commit 7dcb07ea0faa7d5a7b220c6f8b34a98e40e95bb3
author James Lissiak <jalissia@microsoft.com> Fri May 17 21:09:54 2019
committer Commit Bot <commit-bot@chromium.org> Fri May 17 21:09:54 2019
tree c9608b5ae1b22267cb331c6b817248fd8f5daeb4
parent 8cf532eab547fb091812f9172c13ab7a880dcab0

Adding devtools scheme as internal to prevent external app navigation

This is a follow up to bug discussion 960409:
https://bugs.chromium.org/p/chromium/issues/detail?id=960409#c8

The patch adds the 'devtools://' url scheme to the list of internal
schemes and adds a check to ensure that navigations to that scheme
don't bounce out to external apps.

Change-Id: Ibe9ab69a2bebc20e7636e65943dc67b426f0fea5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1615605
Reviewed-by: Joel Einbinder <einbinder@chromium.org>
Reviewed-by: Yaron Friedman <yfriedman@chromium.org>
Commit-Queue: James Lissiak <jalissia@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#661018}

chrome/android/java/src/org/chromium/chrome/browser/UrlConstants.java

diff --git a/chrome/android/java/src/org/chromium/chrome/browser/UrlConstants.java b/chrome/android/java/src/org/chromium/chrome/browser/UrlConstants.java
index ab1cd30..3fb08e1 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/UrlConstants.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/UrlConstants.java
@@ -28,6 +28,8 @@
     public static final String CHROME_URL_SHORT_PREFIX = "chrome:";
     public static final String CHROME_NATIVE_URL_SHORT_PREFIX = "chrome-native:";
     public static final String FILE_URL_SHORT_PREFIX = "file:";
+    public static final String DEVTOOLS_URL_SHORT_PREFIX = "devtools:";
+    public static final String DEVTOOLS_FALLBACK_URL_SHORT_PREFIX = "chrome-devtools:";
 
     public static final String CHROME_URL_PREFIX = "chrome://";
     public static final String CHROME_NATIVE_URL_PREFIX = "chrome-native://";

chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java

diff --git a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java
index c17abd5..ac81025 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationHandler.java
@@ -375,11 +375,13 @@
             return OverrideUrlLoadingResult.NO_OVERRIDE;
         }
 
-        // The "about:", "chrome:", and "chrome-native:" schemes are internal to the browser;
-        // don't want these to be dispatched to other apps.
+        // The "about:", "chrome:", "chrome-native:", "chrome-devtools:", and "devtools:" schemes
+        // are internal to the browser; don't want these to be dispatched to other apps.
         if (params.getUrl().startsWith(ContentUrlConstants.ABOUT_URL_SHORT_PREFIX)
                 || params.getUrl().startsWith(UrlConstants.CHROME_URL_SHORT_PREFIX)
-                || params.getUrl().startsWith(UrlConstants.CHROME_NATIVE_URL_SHORT_PREFIX)) {
+                || params.getUrl().startsWith(UrlConstants.CHROME_NATIVE_URL_SHORT_PREFIX)
+                || params.getUrl().startsWith(UrlConstants.DEVTOOLS_URL_SHORT_PREFIX)
+                || params.getUrl().startsWith(UrlConstants.DEVTOOLS_FALLBACK_URL_SHORT_PREFIX)) {
             if (DEBUG) Log.i(TAG, "NO_OVERRIDE: Navigating to a chrome-internal page");
             return OverrideUrlLoadingResult.NO_OVERRIDE;
         }