Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(391)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: extensions/common/manifest_handlers/externally_connectable.cc

Issue 2456643005: Reduce buggy usage of the registry controlled domain service. (Closed)
Patch Set: Fix Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « extensions/common/csp_validator.cc ('k') | extensions/common/permissions/permission_message_util.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: extensions/common/manifest_handlers/externally_connectable.cc
diff --git a/extensions/common/manifest_handlers/externally_connectable.cc b/extensions/common/manifest_handlers/externally_connectable.cc
index 7dcdaffcb546269e0230463cbde36ba8b0b18f70..e594251454d53afe6ed13777e0047345bd7d2b11 100644
--- a/extensions/common/manifest_handlers/externally_connectable.cc
+++ b/extensions/common/manifest_handlers/externally_connectable.cc
@@ -20,6 +20,7 @@
#include "extensions/common/permissions/api_permission_set.h"
#include "extensions/common/url_pattern.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
+#include "net/base/url_util.h"
#include "url/gurl.h"
namespace rcd = net::registry_controlled_domains;
@@ -139,9 +140,20 @@ std::unique_ptr<ExternallyConnectableInfo> ExternallyConnectableInfo::FromValue(
continue;
}
+ url::CanonHostInfo host_info;
+ std::string canonical_host =
+ net::CanonicalizeHost(pattern.host(), &host_info);
+ if (canonical_host.empty()) {
+ // CanonicalizeHost returns empty string on error. The URL parsing
+ // combined with host().empty() should have caught this above.
+ *error = ErrorUtils::FormatErrorMessageUTF16(
+ errors::kErrorInvalidMatchPattern, *it);
+ return std::unique_ptr<ExternallyConnectableInfo>();
+ }
+
// Wildcards on subdomains of a TLD are not allowed.
- size_t registry_length = rcd::GetRegistryLength(
- pattern.host(),
+ bool has_registry = rcd::HostHasRegistryControlledDomain(
+ canonical_host,
// This means that things that look like TLDs - the foobar in
// http://google.foobar - count as TLDs.
rcd::INCLUDE_UNKNOWN_REGISTRIES,
@@ -149,17 +161,9 @@ std::unique_ptr<ExternallyConnectableInfo> ExternallyConnectableInfo::FromValue(
// codereview.appspot.com and evil.appspot.com are different.
rcd::INCLUDE_PRIVATE_REGISTRIES);
- if (registry_length == std::string::npos) {
- // The URL parsing combined with host().empty() should have caught this.
- NOTREACHED() << *it;
- *error = ErrorUtils::FormatErrorMessageUTF16(
- errors::kErrorInvalidMatchPattern, *it);
- return std::unique_ptr<ExternallyConnectableInfo>();
- }
-
// Broad match patterns like "*.com", "*.co.uk", and even "*.appspot.com"
// are not allowed. However just "appspot.com" is ok.
- if (registry_length == 0 && pattern.match_subdomains()) {
+ if (!has_registry && pattern.match_subdomains()) {
// Warning not error for forwards compatibility.
install_warnings->push_back(
InstallWarning(ErrorUtils::FormatErrorMessage(
« no previous file with comments | « extensions/common/csp_validator.cc ('k') | extensions/common/permissions/permission_message_util.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698