Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(273)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.cc

Issue 11938007: Don't use request user data during one-click sign in (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address review comments Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/browser/profiles/profile_io_data.h ('K') | « chrome/browser/profiles/profile_io_data.h ('k') | chrome/browser/ui/sync/one_click_signin_helper.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate. h" 5 #include "chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate. h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 378 matching lines...) Expand 10 before | Expand all | Expand 10 after
389 } 389 }
390 } 390 }
391 } 391 }
392 392
393 // See if the response contains the X-Auto-Login header. If so, this was 393 // See if the response contains the X-Auto-Login header. If so, this was
394 // a request for a login page, and the server is allowing the browser to 394 // a request for a login page, and the server is allowing the browser to
395 // suggest auto-login, if available. 395 // suggest auto-login, if available.
396 AutoLoginPrompter::ShowInfoBarIfPossible(request, info->GetChildID(), 396 AutoLoginPrompter::ShowInfoBarIfPossible(request, info->GetChildID(),
397 info->GetRouteID()); 397 info->GetRouteID());
398 398
399 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
400
399 #if defined(ENABLE_ONE_CLICK_SIGNIN) 401 #if defined(ENABLE_ONE_CLICK_SIGNIN)
400 // See if the response contains the Google-Accounts-SignIn header. If so, 402 // See if the response contains the Google-Accounts-SignIn header. If so,
401 // then the user has just finished signing in, and the server is allowing the 403 // then the user has just finished signing in, and the server is allowing the
402 // browser to suggest connecting the user's profile to the account. 404 // browser to suggest connecting the user's profile to the account.
403 OneClickSigninHelper::ShowInfoBarIfPossible(request, info->GetChildID(), 405 OneClickSigninHelper::ShowInfoBarIfPossible(request, io_data,
406 info->GetChildID(),
404 info->GetRouteID()); 407 info->GetRouteID());
405 #endif 408 #endif
406 409
407 // Build in additional protection for the chrome web store origin. 410 // Build in additional protection for the chrome web store origin.
408 GURL webstore_url(extension_urls::GetWebstoreLaunchURL()); 411 GURL webstore_url(extension_urls::GetWebstoreLaunchURL());
409 if (request->url().DomainIs(webstore_url.host().c_str())) { 412 if (request->url().DomainIs(webstore_url.host().c_str())) {
410 net::HttpResponseHeaders* response_headers = request->response_headers(); 413 net::HttpResponseHeaders* response_headers = request->response_headers();
411 if (!response_headers->HasHeaderValue("x-frame-options", "deny") && 414 if (!response_headers->HasHeaderValue("x-frame-options", "deny") &&
412 !response_headers->HasHeaderValue("x-frame-options", "sameorigin")) { 415 !response_headers->HasHeaderValue("x-frame-options", "sameorigin")) {
413 response_headers->RemoveHeader("x-frame-options"); 416 response_headers->RemoveHeader("x-frame-options");
414 response_headers->AddHeader("x-frame-options: sameorigin"); 417 response_headers->AddHeader("x-frame-options: sameorigin");
415 } 418 }
416 } 419 }
417 420
418 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
419 if (io_data->resource_prefetch_predictor_observer()) 421 if (io_data->resource_prefetch_predictor_observer())
420 io_data->resource_prefetch_predictor_observer()->OnResponseStarted(request); 422 io_data->resource_prefetch_predictor_observer()->OnResponseStarted(request);
421 423
422 prerender::URLRequestResponseStarted(request); 424 prerender::URLRequestResponseStarted(request);
423 } 425 }
424 426
425 void ChromeResourceDispatcherHostDelegate::OnRequestRedirected( 427 void ChromeResourceDispatcherHostDelegate::OnRequestRedirected(
426 const GURL& redirect_url, 428 const GURL& redirect_url,
427 net::URLRequest* request, 429 net::URLRequest* request,
428 content::ResourceContext* resource_context, 430 content::ResourceContext* resource_context,
429 content::ResourceResponse* response) { 431 content::ResourceResponse* response) {
430 LoadTimingObserver::PopulateTimingInfo(request, response); 432 LoadTimingObserver::PopulateTimingInfo(request, response);
431 433
434 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
435
432 #if defined(ENABLE_ONE_CLICK_SIGNIN) 436 #if defined(ENABLE_ONE_CLICK_SIGNIN)
433 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request); 437 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request);
434 438
435 AppendChromeSyncGaiaHeader(request, resource_context); 439 AppendChromeSyncGaiaHeader(request, resource_context);
436 440
437 // See if the response contains the Google-Accounts-SignIn header. If so, 441 // See if the response contains the Google-Accounts-SignIn header. If so,
438 // then the user has just finished signing in, and the server is allowing the 442 // then the user has just finished signing in, and the server is allowing the
439 // browser to suggest connecting the user's profile to the account. 443 // browser to suggest connecting the user's profile to the account.
440 OneClickSigninHelper::ShowInfoBarIfPossible(request, info->GetChildID(), 444 OneClickSigninHelper::ShowInfoBarIfPossible(request, io_data,
445 info->GetChildID(),
441 info->GetRouteID()); 446 info->GetRouteID());
442 #endif 447 #endif
443 448
444 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
445 if (io_data->resource_prefetch_predictor_observer()) { 449 if (io_data->resource_prefetch_predictor_observer()) {
446 io_data->resource_prefetch_predictor_observer()->OnRequestRedirected( 450 io_data->resource_prefetch_predictor_observer()->OnRequestRedirected(
447 redirect_url, request); 451 redirect_url, request);
448 } 452 }
449 } 453 }
OLDNEW
« chrome/browser/profiles/profile_io_data.h ('K') | « chrome/browser/profiles/profile_io_data.h ('k') | chrome/browser/ui/sync/one_click_signin_helper.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698