Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(66)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.cc

Issue 11938007: Don't use request user data during one-click sign in (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address review comments Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/profiles/profile_io_data.h ('k') | chrome/browser/ui/sync/one_click_signin_helper.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate. h" 5 #include "chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate. h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 381 matching lines...) Expand 10 before | Expand all | Expand 10 after
392 } 392 }
393 } 393 }
394 } 394 }
395 395
396 // See if the response contains the X-Auto-Login header. If so, this was 396 // See if the response contains the X-Auto-Login header. If so, this was
397 // a request for a login page, and the server is allowing the browser to 397 // a request for a login page, and the server is allowing the browser to
398 // suggest auto-login, if available. 398 // suggest auto-login, if available.
399 AutoLoginPrompter::ShowInfoBarIfPossible(request, info->GetChildID(), 399 AutoLoginPrompter::ShowInfoBarIfPossible(request, info->GetChildID(),
400 info->GetRouteID()); 400 info->GetRouteID());
401 401
402 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
403
402 #if defined(ENABLE_ONE_CLICK_SIGNIN) 404 #if defined(ENABLE_ONE_CLICK_SIGNIN)
403 // See if the response contains the Google-Accounts-SignIn header. If so, 405 // See if the response contains the Google-Accounts-SignIn header. If so,
404 // then the user has just finished signing in, and the server is allowing the 406 // then the user has just finished signing in, and the server is allowing the
405 // browser to suggest connecting the user's profile to the account. 407 // browser to suggest connecting the user's profile to the account.
406 OneClickSigninHelper::ShowInfoBarIfPossible(request, info->GetChildID(), 408 OneClickSigninHelper::ShowInfoBarIfPossible(request, io_data,
409 info->GetChildID(),
407 info->GetRouteID()); 410 info->GetRouteID());
408 #endif 411 #endif
409 412
410 // Build in additional protection for the chrome web store origin. 413 // Build in additional protection for the chrome web store origin.
411 GURL webstore_url(extension_urls::GetWebstoreLaunchURL()); 414 GURL webstore_url(extension_urls::GetWebstoreLaunchURL());
412 if (request->url().DomainIs(webstore_url.host().c_str())) { 415 if (request->url().DomainIs(webstore_url.host().c_str())) {
413 net::HttpResponseHeaders* response_headers = request->response_headers(); 416 net::HttpResponseHeaders* response_headers = request->response_headers();
414 if (!response_headers->HasHeaderValue("x-frame-options", "deny") && 417 if (!response_headers->HasHeaderValue("x-frame-options", "deny") &&
415 !response_headers->HasHeaderValue("x-frame-options", "sameorigin")) { 418 !response_headers->HasHeaderValue("x-frame-options", "sameorigin")) {
416 response_headers->RemoveHeader("x-frame-options"); 419 response_headers->RemoveHeader("x-frame-options");
417 response_headers->AddHeader("x-frame-options: sameorigin"); 420 response_headers->AddHeader("x-frame-options: sameorigin");
418 } 421 }
419 } 422 }
420 423
421 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
422 if (io_data->resource_prefetch_predictor_observer()) 424 if (io_data->resource_prefetch_predictor_observer())
423 io_data->resource_prefetch_predictor_observer()->OnResponseStarted(request); 425 io_data->resource_prefetch_predictor_observer()->OnResponseStarted(request);
424 426
425 prerender::URLRequestResponseStarted(request); 427 prerender::URLRequestResponseStarted(request);
426 } 428 }
427 429
428 void ChromeResourceDispatcherHostDelegate::OnRequestRedirected( 430 void ChromeResourceDispatcherHostDelegate::OnRequestRedirected(
429 const GURL& redirect_url, 431 const GURL& redirect_url,
430 net::URLRequest* request, 432 net::URLRequest* request,
431 content::ResourceContext* resource_context, 433 content::ResourceContext* resource_context,
432 content::ResourceResponse* response) { 434 content::ResourceResponse* response) {
433 LoadTimingObserver::PopulateTimingInfo(request, response); 435 LoadTimingObserver::PopulateTimingInfo(request, response);
434 436
437 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
438
435 #if defined(ENABLE_ONE_CLICK_SIGNIN) 439 #if defined(ENABLE_ONE_CLICK_SIGNIN)
436 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request); 440 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request);
437 441
438 AppendChromeSyncGaiaHeader(request, resource_context); 442 AppendChromeSyncGaiaHeader(request, resource_context);
439 443
440 // See if the response contains the Google-Accounts-SignIn header. If so, 444 // See if the response contains the Google-Accounts-SignIn header. If so,
441 // then the user has just finished signing in, and the server is allowing the 445 // then the user has just finished signing in, and the server is allowing the
442 // browser to suggest connecting the user's profile to the account. 446 // browser to suggest connecting the user's profile to the account.
443 OneClickSigninHelper::ShowInfoBarIfPossible(request, info->GetChildID(), 447 OneClickSigninHelper::ShowInfoBarIfPossible(request, io_data,
448 info->GetChildID(),
444 info->GetRouteID()); 449 info->GetRouteID());
445 #endif 450 #endif
446 451
447 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
448 if (io_data->resource_prefetch_predictor_observer()) { 452 if (io_data->resource_prefetch_predictor_observer()) {
449 io_data->resource_prefetch_predictor_observer()->OnRequestRedirected( 453 io_data->resource_prefetch_predictor_observer()->OnRequestRedirected(
450 redirect_url, request); 454 redirect_url, request);
451 } 455 }
452 } 456 }
OLDNEW
« no previous file with comments | « chrome/browser/profiles/profile_io_data.h ('k') | chrome/browser/ui/sync/one_click_signin_helper.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698