Merge pull request #15261 from brave/fix/chrome-brave

block chrome://brave and brave:// loads in tabs
brave · Oct 5, 2018 · 907c7e4 · 907c7e4
2 parents d52d97d + 859b8cd
commit 907c7e4
Showing 1 changed file with 33 additions and 0 deletions.
diff --git a/app/filtering.js b/app/filtering.js
@@ -110,6 +110,35 @@ if (process.env.NODE_ENV === 'development') {
   whitelistedTorProtocols.push('ws:')
 }
 
+/**
+ * Returns true if this is a chrome://brave or brave:// URL load that should be
+ * blocked for security reasons.
+ */
+function shouldCancelBraveUrlRequest (details) {
+  const url = details.url
+  if (!url) {
+    return false
+  }
+  const isBraveUrl = url.startsWith('chrome://brave') || url.startsWith('brave://')
+  if (isBraveUrl) {
+    if (details.tabId !== -1) {
+      // This is loading in a tab, not the main window
+      return true
+    }
+    let urlPath = urlParse(url).path || ''
+    while (urlPath.startsWith('//')) {
+      // Trim excess leading slashes
+      urlPath = urlPath.slice(1)
+    }
+    const expectedPathPrefix = path.resolve(__dirname, 'extensions', 'brave') + '/'
+    if (!urlPath.startsWith(expectedPathPrefix)) {
+      // Not a whitelisted path
+      return true
+    }
+  }
+  return false
+}
+
 /**
  * Register for notifications for webRequest.onBeforeRequest for a particular
  * session.
@@ -118,6 +147,10 @@ if (process.env.NODE_ENV === 'development') {
 function registerForBeforeRequest (session, partition) {
   const isPrivate = module.exports.isPrivate(partition)
   session.webRequest.onBeforeRequest((details, muonCb) => {
+    if (shouldCancelBraveUrlRequest(details)) {
+      muonCb({ cancel: true })
+      return
+    }
     if (partition === appConfig.tor.partition) {
       if (!details.url) {
         muonCb({ cancel: true })