Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(98)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2884025: Disallow syncing of extensions with third-party update URLs or plugins. (Closed)

Created:
10 years, 5 months ago by akalin
Modified:
9 years, 7 months ago
CC:
chromium-reviews, ncarter (slow), idana, Raghu Simha, Erik does not do reviews, ben+cc_chromium.org, Aaron Boodman, pam+watch_chromium.org, Paweł Hajdan Jr., tim (not reviewing)
Visibility:
Public.

Description

Disallow syncing of extensions with third-party update URLs or plugins. BUG=49346, 46516 TEST=new unit tests, manual Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=53102

Patch Set 1 #

Patch Set 2 : Compare update URL to the right string #

Patch Set 3 : Tightened check #

Total comments: 1
Unified diffs Side-by-side diffs Delta from patch set Stats (+90 lines, -20 lines) Patch
M chrome/browser/extensions/extension_updater.cc View 1 chunk +3 lines, -1 line 1 comment Download
M chrome/browser/sync/glue/extension_util.cc View 1 2 2 chunks +21 lines, -0 lines 0 comments Download
M chrome/browser/sync/glue/extension_util_unittest.cc View 1 2 10 chunks +60 lines, -16 lines 0 comments Download
M chrome/common/extensions/extension_constants.h View 1 chunk +3 lines, -2 lines 0 comments Download
M chrome/common/extensions/extension_constants.cc View 1 chunk +3 lines, -1 line 0 comments Download

Messages

Total messages: 9 (0 generated)
akalin
+tim for review
10 years, 5 months ago (2010-07-19 21:58:35 UTC) #1
tim (not reviewing)
LGTM
10 years, 5 months ago (2010-07-19 22:07:43 UTC) #2
akalin
Fixed to compare against *correct* gallery URL. Submitting as soon as trybots pass. On 2010/07/19 ...
10 years, 5 months ago (2010-07-20 00:57:42 UTC) #3
akalin
Tightened check per inferno's comments. +inferno for sec review, +asargent for extensions stuff. Tim, please ...
10 years, 5 months ago (2010-07-20 01:27:26 UTC) #4
akalin
+inferno, asargent for review
10 years, 5 months ago (2010-07-20 01:27:56 UTC) #5
inferno
LGTM. On 2010/07/20 01:27:56, akalin wrote: > +inferno, asargent for review
10 years, 5 months ago (2010-07-20 01:32:56 UTC) #6
akalin
asargent, tim, ping! On 2010/07/20 01:32:56, inferno wrote: > LGTM. > > On 2010/07/20 01:27:56, ...
10 years, 5 months ago (2010-07-20 17:56:11 UTC) #7
asargent_no_longer_on_chrome
lgtm. Sorry for the delay, I didn't realize this was a separate codereview from yesterday's.
10 years, 5 months ago (2010-07-20 18:08:25 UTC) #8
asargent_no_longer_on_chrome
10 years, 5 months ago (2010-07-20 18:08:37 UTC) #9 
http://codereview.chromium.org/2884025/diff/3002/19001
File chrome/browser/extensions/extension_updater.cc (right):

http://codereview.chromium.org/2884025/diff/3002/19001#newcode240
chrome/browser/extensions/extension_updater.cc:240: update_url =
GURL(extension_urls::kGalleryUpdateHttpUrl);
FYI, we intentionally picked the http one here because extension updating relies
on the keypair used to sign the crx files. If we find we need to switch to
https, we should touch base with the Omaha folks to make sure they can handle
the extra load, and we might consider using https only for the sync case or
something.

Powered by Google App Engine
This is Rietveld 408576698