| commit | 8d5cb21f876a51c4fddcb90954e0dd819a09a7a5 | |
| author | japhet@chromium.org <japhet@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Wed, 4 Jun 2014 09:00:39 +0000 (4 09:00 +0000) | ||
| committer | japhet@chromium.org <japhet@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Wed, 4 Jun 2014 09:00:39 +0000 (4 09:00 +0000) | ||
| tree | 0005719b9fbf9fd1757f5d028f557215487d1645 | treesnapshot (tar.gz zip) |
| parent | ce3651bc735d21ca677642616c454cf2e97797ca | commitdiff |
Trust the renderer's same-document navigation flag if it is a same-origin nav.
Currently in AreURLsInPageNavigation, we only trust renderer_says_in_page if
the before and after urls are identical. This prevents us from correctly
classifying history.pushState and history.replaceState navigations as in-page.
Navigations via the history API are required to be same-origin, but can differ
by more than just the ref component, so we get the correct behavior without
the renderer process being able to lie about a cross-origin navigation.
BUG=138324
TEST=Added cases to NavigationControllerTest.IsInPageNavigation
Review URL: https://codereview.chromium.org/304763002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274734 0039d316-1c4b-4281-b951-d872f2087c98
Currently in AreURLsInPageNavigation, we only trust renderer_says_in_page if
the before and after urls are identical. This prevents us from correctly
classifying history.pushState and history.replaceState navigations as in-page.
Navigations via the history API are required to be same-origin, but can differ
by more than just the ref component, so we get the correct behavior without
the renderer process being able to lie about a cross-origin navigation.
BUG=138324
TEST=Added cases to NavigationControllerTest.IsInPageNavigation
Review URL: https://codereview.chromium.org/304763002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@274734 0039d316-1c4b-4281-b951-d872f2087c98
12 files changed: