0ct0pu5
/
bromite


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199
							From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Sun, 6 Mar 2022 11:29:27 +0100
Subject: Revert Permit blocking of view-source

This reverts commit e72fc9b64116bf259e516096fcc60b58ae8ae1b3.
---
 .../test/url_blocklist_policy_browsertest.cc  | 78 -------------------
 .../policy/url_blocking_policy_test_utils.cc  | 11 ---
 .../policy/url_blocking_policy_test_utils.h   |  3 -
 .../policy_blocklist_navigation_throttle.cc   | 19 -----
 .../policy_blocklist_navigation_throttle.h    |  4 -
 5 files changed, 115 deletions(-)

diff --git a/chrome/browser/policy/test/url_blocklist_policy_browsertest.cc b/chrome/browser/policy/test/url_blocklist_policy_browsertest.cc
--- a/chrome/browser/policy/test/url_blocklist_policy_browsertest.cc
+++ b/chrome/browser/policy/test/url_blocklist_policy_browsertest.cc
@@ -60,14 +60,6 @@ void CheckCanOpenURL(Browser* browser, const std::string& spec) {
   EXPECT_NE(blocked_page_title, contents->GetTitle());
 }
 
-void CheckCanOpenViewSourceURL(Browser* browser, const std::string& spec) {
-  GURL view_source_url("view-source:" + spec);
-  ASSERT_TRUE(ui_test_utils::NavigateToURL(browser, view_source_url));
-  content::WebContents* contents =
-      browser->tab_strip_model()->GetActiveWebContents();
-  EXPECT_EQ(view_source_url, contents->GetLastCommittedURL());
-}
-
 // Handler for embedded http-server, returns a small page with javascript
 // variable and a link to increment it. It's for JavascriptBlocklistable test.
 std::unique_ptr<net::test_server::HttpResponse> JSIncrementerPageHandler(
@@ -148,76 +140,6 @@ IN_PROC_BROWSER_TEST_F(UrlBlockingPolicyTest, URLBlocklist) {
   CheckCanOpenURL(browser(), kURLS[4]);
 }
 
-IN_PROC_BROWSER_TEST_F(UrlBlockingPolicyTest, URLBlocklistViewSource) {
-  // Checks that blocklisted urls are blocked when accessed by via view-source:,
-  // and that blocklisting view-source:* blocks all view-source urls.
-
-  ASSERT_TRUE(embedded_test_server()->Start());
-
-  const std::string kURL_A =
-      embedded_test_server()->GetURL("aaa.com", "/empty.html").spec();
-  const std::string kURL_B =
-      embedded_test_server()->GetURL("bbb.com", "/empty.html").spec();
-
-  // Ensure that no urls are blocked by default.
-  CheckCanOpenURL(browser(), kURL_A);
-  CheckCanOpenURL(browser(), kURL_B);
-  CheckCanOpenViewSourceURL(browser(), kURL_A);
-  CheckCanOpenViewSourceURL(browser(), kURL_B);
-
-  // Block bbb.com urls.
-  base::ListValue blocklist;
-  blocklist.Append("bbb.com");
-  PolicyMap policies;
-  policies.Set(key::kURLBlocklist, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
-               POLICY_SOURCE_CLOUD, blocklist.Clone(), nullptr);
-  UpdateProviderPolicy(policies);
-  FlushBlocklistPolicy();
-
-  // Verify that blocking bbb.com also blocks view-source:bbb.com.
-  CheckURLIsBlocked(browser(), kURL_B);
-  CheckViewSourceURLIsBlocked(browser(), kURL_B);
-
-  // Block all view-source urls.
-  blocklist.Append("view-source:*");
-  policies.Set(key::kURLBlocklist, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
-               POLICY_SOURCE_CLOUD, blocklist.Clone(), nullptr);
-  UpdateProviderPolicy(policies);
-  FlushBlocklistPolicy();
-
-  // Verify that blocking view-source:* blocks view-source:aaa.com but does not
-  // block http://aaa.com.
-  CheckViewSourceURLIsBlocked(browser(), kURL_A);
-  CheckCanOpenURL(browser(), kURL_A);
-}
-
-IN_PROC_BROWSER_TEST_F(UrlBlockingPolicyTest, URLBlocklistNonStandardScheme) {
-  // Checks that non-standard schemes can be blocklisted, and that the blocking
-  // page mentions the URL's scheme.
-  const std::string kURL = "mailto:nobody";
-
-  // Block mailto: urls.
-  base::ListValue blocklist;
-  blocklist.Append("mailto:*");
-  PolicyMap policies;
-  policies.Set(key::kURLBlocklist, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
-               POLICY_SOURCE_CLOUD, blocklist.Clone(), nullptr);
-  UpdateProviderPolicy(policies);
-  FlushBlocklistPolicy();
-
-  // Ensure the URL is blocked.
-  CheckURLIsBlocked(browser(), kURL);
-
-  // Ensure the blocking page mentions the scheme.
-  content::WebContents* contents =
-      browser()->tab_strip_model()->GetActiveWebContents();
-  std::string result;
-  ASSERT_TRUE(content::ExecuteScriptAndExtractString(
-      contents, "domAutomationController.send(document.body.textContent);",
-      &result));
-  EXPECT_THAT(result, testing::HasSubstr("mailto"));
-}
-
 IN_PROC_BROWSER_TEST_F(UrlBlockingPolicyTest, URLBlocklistIncognito) {
   // Checks that URLs can be blocklisted, and that exceptions can be made to
   // the blocklist.
diff --git a/chrome/browser/policy/url_blocking_policy_test_utils.cc b/chrome/browser/policy/url_blocking_policy_test_utils.cc
--- a/chrome/browser/policy/url_blocking_policy_test_utils.cc
+++ b/chrome/browser/policy/url_blocking_policy_test_utils.cc
@@ -56,15 +56,4 @@ void UrlBlockingPolicyTest::CheckURLIsBlocked(Browser* browser,
   CheckURLIsBlockedInWebContents(contents, url);
 }
 
-void UrlBlockingPolicyTest::CheckViewSourceURLIsBlocked(
-    Browser* browser,
-    const std::string& spec) {
-  GURL url(spec);
-  GURL view_source_url("view-source:" + spec);
-  ASSERT_TRUE(ui_test_utils::NavigateToURL(browser, view_source_url));
-  content::WebContents* contents =
-      browser->tab_strip_model()->GetActiveWebContents();
-  CheckURLIsBlockedInWebContents(contents, url);
-}
-
 }  // namespace policy
diff --git a/chrome/browser/policy/url_blocking_policy_test_utils.h b/chrome/browser/policy/url_blocking_policy_test_utils.h
--- a/chrome/browser/policy/url_blocking_policy_test_utils.h
+++ b/chrome/browser/policy/url_blocking_policy_test_utils.h
@@ -29,9 +29,6 @@ class UrlBlockingPolicyTest : public PolicyTest {
 
   // Verifies that access to the given url |spec| is blocked.
   void CheckURLIsBlocked(Browser* browser, const std::string& spec);
-
-  // Verifies that access to |view-source:spec| is blocked.
-  void CheckViewSourceURLIsBlocked(Browser* browser, const std::string& spec);
 };
 
 }  // namespace policy
diff --git a/components/policy/content/policy_blocklist_navigation_throttle.cc b/components/policy/content/policy_blocklist_navigation_throttle.cc
--- a/components/policy/content/policy_blocklist_navigation_throttle.cc
+++ b/components/policy/content/policy_blocklist_navigation_throttle.cc
@@ -13,7 +13,6 @@
 #include "components/prefs/pref_service.h"
 #include "components/user_prefs/user_prefs.h"
 #include "content/public/browser/browser_context.h"
-#include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/navigation_handle.h"
 #include "url/gurl.h"
 
@@ -41,19 +40,6 @@ PolicyBlocklistNavigationThrottle::PolicyBlocklistNavigationThrottle(
 PolicyBlocklistNavigationThrottle::~PolicyBlocklistNavigationThrottle() =
     default;
 
-bool PolicyBlocklistNavigationThrottle::IsBlockedViewSourceNavigation() {
-  content::NavigationEntry* nav_entry =
-      navigation_handle()->GetNavigationEntry();
-  if (!nav_entry || !nav_entry->IsViewSourceMode())
-    return false;
-
-  GURL view_source_url = GURL(std::string("view-source:") +
-                              navigation_handle()->GetURL().spec());
-
-  return (blocklist_service_->GetURLBlocklistState(view_source_url) ==
-          URLBlocklistState::URL_IN_BLOCKLIST);
-}
-
 content::NavigationThrottle::ThrottleCheckResult
 PolicyBlocklistNavigationThrottle::WillStartRequest() {
   const GURL& url = navigation_handle()->GetURL();
@@ -70,11 +56,6 @@ PolicyBlocklistNavigationThrottle::WillStartRequest() {
                                net::ERR_BLOCKED_BY_ADMINISTRATOR);
   }
 
-  if (IsBlockedViewSourceNavigation()) {
-    return ThrottleCheckResult(BLOCK_REQUEST,
-                               net::ERR_BLOCKED_BY_ADMINISTRATOR);
-  }
-
   if (blocklist_state == URLBlocklistState::URL_IN_ALLOWLIST)
     return PROCEED;
 
diff --git a/components/policy/content/policy_blocklist_navigation_throttle.h b/components/policy/content/policy_blocklist_navigation_throttle.h
--- a/components/policy/content/policy_blocklist_navigation_throttle.h
+++ b/components/policy/content/policy_blocklist_navigation_throttle.h
@@ -35,10 +35,6 @@ class PolicyBlocklistNavigationThrottle : public content::NavigationThrottle {
   const char* GetNameForLogging() override;
 
  private:
-  // Returns TRUE if this navigation is to view-source: and view-source is on
-  // the URLBlocklist.
-  bool IsBlockedViewSourceNavigation();
-
   // To ensure both allow and block policies override Safe Sites,
   // SafeSitesNavigationThrottle must be consulted as part of this throttle
   // rather than added separately to the list of throttles.
--
2.25.1