diff options
Diffstat (limited to 'chromium/content/browser/site_instance_impl.cc')
-rw-r--r-- | chromium/content/browser/site_instance_impl.cc | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/chromium/content/browser/site_instance_impl.cc b/chromium/content/browser/site_instance_impl.cc index d961143bbf8..357894a1d48 100644 --- a/chromium/content/browser/site_instance_impl.cc +++ b/chromium/content/browser/site_instance_impl.cc @@ -406,10 +406,8 @@ GURL SiteInstance::GetSiteForURL(BrowserContext* browser_context, // origin lookup. auto* policy = ChildProcessSecurityPolicyImpl::GetInstance(); url::Origin isolated_origin; - if (policy->GetMatchingIsolatedOrigin(url::Origin::Create(url), - &isolated_origin)) { + if (policy->GetMatchingIsolatedOrigin(origin, &isolated_origin)) return isolated_origin.GetURL(); - } // If the url has a host, then determine the site. Skip file URLs to avoid a // situation where site URL of file://localhost/ would mismatch Blink's origin @@ -427,11 +425,16 @@ GURL SiteInstance::GetSiteForURL(BrowserContext* browser_context, // If there is no host but there is a scheme, return the scheme. // This is useful for cases like file URLs. - if (url.has_scheme()) + if (!origin.unique()) { + // Prefer to use the scheme of |origin| rather than |url|, to correctly + // cover blob: and filesystem: URIs (see also https://crbug.com/697111). + DCHECK(origin.GetURL().has_scheme()) << origin; + return GURL(origin.GetURL().scheme() + ":"); + } else if (url.has_scheme()) return GURL(url.scheme() + ":"); // Otherwise the URL should be invalid; return an empty site. - DCHECK(!url.is_valid()); + DCHECK(!url.is_valid()) << url; return GURL(); } |