Index: chrome/common/chrome_switches.cc |
diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc |
index a2dba9f7dcd11a241cb4f717b10053cb9b81e3fc..a9ae1e72615af0f3d930ae9ae840868344839f88 100644 |
--- a/chrome/common/chrome_switches.cc |
+++ b/chrome/common/chrome_switches.cc |
@@ -84,6 +84,12 @@ const char kAppsGalleryDownloadURL[] = "apps-gallery-download-url"; |
// confirmation dialog. A value of 'accept' means to always act as if the dialog |
// was accepted, and 'cancel' means to always act as if the dialog was |
// cancelled. |
+// |
+// TODO (rdevlin.cronin): Remove this. |
+// This is not a good use of a command-line flag, as it would be equally |
+// effective as a global boolean. Additionally, this opens up a dangerous way |
+// for attackers to append a commandline flag and circumvent all user action for |
+// installing an extension. |
const char kAppsGalleryInstallAutoConfirmForTests[] = |
"apps-gallery-install-auto-confirm-for-tests"; |