1eefa26e1795192c5a347a1e1e7a99e88c47f9c4 | Vulnerability History Project

The Vulnerability History Project

This patch implements a mechanism for more granular link URL permissions (filtering on scheme/host). This fixes the bug that allowed PDFs to have working links to any &quotchrome://&quot URLs.

      BUG=528505,226927

Review URL: https://codereview.chromium.org/1362433002

Cr-Commit-Position: refs/heads/master@{#351705}

by Rodney the White Rhinoceros 2015-10-01 02:11:13 UTC

commit 1eefa26e1795192c5a347a1e1e7a99e88c47f9c4

Chromium Fix CVE-2015-6779

chrome/browser/extensions/chrome_extension_web_contents_observer.cc

-31

chrome/browser/pdf/pdf_extension_test.cc

+8 -38

content/browser/child_process_security_policy_impl.cc

+4 -32

content/browser/child_process_security_policy_impl.h

-1

content/browser/child_process_security_policy_unittest.cc

-41

content/public/browser/child_process_security_policy.h

-5

content/public/common/url_constants.cc

-1

content/public/common/url_constants.h

-1

extensions/browser/extension_web_contents_observer.cc

+13 -1

expand_less