X-Chrome-Connected is stripped when it should not be in headers.

components/signin/core/browser/signin_header_helper.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/signin/core/browser/signin_header_helper.h"
 
 #include <stddef.h>
 
 #include "base/macros.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_split.h"
 #include "base/strings/stringprintf.h"
 #include "build/build_config.h"
 #include "components/content_settings/core/browser/cookie_settings.h"
 #include "components/google/core/browser/google_util.h"
 #include "components/signin/core/common/profile_management_switches.h"
 #include "google_apis/gaia/gaia_auth_util.h"
 #include "google_apis/gaia/gaia_urls.h"
 #include "net/base/escape.h"
 #include "net/http/http_response_headers.h"
 #include "net/url_request/url_request.h"
 #include "url/gurl.h"
 
 namespace {
 
 // Dictionary of fields in a mirror response header.
 typedef std::map<std::string, std::string> MirrorResponseHeaderDictionary;
 
-const char kChromeConnectedHeader[] = "X-Chrome-Connected";
 const char kChromeManageAccountsHeader[] = "X-Chrome-Manage-Accounts";
 const char kContinueUrlAttrName[] = "continue_url";
 const char kEmailAttrName[] = "email";
 const char kEnableAccountConsistencyAttrName[] = "enable_account_consistency";
 const char kGaiaIdAttrName[] = "id";
 const char kProfileModeAttrName[] = "mode";
 const char kIsSameTabAttrName[] = "is_same_tab";
 const char kIsSamlAttrName[] = "is_saml";
 const char kServiceTypeAttrName[] = "action";
 
@@ skipping 53 matching lines @@
     const content_settings::CookieSettings* cookie_settings,
     int profile_mode_mask) {
   if (account_id.empty())
     return std::string();
 
   // If signin cookies are not allowed, don't add the header.
   if (!signin::SettingsAllowSigninCookies(cookie_settings)) {
     return std::string();
   }
 
-  // Only set the header for Drive and Gaia always, and other Google properties
-  // if account consistency is enabled.
-  // Vasquette, which is integrated with most Google properties, needs the
-  // header to redirect certain user actions to Chrome native UI. Drive and Gaia
-  // need the header to tell if the current user is connected. The drive path is
-  // a temporary workaround until the more generic chrome.principals API is
-  // available.
-  GURL origin(url.GetOrigin());
-  bool is_enable_account_consistency = switches::IsEnableAccountConsistency();
-  bool is_google_url = is_enable_account_consistency &&
-                       (google_util::IsGoogleDomainUrl(
-                            url, google_util::ALLOW_SUBDOMAIN,
-                            google_util::DISALLOW_NON_STANDARD_PORTS) ||
-                        google_util::IsYoutubeDomainUrl(
-                            url, google_util::ALLOW_SUBDOMAIN,
-                            google_util::DISALLOW_NON_STANDARD_PORTS));
-  if (!is_google_url && !IsDriveOrigin(origin) &&
-      !gaia::IsGaiaSignonRealm(origin)) {
+  // Check if url is elligible for the header.
+  if (!signin::IsUrlEligibleForXChromeConnectedHeader(url))
     return std::string();
-  }
 
-  return base::StringPrintf(pattern, kGaiaIdAttrName, account_id.c_str(),
-                            kProfileModeAttrName,
-                            base::IntToString(profile_mode_mask).c_str(),
-                            kEnableAccountConsistencyAttrName,
-                            is_enable_account_consistency ? "true" : "false");
+  return base::StringPrintf(
+      pattern, kGaiaIdAttrName, account_id.c_str(), kProfileModeAttrName,
+      base::IntToString(profile_mode_mask).c_str(),
+      kEnableAccountConsistencyAttrName,
+      switches::IsEnableAccountConsistency() ? "true" : "false");
 }
 
 }  // namespace
 
 namespace signin {
 
+extern const char kChromeConnectedHeader[] = "X-Chrome-Connected";
+
 ManageAccountsParams::ManageAccountsParams()
     : service_type(GAIA_SERVICE_TYPE_NONE),
       email(""),
       is_saml(false),
       continue_url(""),
       is_same_tab(false) {
 #if !defined(OS_IOS)
   child_id = 0;
   route_id = 0;
 #endif  // !defined(OS_IOS)
@@ skipping 13 matching lines @@
 
 std::string BuildMirrorRequestCookieIfPossible(
     const GURL& url,
     const std::string& account_id,
     const content_settings::CookieSettings* cookie_settings,
     int profile_mode_mask) {
   return BuildMirrorRequestIfPossible("%s=%s:%s=%s:%s=%s", url, account_id,
                                       cookie_settings, profile_mode_mask);
   }
 
-bool AppendMirrorRequestHeaderIfPossible(
-    net::URLRequest* request,
-    const GURL& redirect_url,
-    const std::string& account_id,
-    const content_settings::CookieSettings* cookie_settings,
-    int profile_mode_mask) {
-  const GURL& url = redirect_url.is_empty() ? request->url() : redirect_url;
-  std::string header_value = BuildMirrorRequestIfPossible(
-      "%s=%s,%s=%s,%s=%s", url, account_id, cookie_settings, profile_mode_mask);
-  if (header_value.empty())
-    return false;
-  request->SetExtraRequestHeaderByName(kChromeConnectedHeader, header_value,
-                                       false);
-  return true;
+  bool AppendOrRemoveMirrorRequestHeaderIfPossible(
+      net::URLRequest* request,
+      const GURL& redirect_url,
+      const std::string& account_id,
+      const content_settings::CookieSettings* cookie_settings,
+      int profile_mode_mask) {
+    const GURL& url = redirect_url.is_empty() ? request->url() : redirect_url;
+    std::string header_value =
+        BuildMirrorRequestIfPossible("%s=%s,%s=%s,%s=%s", url, account_id,
+                                     cookie_settings, profile_mode_mask);
+    if (header_value.empty()) {
+      // If the request is being redirected, and it has the x-chrome-connected
+      // header, and current url is a Google URL, and the redirected one is not,
+      // remove the header.
+      if (!redirect_url.is_empty() &&
+          request->extra_request_headers().HasHeader(
+              signin::kChromeConnectedHeader) &&
+          signin::IsUrlEligibleForXChromeConnectedHeader(request->url()) &&
+          !signin::IsUrlEligibleForXChromeConnectedHeader(redirect_url)) {
+        request->RemoveRequestHeaderByName(signin::kChromeConnectedHeader);
+      }
+      return false;
+    }
+    request->SetExtraRequestHeaderByName(kChromeConnectedHeader, header_value,
+                                         false);
+    return true;
 }
 
 ManageAccountsParams BuildManageAccountsParams(
     const std::string& header_value) {
   signin::ManageAccountsParams params;
   MirrorResponseHeaderDictionary header_dictionary =
       ParseMirrorResponseHeader(header_value);
   MirrorResponseHeaderDictionary::const_iterator it = header_dictionary.begin();
   for (; it != header_dictionary.end(); ++it) {
     const std::string key_name(it->first);
@@ skipping 25 matching lines @@
   std::string header_value;
   if (!request->response_headers()->GetNormalizedHeader(
           kChromeManageAccountsHeader, &header_value)) {
     return empty_params;
   }
 
   DCHECK(switches::IsEnableAccountConsistency() && !is_off_the_record);
   return BuildManageAccountsParams(header_value);
 }
 
+// Checks if the url has the required properties to have an
+// X-CHROME-CONNECTED header.
+bool IsUrlEligibleForXChromeConnectedHeader(const GURL& url) {
+  // Only set the header for Drive and Gaia always, and other Google properties
+  // if account consistency is enabled.
+  // Vasquette, which is integrated with most Google properties, needs the
+  // header to redirect certain user actions to Chrome native UI. Drive and Gaia
+  // need the header to tell if the current user is connected. The drive path is
+  // a temporary workaround until the more generic chrome.principals API is
+  // available.
+
+  // Consider the account id sensitive and limit it to secure domains.
+  if (!url.SchemeIsCryptographic())
+    return false;
+
+  GURL origin(url.GetOrigin());
+  bool is_enable_account_consistency = switches::IsEnableAccountConsistency();
+  bool is_google_url = is_enable_account_consistency &&
+                       (google_util::IsGoogleDomainUrl(
+                            url, google_util::ALLOW_SUBDOMAIN,
+                            google_util::DISALLOW_NON_STANDARD_PORTS) ||
+                        google_util::IsYoutubeDomainUrl(
+                            url, google_util::ALLOW_SUBDOMAIN,
+                            google_util::DISALLOW_NON_STANDARD_PORTS));
+  return is_google_url || IsDriveOrigin(origin) ||
+         gaia::IsGaiaSignonRealm(origin);
+}
+
 }  // namespace signin