OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/extensions/device_local_account_management_pol
icy_provider.h" | 5 #include "chrome/browser/chromeos/extensions/device_local_account_management_pol
icy_provider.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <cstddef> | 9 #include <cstddef> |
10 #include <string> | 10 #include <string> |
(...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
120 "oflckobdemeldmjddmlbaiaookhhcngo", // Citrix Receiver QA version | 120 "oflckobdemeldmjddmlbaiaookhhcngo", // Citrix Receiver QA version |
121 "ljacajndfccfgnfohlgkdphmbnpkjflk", // Chrome Remote Desktop (Dev Build) | 121 "ljacajndfccfgnfohlgkdphmbnpkjflk", // Chrome Remote Desktop (Dev Build) |
122 }; | 122 }; |
123 | 123 |
124 // List of manifest entries from https://developer.chrome.com/apps/manifest. | 124 // List of manifest entries from https://developer.chrome.com/apps/manifest. |
125 // Unsafe entries are commented out and special cases too. | 125 // Unsafe entries are commented out and special cases too. |
126 const char* const kSafeManifestEntries[] = { | 126 const char* const kSafeManifestEntries[] = { |
127 // Special-cased in IsPlatformAppSafeForPublicSession(). | 127 // Special-cased in IsPlatformAppSafeForPublicSession(). |
128 // emk::kApp, | 128 // emk::kApp, |
129 | 129 |
130 // Special-cased in IsPlatformAppSafeForPublicSession(). | |
131 // emk::kManifestVersion, | |
132 | |
133 // Just a display string. | |
134 emk::kName, | |
135 | |
136 // Just a display string. | |
137 emk::kShortName, | |
138 | |
139 // Version string (for app updates). | |
140 emk::kVersion, | |
141 | |
142 // Name of directory containg default strings. | |
143 emk::kDefaultLocale, | |
144 | |
145 // An implementation detail (actually written by Chrome, not the app | |
146 // author). | |
147 emk::kCurrentLocale, | |
148 | |
149 // Just a display string. | |
150 emk::kDescription, | |
151 | |
152 // Just UX. | |
153 emk::kIcons, | |
154 | |
155 // Documented in https://developer.chrome.com/extensions/manifest but not | 130 // Documented in https://developer.chrome.com/extensions/manifest but not |
156 // implemented anywhere. Still, a lot of apps use it. | 131 // implemented anywhere. Still, a lot of apps use it. |
157 "author", | 132 "author", |
158 | 133 |
159 // TBD | 134 // TBD |
160 // emk::kBluetooth, | 135 // emk::kBluetooth, |
161 | 136 |
162 // TBD | 137 // TBD |
163 // emk::kCommands, | 138 // emk::kCommands, |
164 | 139 |
| 140 // An implementation detail (actually written by Chrome, not the app |
| 141 // author). |
| 142 emk::kCurrentLocale, |
| 143 |
| 144 // Name of directory containg default strings. |
| 145 emk::kDefaultLocale, |
| 146 |
| 147 // Just a display string. |
| 148 emk::kDescription, |
| 149 |
165 // TBD, looks unsafe | 150 // TBD, looks unsafe |
166 // emk::kEventRules, | 151 // emk::kEventRules, |
167 | 152 |
| 153 // Shared Modules configuration: Allow other extensions to access resources. |
| 154 emk::kExport, |
| 155 |
168 // TBD | 156 // TBD |
169 // emk::kExternallyConnectable, | 157 // emk::kExternallyConnectable, |
170 | 158 |
171 // TBD | 159 // TBD |
172 // emk::kFileHandlers, | 160 // emk::kFileHandlers, |
173 | 161 |
174 // TBD | 162 // TBD |
175 // emk::kFileSystemProviderCapabilities, | 163 // emk::kFileSystemProviderCapabilities, |
176 | 164 |
| 165 // Just UX. |
| 166 emk::kIcons, |
| 167 |
177 // Shared Modules configuration: Import resources from another extension. | 168 // Shared Modules configuration: Import resources from another extension. |
178 emk::kImport, | 169 emk::kImport, |
179 | 170 |
180 // Shared Modules configuration: Allow other extensions to access resources. | |
181 emk::kExport, | |
182 | |
183 // Shared Modules configuration: Specify extension id for development. | 171 // Shared Modules configuration: Specify extension id for development. |
184 emk::kKey, | 172 emk::kKey, |
185 | 173 |
186 // Descriptive statement about the app. | 174 // Descriptive statement about the app. |
187 emk::kKioskEnabled, | 175 emk::kKioskEnabled, |
188 | 176 |
189 // Contradicts the purpose of running inside a Public Session. | 177 // Contradicts the purpose of running inside a Public Session. |
190 // emk::kKioskOnly, | 178 // emk::kKioskOnly, |
191 | 179 |
| 180 // Special-cased in IsPlatformAppSafeForPublicSession(). |
| 181 // emk::kManifestVersion, |
| 182 |
192 // Descriptive statement about the app. | 183 // Descriptive statement about the app. |
193 emk::kMinimumChromeVersion, | 184 emk::kMinimumChromeVersion, |
194 | 185 |
195 // NaCl modules are bound to app permissions just like the rest of the app | 186 // NaCl modules are bound to app permissions just like the rest of the app |
196 // and thus should not pose a risk. | 187 // and thus should not pose a risk. |
197 emk::kNaClModules, | 188 emk::kNaClModules, |
198 | 189 |
| 190 // Just a display string. |
| 191 emk::kName, |
| 192 |
199 // TBD, doc missing | 193 // TBD, doc missing |
200 // emk::kOAuth2, | 194 // emk::kOAuth2, |
201 | 195 |
202 // Descriptive statement about the app. | 196 // Descriptive statement about the app. |
203 emk::kOfflineEnabled, | 197 emk::kOfflineEnabled, |
204 | 198 |
205 // Special-cased in IsPlatformAppSafeForPublicSession(). | 199 // Special-cased in IsPlatformAppSafeForPublicSession(). |
206 // emk::kOptionalPermissions, | 200 // emk::kOptionalPermissions, |
207 | 201 |
208 // Special-cased in IsPlatformAppSafeForPublicSession(). | 202 // Special-cased in IsPlatformAppSafeForPublicSession(). |
209 // emk::kPermissions, | 203 // emk::kPermissions, |
210 | 204 |
211 // No constant in manifest_constants.cc. | 205 // No constant in manifest_constants.cc. |
212 // "platforms", | 206 // "platforms", |
213 | 207 |
214 // Descriptive statement about the app. | 208 // Descriptive statement about the app. |
215 emk::kRequirements, | 209 emk::kRequirements, |
216 | 210 |
217 // Execute some pages in a separate sandbox. (Note: Using string literal | 211 // Execute some pages in a separate sandbox. (Note: Using string literal |
218 // since extensions::manifest_keys only has constants for sub-keys.) | 212 // since extensions::manifest_keys only has constants for sub-keys.) |
219 "sandbox", | 213 "sandbox", |
220 | 214 |
| 215 // Just a display string. |
| 216 emk::kShortName, |
| 217 |
221 // TBD, doc missing | 218 // TBD, doc missing |
222 // emk::kSignature, | 219 // emk::kSignature, |
223 | 220 |
224 // Network access. | 221 // Network access. |
225 emk::kSockets, | 222 emk::kSockets, |
226 | 223 |
227 // TBD. (Note: Using string literal since extensions::manifest_keys only | 224 // TBD. (Note: Using string literal since extensions::manifest_keys only |
228 // has constants for sub-keys.) | 225 // has constants for sub-keys.) |
229 // "storage", | 226 // "storage", |
230 | 227 |
231 // TBD, doc missing | 228 // TBD, doc missing |
232 // emk::kSystemIndicator, | 229 // emk::kSystemIndicator, |
233 | 230 |
234 // TODO(tnagel): Ensure that extension updates query UserMayLoad(). | 231 // TODO(tnagel): Ensure that extension updates query UserMayLoad(). |
235 // https://crbug.com/549720 | 232 // https://crbug.com/549720 |
236 emk::kUpdateURL, | 233 emk::kUpdateURL, |
237 | 234 |
238 // Apps may intercept navigations to URL patterns for domains for which the | 235 // Apps may intercept navigations to URL patterns for domains for which the |
239 // app author has proven ownership of to the Web Store. (Chrome starts the | 236 // app author has proven ownership of to the Web Store. (Chrome starts the |
240 // app instead of fulfilling the navigation.) This is only safe for apps | 237 // app instead of fulfilling the navigation.) This is only safe for apps |
241 // that have been loaded from the Web Store and thus is special-cased in | 238 // that have been loaded from the Web Store and thus is special-cased in |
242 // IsPlatformAppSafeForPublicSession(). | 239 // IsPlatformAppSafeForPublicSession(). |
243 // emk::kUrlHandlers, | 240 // emk::kUrlHandlers, |
244 | 241 |
245 // TBD | 242 // TBD |
246 // emk::kUsbPrinters, | 243 // emk::kUsbPrinters, |
247 | 244 |
| 245 // Version string (for app updates). |
| 246 emk::kVersion, |
| 247 |
248 // Just a display string. | 248 // Just a display string. |
249 emk::kVersionName, | 249 emk::kVersionName, |
250 | 250 |
251 // Webview has no special privileges or capabilities. | 251 // Webview has no special privileges or capabilities. |
252 emk::kWebview, | 252 emk::kWebview, |
253 }; | 253 }; |
254 | 254 |
255 // List of permission strings based on [1] and [2]. See |kSafePermissionDicts| | 255 // List of permission strings based on [1] and [2]. See |kSafePermissionDicts| |
256 // for permission dicts. Since Public Session users may be fully unaware of any | 256 // for permission dicts. Since Public Session users may be fully unaware of any |
257 // apps being installed, their consent to access any kind of sensitive | 257 // apps being installed, their consent to access any kind of sensitive |
(...skipping 360 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
618 if (error) { | 618 if (error) { |
619 *error = l10n_util::GetStringFUTF16( | 619 *error = l10n_util::GetStringFUTF16( |
620 IDS_EXTENSION_CANT_INSTALL_IN_DEVICE_LOCAL_ACCOUNT, | 620 IDS_EXTENSION_CANT_INSTALL_IN_DEVICE_LOCAL_ACCOUNT, |
621 base::UTF8ToUTF16(extension->name()), | 621 base::UTF8ToUTF16(extension->name()), |
622 base::UTF8ToUTF16(extension->id())); | 622 base::UTF8ToUTF16(extension->id())); |
623 } | 623 } |
624 return false; | 624 return false; |
625 } | 625 } |
626 | 626 |
627 } // namespace chromeos | 627 } // namespace chromeos |
OLD | NEW |