chrome/browser/chrome_content_browser_client.cc - Issue 15017018: Prevent unauthorized commits of the Chrome Web Store URL.

Side by Side Diff: chrome/browser/chrome_content_browser_client.cc

Issue 15017018: Prevent unauthorized commits of the Chrome Web Store URL. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Initial patch Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | content/browser/renderer_host/render_view_host_impl.h » ('j') | content/browser/renderer_host/render_view_host_impl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/chrome_content_browser_client.h"	5 #include "chrome/browser/chrome_content_browser_client.h"

6	6

7 #include <set>	7 #include <set>

8 #include <utility>	8 #include <utility>

9 #include <vector>	9 #include <vector>

10	10

(...skipping 864 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
875 content::ProtocolHandlerMap* protocol_handlers) {	875 content::ProtocolHandlerMap* protocol_handlers) {

876 Profile* profile = Profile::FromBrowserContext(browser_context);	876 Profile* profile = Profile::FromBrowserContext(browser_context);

877 return profile->CreateRequestContextForStoragePartition(	877 return profile->CreateRequestContextForStoragePartition(

878 partition_path, in_memory, protocol_handlers);	878 partition_path, in_memory, protocol_handlers);

879 }	879 }

880	880

881 bool ChromeContentBrowserClient::IsHandledURL(const GURL& url) {	881 bool ChromeContentBrowserClient::IsHandledURL(const GURL& url) {

882 return ProfileIOData::IsHandledURL(url);	882 return ProfileIOData::IsHandledURL(url);

883 }	883 }

884	884

	885 bool ChromeContentBrowserClient::CanCommitURL(

	886 content::RenderProcessHost* process_host,

	887 const GURL& url) {

	888 // We need to let most extension URLs commit in any process, since this can

	889 // be allowed due to web_accessible_resources. Most hosted app URLs may also

	890 // load in any process (e.g., in an iframe). However, the Chrome Web Store

	891 // cannot be loaded in iframes and should never be requested outside its

	892 // process.

	893 Profile* profile =

	894 Profile::FromBrowserContext(process_host->GetBrowserContext());

	895 ExtensionService* service =

	896 extensions::ExtensionSystem::Get(profile)->extension_service();

	897 if (!service)

	898 return true;

	899 const Extension* new_extension =
	nasko 2013/05/10 20:37:34 Nit: any reason why this is called new_extension? Nit: any reason why this is called new_extension? What is "new" about it? Charlie Reis 2013/05/10 22:35:01 It distinguishes it from any current extension tha Show quoted text On 2013/05/10 20:37:34, nasko wrote: > Nit: any reason why this is called new_extension? What is "new" about it? It distinguishes it from any current extension that might be in \|process_host\| (i.e., it refers to the extension of the destination URL). Same convention as in ShouldSwapProcessesForNavigation below, but a slightly different check.
	900 service->extensions()->GetExtensionOrAppByURL(ExtensionURLInfo(url));

	901 if (new_extension &&

	902 new_extension->is_hosted_app() &&

	903 new_extension->id() == extension_misc::kWebStoreAppId &&

	904 !service->process_map()->Contains(new_extension->id(),

	905 process_host->GetID())) {

	906 return false;

	907 }

	908

	909 return true;

	910 }

	911

885 bool ChromeContentBrowserClient::IsSuitableHost(	912 bool ChromeContentBrowserClient::IsSuitableHost(

886 content::RenderProcessHost* process_host,	913 content::RenderProcessHost* process_host,

887 const GURL& site_url) {	914 const GURL& site_url) {

888 Profile* profile =	915 Profile* profile =

889 Profile::FromBrowserContext(process_host->GetBrowserContext());	916 Profile::FromBrowserContext(process_host->GetBrowserContext());

890 // This may be NULL during tests. In that case, just assume any site can	917 // This may be NULL during tests. In that case, just assume any site can

891 // share any host.	918 // share any host.

892 if (!profile)	919 if (!profile)

893 return true;	920 return true;

894	921

(...skipping 1393 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
2288 #if defined(USE_NSS)	2315 #if defined(USE_NSS)

2289 crypto::CryptoModuleBlockingPasswordDelegate*	2316 crypto::CryptoModuleBlockingPasswordDelegate*

2290 ChromeContentBrowserClient::GetCryptoPasswordDelegate(	2317 ChromeContentBrowserClient::GetCryptoPasswordDelegate(

2291 const GURL& url) {	2318 const GURL& url) {

2292 return chrome::NewCryptoModuleBlockingDialogDelegate(	2319 return chrome::NewCryptoModuleBlockingDialogDelegate(

2293 chrome::kCryptoModulePasswordKeygen, url.host());	2320 chrome::kCryptoModulePasswordKeygen, url.host());

2294 }	2321 }

2295 #endif	2322 #endif

2296	2323

2297 } // namespace chrome	2324 } // namespace chrome

OLD	NEW