cef/patch/patches/browser_security_policy_108...

22 lines
1.0 KiB
Diff
Raw Normal View History

diff --git content/browser/child_process_security_policy_impl.cc content/browser/child_process_security_policy_impl.cc
index fed61eb62d74..af8ae804c1ff 100644
--- content/browser/child_process_security_policy_impl.cc
+++ content/browser/child_process_security_policy_impl.cc
@@ -1704,6 +1704,16 @@ bool ChildProcessSecurityPolicyImpl::CanAccessDataForOrigin(
// DeclarativeApiTest.PersistRules.
if (actual_process_lock.matches_scheme(url::kDataScheme))
return true;
+
+ // Allow other schemes that are non-standard, non-local and WebSafe.
+ if (lock_url.is_valid() &&
+ !lock_url.IsStandard() &&
+ !base::Contains(url::GetLocalSchemes(),
+ lock_url.scheme_piece()) &&
+ base::Contains(schemes_okay_to_request_in_any_process_,
+ lock_url.scheme_piece())) {
+ return true;
+ }
}
// TODO(wjmaclean): We should update the ProcessLock comparison API