| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/browser/updater/extension_downloader.h" | 5 #include "extensions/browser/updater/extension_downloader.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 261 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 272 | 272 |
| 273 void ExtensionDownloader::StartBlacklistUpdate( | 273 void ExtensionDownloader::StartBlacklistUpdate( |
| 274 const std::string& version, | 274 const std::string& version, |
| 275 const ManifestFetchData::PingData& ping_data, | 275 const ManifestFetchData::PingData& ping_data, |
| 276 int request_id) { | 276 int request_id) { |
| 277 // Note: it is very important that we use the https version of the update | 277 // Note: it is very important that we use the https version of the update |
| 278 // url here to avoid DNS hijacking of the blacklist, which is not validated | 278 // url here to avoid DNS hijacking of the blacklist, which is not validated |
| 279 // by a public key signature like .crx files are. | 279 // by a public key signature like .crx files are. |
| 280 scoped_ptr<ManifestFetchData> blacklist_fetch(CreateManifestFetchData( | 280 scoped_ptr<ManifestFetchData> blacklist_fetch(CreateManifestFetchData( |
| 281 extension_urls::GetWebstoreUpdateUrl(), request_id)); | 281 extension_urls::GetWebstoreUpdateUrl(), request_id)); |
| 282 DCHECK(blacklist_fetch->base_url().SchemeIsSecure()); | 282 DCHECK(blacklist_fetch->base_url().SchemeIsCryptographic()); |
| 283 blacklist_fetch->AddExtension(kBlacklistAppID, | 283 blacklist_fetch->AddExtension(kBlacklistAppID, |
| 284 version, | 284 version, |
| 285 &ping_data, | 285 &ping_data, |
| 286 std::string(), | 286 std::string(), |
| 287 kDefaultInstallSource, | 287 kDefaultInstallSource, |
| 288 false); | 288 false); |
| 289 StartUpdateCheck(blacklist_fetch.Pass()); | 289 StartUpdateCheck(blacklist_fetch.Pass()); |
| 290 } | 290 } |
| 291 | 291 |
| 292 void ExtensionDownloader::SetWebstoreIdentityProvider( | 292 void ExtensionDownloader::SetWebstoreIdentityProvider( |
| (...skipping 13 matching lines...) Expand all Loading... |
| 306 GURL update_url(extension_update_url); | 306 GURL update_url(extension_update_url); |
| 307 // Skip extensions with non-empty invalid update URLs. | 307 // Skip extensions with non-empty invalid update URLs. |
| 308 if (!update_url.is_empty() && !update_url.is_valid()) { | 308 if (!update_url.is_empty() && !update_url.is_valid()) { |
| 309 LOG(WARNING) << "Extension " << id << " has invalid update url " | 309 LOG(WARNING) << "Extension " << id << " has invalid update url " |
| 310 << update_url; | 310 << update_url; |
| 311 return false; | 311 return false; |
| 312 } | 312 } |
| 313 | 313 |
| 314 // Make sure we use SSL for store-hosted extensions. | 314 // Make sure we use SSL for store-hosted extensions. |
| 315 if (extension_urls::IsWebstoreUpdateUrl(update_url) && | 315 if (extension_urls::IsWebstoreUpdateUrl(update_url) && |
| 316 !update_url.SchemeIsSecure()) | 316 !update_url.SchemeIsCryptographic()) |
| 317 update_url = extension_urls::GetWebstoreUpdateUrl(); | 317 update_url = extension_urls::GetWebstoreUpdateUrl(); |
| 318 | 318 |
| 319 // Skip extensions with empty IDs. | 319 // Skip extensions with empty IDs. |
| 320 if (id.empty()) { | 320 if (id.empty()) { |
| 321 LOG(WARNING) << "Found extension with empty ID"; | 321 LOG(WARNING) << "Found extension with empty ID"; |
| 322 return false; | 322 return false; |
| 323 } | 323 } |
| 324 | 324 |
| 325 if (update_url.DomainIs(kGoogleDotCom)) { | 325 if (update_url.DomainIs(kGoogleDotCom)) { |
| 326 url_stats_.google_url_count++; | 326 url_stats_.google_url_count++; |
| (...skipping 255 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 582 GURL crx_url = update->crx_url; | 582 GURL crx_url = update->crx_url; |
| 583 if (id != kBlacklistAppID) { | 583 if (id != kBlacklistAppID) { |
| 584 NotifyUpdateFound(update->extension_id, update->version); | 584 NotifyUpdateFound(update->extension_id, update->version); |
| 585 } else { | 585 } else { |
| 586 // The URL of the blacklist file is returned by the server and we need to | 586 // The URL of the blacklist file is returned by the server and we need to |
| 587 // be sure that we continue to be able to reliably detect whether a URL | 587 // be sure that we continue to be able to reliably detect whether a URL |
| 588 // references a blacklist file. | 588 // references a blacklist file. |
| 589 DCHECK(extension_urls::IsBlacklistUpdateUrl(crx_url)) << crx_url; | 589 DCHECK(extension_urls::IsBlacklistUpdateUrl(crx_url)) << crx_url; |
| 590 | 590 |
| 591 // Force https (crbug.com/129587). | 591 // Force https (crbug.com/129587). |
| 592 if (!crx_url.SchemeIsSecure()) { | 592 if (!crx_url.SchemeIsCryptographic()) { |
| 593 url::Replacements<char> replacements; | 593 url::Replacements<char> replacements; |
| 594 std::string scheme("https"); | 594 std::string scheme("https"); |
| 595 replacements.SetScheme(scheme.c_str(), | 595 replacements.SetScheme(scheme.c_str(), |
| 596 url::Component(0, scheme.size())); | 596 url::Component(0, scheme.size())); |
| 597 crx_url = crx_url.ReplaceComponents(replacements); | 597 crx_url = crx_url.ReplaceComponents(replacements); |
| 598 } | 598 } |
| 599 } | 599 } |
| 600 scoped_ptr<ExtensionFetch> fetch( | 600 scoped_ptr<ExtensionFetch> fetch( |
| 601 new ExtensionFetch(update->extension_id, crx_url, update->package_hash, | 601 new ExtensionFetch(update->extension_id, crx_url, update->package_hash, |
| 602 update->version, fetch_data->request_ids())); | 602 update->version, fetch_data->request_ids())); |
| (...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 759 } | 759 } |
| 760 | 760 |
| 761 void ExtensionDownloader::CreateExtensionFetcher() { | 761 void ExtensionDownloader::CreateExtensionFetcher() { |
| 762 const ExtensionFetch* fetch = extensions_queue_.active_request(); | 762 const ExtensionFetch* fetch = extensions_queue_.active_request(); |
| 763 extension_fetcher_ = net::URLFetcher::Create(kExtensionFetcherId, fetch->url, | 763 extension_fetcher_ = net::URLFetcher::Create(kExtensionFetcherId, fetch->url, |
| 764 net::URLFetcher::GET, this); | 764 net::URLFetcher::GET, this); |
| 765 extension_fetcher_->SetRequestContext(request_context_.get()); | 765 extension_fetcher_->SetRequestContext(request_context_.get()); |
| 766 extension_fetcher_->SetAutomaticallyRetryOnNetworkChanges(3); | 766 extension_fetcher_->SetAutomaticallyRetryOnNetworkChanges(3); |
| 767 | 767 |
| 768 int load_flags = net::LOAD_DISABLE_CACHE; | 768 int load_flags = net::LOAD_DISABLE_CACHE; |
| 769 bool is_secure = fetch->url.SchemeIsSecure(); | 769 bool is_secure = fetch->url.SchemeIsCryptographic(); |
| 770 if (fetch->credentials != ExtensionFetch::CREDENTIALS_COOKIES || !is_secure) { | 770 if (fetch->credentials != ExtensionFetch::CREDENTIALS_COOKIES || !is_secure) { |
| 771 load_flags |= net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SAVE_COOKIES; | 771 load_flags |= net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SAVE_COOKIES; |
| 772 } | 772 } |
| 773 extension_fetcher_->SetLoadFlags(load_flags); | 773 extension_fetcher_->SetLoadFlags(load_flags); |
| 774 | 774 |
| 775 // Download CRX files to a temp file. The blacklist is small and will be | 775 // Download CRX files to a temp file. The blacklist is small and will be |
| 776 // processed in memory, so it is fetched into a string. | 776 // processed in memory, so it is fetched into a string. |
| 777 if (fetch->id != kBlacklistAppID) { | 777 if (fetch->id != kBlacklistAppID) { |
| 778 extension_fetcher_->SaveResponseToTemporaryFile( | 778 extension_fetcher_->SaveResponseToTemporaryFile( |
| 779 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE)); | 779 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::FILE)); |
| (...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 968 const GURL& update_url, | 968 const GURL& update_url, |
| 969 int request_id) { | 969 int request_id) { |
| 970 ManifestFetchData::PingMode ping_mode = ManifestFetchData::NO_PING; | 970 ManifestFetchData::PingMode ping_mode = ManifestFetchData::NO_PING; |
| 971 if (update_url.DomainIs(ping_enabled_domain_.c_str())) | 971 if (update_url.DomainIs(ping_enabled_domain_.c_str())) |
| 972 ping_mode = ManifestFetchData::PING_WITH_ENABLED_STATE; | 972 ping_mode = ManifestFetchData::PING_WITH_ENABLED_STATE; |
| 973 return new ManifestFetchData( | 973 return new ManifestFetchData( |
| 974 update_url, request_id, brand_code_, manifest_query_params_, ping_mode); | 974 update_url, request_id, brand_code_, manifest_query_params_, ping_mode); |
| 975 } | 975 } |
| 976 | 976 |
| 977 } // namespace extensions | 977 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1136643004:
Switch remaining functions from SchemeIsSecure() to SchemeIsCryptographic(). (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master