| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/policy_handlers.h" | 5 #include "chrome/browser/extensions/policy_handlers.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 268 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 279 if (!CheckAndGetValue(policies, errors, &policy_value)) | 279 if (!CheckAndGetValue(policies, errors, &policy_value)) |
| 280 return false; | 280 return false; |
| 281 if (!policy_value) | 281 if (!policy_value) |
| 282 return true; | 282 return true; |
| 283 | 283 |
| 284 // |policy_value| is expected to conform to the defined schema. But it's | 284 // |policy_value| is expected to conform to the defined schema. But it's |
| 285 // not strictly valid since there are additional restrictions. | 285 // not strictly valid since there are additional restrictions. |
| 286 const base::DictionaryValue* dict_value = NULL; | 286 const base::DictionaryValue* dict_value = NULL; |
| 287 DCHECK(policy_value->IsType(base::Value::Type::DICTIONARY)); | 287 DCHECK(policy_value->IsType(base::Value::Type::DICTIONARY)); |
| 288 policy_value->GetAsDictionary(&dict_value); | 288 policy_value->GetAsDictionary(&dict_value); |
| 289 const int extension_scheme_mask = |
| 290 URLPattern::GetValidSchemeMaskForExtensions(); |
| 289 | 291 |
| 290 for (base::DictionaryValue::Iterator it(*dict_value); !it.IsAtEnd(); | 292 for (base::DictionaryValue::Iterator it(*dict_value); !it.IsAtEnd(); |
| 291 it.Advance()) { | 293 it.Advance()) { |
| 292 DCHECK(it.key() == schema_constants::kWildcard || | 294 DCHECK(it.key() == schema_constants::kWildcard || |
| 293 crx_file::id_util::IdIsValid(it.key())); | 295 crx_file::id_util::IdIsValid(it.key())); |
| 294 DCHECK(it.value().IsType(base::Value::Type::DICTIONARY)); | 296 DCHECK(it.value().IsType(base::Value::Type::DICTIONARY)); |
| 295 | 297 |
| 296 // Extracts sub dictionary. | 298 // Extracts sub dictionary. |
| 297 const base::DictionaryValue* sub_dict = NULL; | 299 const base::DictionaryValue* sub_dict = NULL; |
| 298 it.value().GetAsDictionary(&sub_dict); | 300 it.value().GetAsDictionary(&sub_dict); |
| (...skipping 15 matching lines...) Expand all Loading... |
| 314 return false; | 316 return false; |
| 315 } | 317 } |
| 316 // Verifies that update URL is valid. | 318 // Verifies that update URL is valid. |
| 317 if (!GURL(update_url).is_valid()) { | 319 if (!GURL(update_url).is_valid()) { |
| 318 errors->AddError( | 320 errors->AddError( |
| 319 policy_name(), IDS_POLICY_INVALID_UPDATE_URL_ERROR, it.key()); | 321 policy_name(), IDS_POLICY_INVALID_UPDATE_URL_ERROR, it.key()); |
| 320 return false; | 322 return false; |
| 321 } | 323 } |
| 322 } | 324 } |
| 323 } | 325 } |
| 326 const base::ListValue* unparsed_urls; |
| 327 // Host keys that don't support user defined paths. |
| 328 const std::string host_keys[] = {schema_constants::kRuntimeBlockedHosts, |
| 329 schema_constants::kRuntimeAllowedHosts}; |
| 330 for (const auto& key : host_keys) { |
| 331 if (sub_dict->GetList(key, &unparsed_urls)) { |
| 332 for (size_t i = 0; i < unparsed_urls->GetSize(); ++i) { |
| 333 std::string unparsed_url; |
| 334 unparsed_urls->GetString(i, &unparsed_url); |
| 335 URLPattern pattern = URLPattern(extension_scheme_mask); |
| 336 URLPattern::ParseResult parse_result = pattern.Parse( |
| 337 unparsed_url, URLPattern::ALLOW_WILDCARD_FOR_EFFECTIVE_TLD); |
| 338 // These keys don't support paths due to how we track the initiator |
| 339 // of a webRequest and cookie security policy. We expect a valid |
| 340 // pattern to return a PARSE_ERROR_EMPTY_PATH. |
| 341 if (parse_result == URLPattern::PARSE_ERROR_EMPTY_PATH) { |
| 342 // Add a wildcard path to the URL as it should match any path. |
| 343 parse_result = |
| 344 pattern.Parse(unparsed_url + "/*", |
| 345 URLPattern::ALLOW_WILDCARD_FOR_EFFECTIVE_TLD); |
| 346 } else if (parse_result == URLPattern::PARSE_SUCCESS) { |
| 347 // The user supplied a path, notify them that this is not supported. |
| 348 if (unparsed_url != "<all_urls>") { |
| 349 errors->AddError( |
| 350 policy_name(), it.key(), |
| 351 "Your URL pattern '" + unparsed_url + "' for attribute " + |
| 352 key + " contains a path. Paths are not supported, " + |
| 353 "please remove it and try again."); |
| 354 return false; |
| 355 } |
| 356 } |
| 357 // Any other issue with parsing the URL. |
| 358 if (parse_result != URLPattern::PARSE_SUCCESS) { |
| 359 errors->AddError(policy_name(), it.key(), |
| 360 "Invalid URL pattern '" + unparsed_url + |
| 361 "' for attribute " + key); |
| 362 } |
| 363 } |
| 364 } |
| 365 } |
| 324 } | 366 } |
| 325 | 367 |
| 326 return true; | 368 return true; |
| 327 } | 369 } |
| 328 | 370 |
| 329 void ExtensionSettingsPolicyHandler::ApplyPolicySettings( | 371 void ExtensionSettingsPolicyHandler::ApplyPolicySettings( |
| 330 const policy::PolicyMap& policies, | 372 const policy::PolicyMap& policies, |
| 331 PrefValueMap* prefs) { | 373 PrefValueMap* prefs) { |
| 332 std::unique_ptr<base::Value> policy_value; | 374 std::unique_ptr<base::Value> policy_value; |
| 333 if (!CheckAndGetValue(policies, NULL, &policy_value) || !policy_value) | 375 if (!CheckAndGetValue(policies, NULL, &policy_value) || !policy_value) |
| 334 return; | 376 return; |
| 335 prefs->SetValue(pref_names::kExtensionManagement, std::move(policy_value)); | 377 prefs->SetValue(pref_names::kExtensionManagement, std::move(policy_value)); |
| 336 } | 378 } |
| 337 | 379 |
| 338 } // namespace extensions | 380 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2495353003:
chrome.webRequest support for ExtensionSettings (Closed)
