Add origin of settings reset request to feedback reports.

chrome/browser/ui/startup/startup_browser_creator.cc

Index: chrome/browser/ui/startup/startup_browser_creator.cc
diff --git a/chrome/browser/ui/startup/startup_browser_creator.cc b/chrome/browser/ui/startup/startup_browser_creator.cc
index 639d5b2cb93b32b163a02154077598946e5bb364..7f5498d06b54f927bc75f279be528c6cf24e3d93 100644
--- a/chrome/browser/ui/startup/startup_browser_creator.cc
+++ b/chrome/browser/ui/startup/startup_browser_creator.cc
@@ -30,6 +30,7 @@
 #include "base/strings/string_split.h"
 #include "base/strings/string_tokenizer.h"
 #include "base/strings/string_util.h"
+#include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/threading/thread_restrictions.h"
 #include "base/trace_event/trace_event.h"
@@ -525,22 +526,32 @@ std::vector<GURL> StartupBrowserCreator::GetURLsFromCommandLine(
     if (!url.is_valid())
       continue;
 
+    bool url_points_to_an_approved_settings_page = false;
+#if defined(OS_CHROMEOS)
+    // In ChromeOS, allow any settings page to be specified on the command
+    // line. See ExistingUserController::OnLoginSuccess.
+    url_points_to_an_approved_settings_page = base::StartsWith(
+        url.spec(), chrome::kChromeUISettingsURL, base::CompareCase::SENSITIVE);
+#else
+    // Exposed for external cleaners to offer a settings reset to the
+    // user. The allowed URLs must match exactly.
+    std::string reset_settings_url(chrome::kChromeUISettingsURL);
+    reset_settings_url += chrome::kResetProfileSettingsSubPage;
+    url_points_to_an_approved_settings_page = url.spec() == reset_settings_url;
+#if defined(OS_WIN)
+    // On Windows, also allow a hash for the Chrome Cleanup Tool.
+    url_points_to_an_approved_settings_page =
+        url_points_to_an_approved_settings_page ||
+        url.spec() == reset_settings_url + "#cct";

[Dan Beam, 2016/09/06 19:35:18]

I think using GURL's == or .Resolve() (or maybe += does the same) are better
than the string concatenation you're doing in some of this code.  I don't really
care what previous code does (you can leave it if you'd like).  Propagating
lends legitimacy.

[alito, 2016/09/16 02:10:37]

Changed to use GURL for comparisons instead. Please take a careful look :-).

+#else
+#endif  // defined(OS_WIN)
+#endif  // defined(OS_CHROMEOS)
+
     ChildProcessSecurityPolicy* policy =
         ChildProcessSecurityPolicy::GetInstance();
     if (policy->IsWebSafeScheme(url.scheme()) ||
         url.SchemeIs(url::kFileScheme) ||
-#if defined(OS_CHROMEOS)
-        // In ChromeOS, allow any settings page to be specified on the command
-        // line. See ExistingUserController::OnLoginSuccess.
-        base::StartsWith(url.spec(), chrome::kChromeUISettingsURL,
-                         base::CompareCase::SENSITIVE) ||
-#else
-        // Exposed for external cleaners to offer a settings reset to the
-        // user. So the URL must match exactly, without any param or prefix.
-        (url.spec() ==
-         std::string(chrome::kChromeUISettingsURL) +
-             chrome::kResetProfileSettingsSubPage) ||
-#endif
+        url_points_to_an_approved_settings_page ||
         (url.spec().compare(url::kAboutBlankURL) == 0)) {
       urls.push_back(url);
     }