| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/browser/api/web_request/web_request_permissions.h" | 5 #include "extensions/browser/api/web_request/web_request_permissions.h" |
| 6 | 6 |
| 7 #include "base/strings/string_piece.h" | 7 #include "base/strings/string_piece.h" |
| 8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
| 9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
| 10 #include "chromeos/login/login_state.h" | 10 #include "chromeos/login/login_state.h" |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 43 // Returns true if the URL is sensitive and requests to this URL must not be | 43 // Returns true if the URL is sensitive and requests to this URL must not be |
| 44 // modified/canceled by extensions, e.g. because it is targeted to the webstore | 44 // modified/canceled by extensions, e.g. because it is targeted to the webstore |
| 45 // to check for updates, extension blacklisting, etc. | 45 // to check for updates, extension blacklisting, etc. |
| 46 bool IsSensitiveURL(const GURL& url) { | 46 bool IsSensitiveURL(const GURL& url) { |
| 47 // TODO(battre) Merge this, CanExtensionAccessURL and | 47 // TODO(battre) Merge this, CanExtensionAccessURL and |
| 48 // PermissionsData::CanAccessPage into one function. | 48 // PermissionsData::CanAccessPage into one function. |
| 49 bool sensitive_chrome_url = false; | 49 bool sensitive_chrome_url = false; |
| 50 const base::StringPiece& host = url.host_piece(); | 50 const base::StringPiece& host = url.host_piece(); |
| 51 const char kGoogleCom[] = "google.com"; | 51 const char kGoogleCom[] = "google.com"; |
| 52 const char kClient[] = "clients"; | 52 const char kClient[] = "clients"; |
| 53 if (url.DomainIs(kGoogleCom)) { | 53 if (url.DomainIs(base::LiteralStringPiece(kGoogleCom))) { |
| 54 // Check for "clients[0-9]*.google.com" hosts. | 54 // Check for "clients[0-9]*.google.com" hosts. |
| 55 // This protects requests to several internal services such as sync, | 55 // This protects requests to several internal services such as sync, |
| 56 // extension update pings, captive portal detection, fraudulent certificate | 56 // extension update pings, captive portal detection, fraudulent certificate |
| 57 // reporting, autofill and others. | 57 // reporting, autofill and others. |
| 58 if (base::StartsWith(host, kClient, base::CompareCase::SENSITIVE)) { | 58 if (base::StartsWith(host, kClient, base::CompareCase::SENSITIVE)) { |
| 59 bool match = true; | 59 bool match = true; |
| 60 for (base::StringPiece::const_iterator | 60 for (base::StringPiece::const_iterator |
| 61 i = host.begin() + strlen(kClient), | 61 i = host.begin() + strlen(kClient), |
| 62 end = host.end() - (strlen(kGoogleCom) + 1); | 62 end = host.end() - (strlen(kGoogleCom) + 1); |
| 63 i != end; ++i) { | 63 i != end; ++i) { |
| 64 if (!isdigit(*i)) { | 64 if (!isdigit(*i)) { |
| 65 match = false; | 65 match = false; |
| 66 break; | 66 break; |
| 67 } | 67 } |
| 68 } | 68 } |
| 69 sensitive_chrome_url = sensitive_chrome_url || match; | 69 sensitive_chrome_url = sensitive_chrome_url || match; |
| 70 } | 70 } |
| 71 // This protects requests to safe browsing, link doctor, and possibly | 71 // This protects requests to safe browsing, link doctor, and possibly |
| 72 // others. | 72 // others. |
| 73 sensitive_chrome_url = sensitive_chrome_url || | 73 sensitive_chrome_url = |
| 74 url.DomainIs("clients.google.com") || | 74 sensitive_chrome_url || |
| 75 url.DomainIs("sb-ssl.google.com") || | 75 url.DomainIs(base::LiteralStringPiece("clients.google.com")) || |
| 76 (url.DomainIs("chrome.google.com") && | 76 url.DomainIs(base::LiteralStringPiece("sb-ssl.google.com")) || |
| 77 base::StartsWith(url.path_piece(), "/webstore", | 77 (url.DomainIs(base::LiteralStringPiece("chrome.google.com")) && |
| 78 base::CompareCase::SENSITIVE)); | 78 base::StartsWith(url.path_piece(), "/webstore", |
| 79 base::CompareCase::SENSITIVE)); |
| 79 } | 80 } |
| 80 return sensitive_chrome_url || extension_urls::IsWebstoreUpdateUrl(url) || | 81 return sensitive_chrome_url || extension_urls::IsWebstoreUpdateUrl(url) || |
| 81 extension_urls::IsBlacklistUpdateUrl(url); | 82 extension_urls::IsBlacklistUpdateUrl(url); |
| 82 } | 83 } |
| 83 | 84 |
| 84 // static | 85 // static |
| 85 bool WebRequestPermissions::HideRequest( | 86 bool WebRequestPermissions::HideRequest( |
| 86 const extensions::InfoMap* extension_info_map, | 87 const extensions::InfoMap* extension_info_map, |
| 87 const net::URLRequest* request, | 88 const net::URLRequest* request, |
| 88 extensions::ExtensionNavigationUIData* navigation_ui_data) { | 89 extensions::ExtensionNavigationUIData* navigation_ui_data) { |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 167 break; | 168 break; |
| 168 case REQUIRE_ALL_URLS: | 169 case REQUIRE_ALL_URLS: |
| 169 if (extension->permissions_data()->HasEffectiveAccessToAllHosts()) | 170 if (extension->permissions_data()->HasEffectiveAccessToAllHosts()) |
| 170 access = PermissionsData::ACCESS_ALLOWED; | 171 access = PermissionsData::ACCESS_ALLOWED; |
| 171 // else ACCESS_DENIED | 172 // else ACCESS_DENIED |
| 172 break; | 173 break; |
| 173 } | 174 } |
| 174 | 175 |
| 175 return access; | 176 return access; |
| 176 } | 177 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2579473002:
[wip] Add LiteralStringPiece which templatizes based on character length (Closed)
