Return null from native window.open when allowpopups is unset

This commit is contained in:
Kevin Sawicki 2017-05-23 15:59:17 -07:00
parent a0571e3c72
commit dbd240a7cb
5 changed files with 32 additions and 2 deletions

View file

@ -147,6 +147,12 @@ bool AtomBrowserClient::RendererUsesNativeWindowOpen(int process_id) {
return it != process_preferences_.end() && it->second.native_window_open;
}
bool AtomBrowserClient::RendererDisablesPopups(int process_id) {
base::AutoLock auto_lock(process_preferences_lock_);
auto it = process_preferences_.find(process_id);
return it != process_preferences_.end() && it->second.disable_popups;
}
void AtomBrowserClient::RenderProcessWillLaunch(
content::RenderProcessHost* host) {
int process_id = host->GetID();
@ -160,6 +166,8 @@ void AtomBrowserClient::RenderProcessWillLaunch(
process_prefs.sandbox = WebContentsPreferences::IsSandboxed(web_contents);
process_prefs.native_window_open
= WebContentsPreferences::UsesNativeWindowOpen(web_contents);
process_prefs.disable_popups
= WebContentsPreferences::DisablePopups(web_contents);
AddProcessPreferences(host->GetID(), process_prefs);
// ensure the ProcessPreferences is removed later
host->AddObserver(this);
@ -341,12 +349,22 @@ bool AtomBrowserClient::CanCreateWindow(
bool* no_javascript_access) {
DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
if (IsRendererSandboxed(opener_render_process_id)
|| RendererUsesNativeWindowOpen(opener_render_process_id)) {
if (IsRendererSandboxed(opener_render_process_id)) {
*no_javascript_access = false;
return true;
}
if (RendererUsesNativeWindowOpen(opener_render_process_id)) {
if (RendererDisablesPopups(opener_render_process_id)) {
// <webview> without allowpopups attribute should return
// null from window.open calls
return false;
} else {
*no_javascript_access = false;
return true;
}
}
if (delegate_) {
content::BrowserThread::PostTask(content::BrowserThread::UI, FROM_HERE,
base::Bind(&api::App::OnCreateWindow,