| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/ntp/app_launcher_handler.h" | 5 #include "chrome/browser/ui/webui/ntp/app_launcher_handler.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 60 #include "extensions/browser/extension_prefs.h" | 60 #include "extensions/browser/extension_prefs.h" |
| 61 #include "extensions/browser/extension_registry.h" | 61 #include "extensions/browser/extension_registry.h" |
| 62 #include "extensions/browser/extension_system.h" | 62 #include "extensions/browser/extension_system.h" |
| 63 #include "extensions/browser/management_policy.h" | 63 #include "extensions/browser/management_policy.h" |
| 64 #include "extensions/browser/pref_names.h" | 64 #include "extensions/browser/pref_names.h" |
| 65 #include "extensions/browser/uninstall_reason.h" | 65 #include "extensions/browser/uninstall_reason.h" |
| 66 #include "extensions/common/constants.h" | 66 #include "extensions/common/constants.h" |
| 67 #include "extensions/common/extension.h" | 67 #include "extensions/common/extension.h" |
| 68 #include "extensions/common/extension_icon_set.h" | 68 #include "extensions/common/extension_icon_set.h" |
| 69 #include "extensions/common/extension_set.h" | 69 #include "extensions/common/extension_set.h" |
| 70 #include "net/base/url_util.h" |
| 70 #include "ui/base/l10n/l10n_util.h" | 71 #include "ui/base/l10n/l10n_util.h" |
| 71 #include "ui/base/webui/web_ui_util.h" | 72 #include "ui/base/webui/web_ui_util.h" |
| 72 #include "url/gurl.h" | 73 #include "url/gurl.h" |
| 73 | 74 |
| 74 using content::WebContents; | 75 using content::WebContents; |
| 75 using extensions::AppSorting; | 76 using extensions::AppSorting; |
| 76 using extensions::CrxInstaller; | 77 using extensions::CrxInstaller; |
| 77 using extensions::Extension; | 78 using extensions::Extension; |
| 78 using extensions::ExtensionPrefs; | 79 using extensions::ExtensionPrefs; |
| 79 using extensions::ExtensionRegistry; | 80 using extensions::ExtensionRegistry; |
| (...skipping 395 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 475 } | 476 } |
| 476 | 477 |
| 477 has_loaded_apps_ = true; | 478 has_loaded_apps_ = true; |
| 478 } | 479 } |
| 479 | 480 |
| 480 void AppLauncherHandler::HandleLaunchApp(const base::ListValue* args) { | 481 void AppLauncherHandler::HandleLaunchApp(const base::ListValue* args) { |
| 481 std::string extension_id; | 482 std::string extension_id; |
| 482 CHECK(args->GetString(0, &extension_id)); | 483 CHECK(args->GetString(0, &extension_id)); |
| 483 double source = -1.0; | 484 double source = -1.0; |
| 484 CHECK(args->GetDouble(1, &source)); | 485 CHECK(args->GetDouble(1, &source)); |
| 485 std::string url; | 486 GURL override_url; |
| 486 if (args->GetSize() > 2) | |
| 487 CHECK(args->GetString(2, &url)); | |
| 488 | 487 |
| 489 extension_misc::AppLaunchBucket launch_bucket = | 488 extension_misc::AppLaunchBucket launch_bucket = |
| 490 static_cast<extension_misc::AppLaunchBucket>( | 489 static_cast<extension_misc::AppLaunchBucket>( |
| 491 static_cast<int>(source)); | 490 static_cast<int>(source)); |
| 492 CHECK(launch_bucket >= 0 && | 491 CHECK(launch_bucket >= 0 && |
| 493 launch_bucket < extension_misc::APP_LAUNCH_BUCKET_BOUNDARY); | 492 launch_bucket < extension_misc::APP_LAUNCH_BUCKET_BOUNDARY); |
| 494 | 493 |
| 495 const Extension* extension = | 494 const Extension* extension = |
| 496 extension_service_->GetExtensionById(extension_id, false); | 495 extension_service_->GetExtensionById(extension_id, false); |
| 497 | 496 |
| 498 // Prompt the user to re-enable the application if disabled. | 497 // Prompt the user to re-enable the application if disabled. |
| 499 if (!extension) { | 498 if (!extension) { |
| 500 PromptToEnableApp(extension_id); | 499 PromptToEnableApp(extension_id); |
| 501 return; | 500 return; |
| 502 } | 501 } |
| 503 | 502 |
| 504 Profile* profile = extension_service_->profile(); | 503 Profile* profile = extension_service_->profile(); |
| 505 | 504 |
| 506 WindowOpenDisposition disposition = | 505 WindowOpenDisposition disposition = |
| 507 args->GetSize() > 3 ? webui::GetDispositionFromClick(args, 3) | 506 args->GetSize() > 3 ? webui::GetDispositionFromClick(args, 3) |
| 508 : WindowOpenDisposition::CURRENT_TAB; | 507 : WindowOpenDisposition::CURRENT_TAB; |
| 509 if (extension_id != extensions::kWebStoreAppId) { | 508 if (extension_id != extensions::kWebStoreAppId) { |
| 510 CHECK_NE(launch_bucket, extension_misc::APP_LAUNCH_BUCKET_INVALID); | 509 CHECK_NE(launch_bucket, extension_misc::APP_LAUNCH_BUCKET_INVALID); |
| 511 extensions::RecordAppLaunchType(launch_bucket, extension->GetType()); | 510 extensions::RecordAppLaunchType(launch_bucket, extension->GetType()); |
| 512 } else { | 511 } else { |
| 513 extensions::RecordWebStoreLaunch(); | 512 extensions::RecordWebStoreLaunch(); |
| 513 |
| 514 if (args->GetSize() > 2) { |
| 515 std::string source_value; |
| 516 CHECK(args->GetString(2, &source_value)); |
| 517 if (!source_value.empty()) { |
| 518 override_url = net::AppendQueryParameter( |
| 519 extensions::AppLaunchInfo::GetFullLaunchURL(extension), |
| 520 extension_urls::kWebstoreSourceField, source_value); |
| 521 } |
| 522 } |
| 514 } | 523 } |
| 515 | 524 |
| 516 if (disposition == WindowOpenDisposition::NEW_FOREGROUND_TAB || | 525 if (disposition == WindowOpenDisposition::NEW_FOREGROUND_TAB || |
| 517 disposition == WindowOpenDisposition::NEW_BACKGROUND_TAB || | 526 disposition == WindowOpenDisposition::NEW_BACKGROUND_TAB || |
| 518 disposition == WindowOpenDisposition::NEW_WINDOW) { | 527 disposition == WindowOpenDisposition::NEW_WINDOW) { |
| 519 // TODO(jamescook): Proper support for background tabs. | 528 // TODO(jamescook): Proper support for background tabs. |
| 520 AppLaunchParams params(profile, extension, | 529 AppLaunchParams params(profile, extension, |
| 521 disposition == WindowOpenDisposition::NEW_WINDOW | 530 disposition == WindowOpenDisposition::NEW_WINDOW |
| 522 ? extensions::LAUNCH_CONTAINER_WINDOW | 531 ? extensions::LAUNCH_CONTAINER_WINDOW |
| 523 : extensions::LAUNCH_CONTAINER_TAB, | 532 : extensions::LAUNCH_CONTAINER_TAB, |
| 524 disposition, extensions::SOURCE_NEW_TAB_PAGE); | 533 disposition, extensions::SOURCE_NEW_TAB_PAGE); |
| 525 params.override_url = GURL(url); | 534 params.override_url = override_url; |
| 526 OpenApplication(params); | 535 OpenApplication(params); |
| 527 } else { | 536 } else { |
| 528 // To give a more "launchy" experience when using the NTP launcher, we close | 537 // To give a more "launchy" experience when using the NTP launcher, we close |
| 529 // it automatically. | 538 // it automatically. |
| 530 Browser* browser = chrome::FindBrowserWithWebContents( | 539 Browser* browser = chrome::FindBrowserWithWebContents( |
| 531 web_ui()->GetWebContents()); | 540 web_ui()->GetWebContents()); |
| 532 WebContents* old_contents = NULL; | 541 WebContents* old_contents = NULL; |
| 533 if (browser) | 542 if (browser) |
| 534 old_contents = browser->tab_strip_model()->GetActiveWebContents(); | 543 old_contents = browser->tab_strip_model()->GetActiveWebContents(); |
| 535 | 544 |
| 536 AppLaunchParams params = CreateAppLaunchParamsUserContainer( | 545 AppLaunchParams params = CreateAppLaunchParamsUserContainer( |
| 537 profile, extension, | 546 profile, extension, |
| 538 old_contents ? WindowOpenDisposition::CURRENT_TAB | 547 old_contents ? WindowOpenDisposition::CURRENT_TAB |
| 539 : WindowOpenDisposition::NEW_FOREGROUND_TAB, | 548 : WindowOpenDisposition::NEW_FOREGROUND_TAB, |
| 540 extensions::SOURCE_NEW_TAB_PAGE); | 549 extensions::SOURCE_NEW_TAB_PAGE); |
| 541 params.override_url = GURL(url); | 550 params.override_url = override_url; |
| 542 WebContents* new_contents = OpenApplication(params); | 551 WebContents* new_contents = OpenApplication(params); |
| 543 | 552 |
| 544 // This will also destroy the handler, so do not perform any actions after. | 553 // This will also destroy the handler, so do not perform any actions after. |
| 545 if (new_contents != old_contents && browser && | 554 if (new_contents != old_contents && browser && |
| 546 browser->tab_strip_model()->count() > 1) { | 555 browser->tab_strip_model()->count() > 1) { |
| 547 chrome::CloseWebContents(browser, old_contents, true); | 556 chrome::CloseWebContents(browser, old_contents, true); |
| 548 } | 557 } |
| 549 } | 558 } |
| 550 } | 559 } |
| 551 | 560 |
| (...skipping 332 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 884 base::FundamentalValue(!extension_id_prompting_.empty())); | 893 base::FundamentalValue(!extension_id_prompting_.empty())); |
| 885 } | 894 } |
| 886 | 895 |
| 887 bool AppLauncherHandler::ShouldShow(const Extension* extension) const { | 896 bool AppLauncherHandler::ShouldShow(const Extension* extension) const { |
| 888 if (ignore_changes_ || !has_loaded_apps_ || !extension->is_app()) | 897 if (ignore_changes_ || !has_loaded_apps_ || !extension->is_app()) |
| 889 return false; | 898 return false; |
| 890 | 899 |
| 891 Profile* profile = Profile::FromWebUI(web_ui()); | 900 Profile* profile = Profile::FromWebUI(web_ui()); |
| 892 return extensions::ui_util::ShouldDisplayInNewTabPage(extension, profile); | 901 return extensions::ui_util::ShouldDisplayInNewTabPage(extension, profile); |
| 893 } | 902 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2542593002:
Fix XSS in app launcher and remove use of unvalidated URL (Closed)
