsImpl() : is_privileged_(false) {
16 // NavigationConstraintsImpl method definitions.
17 bool NavigationConstraintsImpl::AllowUnsafeUrls() {
18 // No sanity checks if unsafe URLs are allowed
19 return GetConfigBool(false, kAllowUnsafeURLs
);
22 bool NavigationConstraintsImpl::IsSchemeAllowed(const GURL
& url
) {
29 if (url
.SchemeIs(chrome::kHttpScheme
) || url
.SchemeIs(content::kHttpsScheme
))
32 // Additional checking for view-source. Allow only http and https
33 // URLs in view source.
34 if (url
.SchemeIs(content::kViewSourceScheme
)) {
35 GURL
sub_url(url
.path());
36 if (sub_url
.SchemeIs(chrome::kHttpScheme
) ||
37 sub_url
.SchemeIs(content::kHttpsScheme
))
41 // Allow only about:blank or about:version
42 if (url
.SchemeIs(chrome::kAboutScheme
)) {
43 if (LowerCaseEqualsASCII(url
.spec(), content::kAboutBlankURL
) ||
44 LowerCaseEqualsASCII(url
.spec(), chrome::kAboutVersionURL
)) {
50 (url
.SchemeIs(chrome::kDataScheme
) ||
51 url
.SchemeIs(extensions::kExtensionScheme
))) {
58 bool NavigationConstraintsImpl::IsZoneAllowed(const GURL
& url
) {
59 if (!security_manager_
) {
60 HRESULT hr
= security_manager_
.CreateInstance(
61 CLSID_InternetSecurityManager
);
63 NOTREACHED() << __FUNCTION__
64 << " Failed to create SecurityManager. Error: 0x%x"
68 DWORD zone
= URLZONE_INVALID
;
69 std::wstring unicode_url
= UTF8ToWide(url
.spec());
70 security_manager_
->MapUrlToZone(unicode_url
.c_str(), &zone
, 0);
71 if (zone
== URLZONE_UNTRUSTED
) {
72 DLOG(WARNING
) << __FUNCTION__
73 << " Disallowing navigation to restricted url: " << url
;
80 bool NavigationConstraintsImpl::is_privileged() const {
81 return is_privileged_
;
84 void NavigationConstraintsImpl::set_is_privileged(bool is_privileged
) {
85 is_privileged_
= is_privileged
;