Expand whitelist for media stream APIs.

chrome/renderer/chrome_content_renderer_client.cc

Index: chrome/renderer/chrome_content_renderer_client.cc
diff --git a/chrome/renderer/chrome_content_renderer_client.cc b/chrome/renderer/chrome_content_renderer_client.cc
index eca884420b83a15ead218782a0842e3f96cf41fa..02b5c08774f3868b0dbf3e0d2dec31555ea69e67 100644
--- a/chrome/renderer/chrome_content_renderer_client.cc
+++ b/chrome/renderer/chrome_content_renderer_client.cc
@@ -774,16 +774,22 @@ bool ChromeContentRendererClient::IsNaClAllowed(
     bool is_nacl_unrestricted,
     const Extension* extension,
     WebPluginParams* params) {
-  // Temporarily allow these URLs to run NaCl apps, as long as the manifest is
-  // also whitelisted. We should remove this code when PNaCl ships.
-  bool is_whitelisted_url =
+  // Temporarily allow these whitelisted apps to use NaCl.
+  std::string manifest_url_path = manifest_url.path();
+  bool is_whitelisted_app =
+      // Whitelisted apps must be served over https.
       app_url.SchemeIs("https") &&
-      (app_url.host() == "plus.google.com" ||
-       app_url.host() == "plus.sandbox.google.com") &&
       manifest_url.SchemeIs("https") &&
-      manifest_url.host() == "ssl.gstatic.com" &&
-      ((manifest_url.path().find("s2/oz/nacl/") == 1) ||
-       (manifest_url.path().find("photos/nacl/") == 1));
+      // Photos app.
+      (((app_url.DomainIs("plus.google.com") ||
+         app_url.DomainIs("plus.sandbox.google.com")) &&
+       manifest_url.DomainIs("ssl.gstatic.com") &&
+      (manifest_url_path.find("s2/oz/nacl/") == 1 ||
+       manifest_url_path.find("photos/nacl/") == 1)) ||
+      // Hangouts app.

[darin (slow to review), 2013/09/16 19:37:44]

nit: "Hangouts" -> "Chat" since the URLs don't mention Hangouts.

[bbudge, 2013/09/16 19:47:51]

Done.

+      (EndsWith(app_url.host(), "talkgadget.google.com", false) &&
+       manifest_url.DomainIs("ssl.gstatic.com") &&
+       manifest_url_path.find("chat/apps/fx") == 1));
 
   bool is_extension_from_webstore =
       extension && extension->from_webstore();
@@ -810,7 +816,7 @@ bool ChromeContentRendererClient::IsNaClAllowed(
   // scheme. Also allow invocations if they are from whitelisted URLs or
   // if --enable-nacl is set.
   bool is_nacl_allowed = is_nacl_unrestricted ||
-                         is_whitelisted_url ||
+                         is_whitelisted_app ||
                          is_nacl_pdf_viewer ||
                          is_invoked_by_hosted_app ||
                          (is_invoked_by_extension &&
@@ -821,7 +827,7 @@ bool ChromeContentRendererClient::IsNaClAllowed(
     // Make sure that PPAPI 'dev' interfaces aren't available for production
     // apps unless they're whitelisted.
     WebString dev_attribute = WebString::fromUTF8("@dev");
-    if ((!is_whitelisted_url && !is_extension_from_webstore) ||
+    if ((!is_whitelisted_app && !is_extension_from_webstore) ||
         app_can_use_dev_interfaces) {
       // Add the special '@dev' attribute.
       std::vector<string16> param_names;
@@ -1286,12 +1292,11 @@ bool ChromeContentRendererClient::AllowBrowserPlugin(
 bool ChromeContentRendererClient::AllowPepperMediaStreamAPI(
     const GURL& url) {
 #if !defined(OS_ANDROID)
-  std::string host = url.host();
   // Allow only the Hangouts app to use the MediaStream APIs. It's OK to check
   // the whitelist in the renderer, since we're only preventing access until
   // these APIs are public and stable.
-  if (url.SchemeIs(extensions::kExtensionScheme) &&
-      !host.compare("hpcogiolnobbkijnnkdahioejpdcdoph")) {
+  if (url.SchemeIs("https") &&
+      url.DomainIs("talkgadget.google.com")) {

[juberti2, 2013/09/16 19:41:52]

I think this needs the EndsWith treatment too.

[bbudge, 2013/09/16 19:47:51]

Yep, good catch. Done.

     return true;
   }
   // Allow access for tests.