extensions/browser/url_request_util.cc - Issue 2831183003: Fix loading success.html at the end of chrome://chrome-signin flow

Side by Side Diff: extensions/browser/url_request_util.cc

Issue 2831183003: Fix loading success.html at the end of chrome://chrome-signin flow (Closed)

Patch Set: Fix comment Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« no previous file with comments | « chrome/browser/resources/gaia_auth/manifest.json ('k') | extensions/common/api/_manifest_features.json » ('j') | extensions/common/api/_manifest_features.json » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "extensions/browser/url_request_util.h"	5 #include "extensions/browser/url_request_util.h"

6	6

7 #include <string>	7 #include <string>

8	8

9 #include "content/public/browser/resource_request_info.h"	9 #include "content/public/browser/resource_request_info.h"

10 #include "content/public/common/browser_side_navigation_policy.h"	10 #include "content/public/common/browser_side_navigation_policy.h"

(...skipping 137 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
148 bool AllowCrossRendererResourceLoadHelper(bool is_guest,	148 bool AllowCrossRendererResourceLoadHelper(bool is_guest,

149 const Extension* extension,	149 const Extension* extension,

150 const Extension* owner_extension,	150 const Extension* owner_extension,

151 const std::string& partition_id,	151 const std::string& partition_id,

152 const std::string& resource_path,	152 const std::string& resource_path,

153 ui::PageTransition page_transition,	153 ui::PageTransition page_transition,

154 bool* allowed) {	154 bool* allowed) {

155 if (is_guest) {	155 if (is_guest) {

156 // An extension's resources should only be accessible to WebViews owned by	156 // An extension's resources should only be accessible to WebViews owned by

157 // that extension.	157 // that extension.

158 if (owner_extension != extension) {	158 // The only exception is the sign-in extension loaded by

	159 // chrome://chrome-signin, which is allowed to load web-accessible resources

	160 // even if the webview that is loading the resource does not belog to the
	Charlie Reis 2017/04/25 16:52:54 nit: belong nit: belong msarda 2017/04/26 11:14:35 Done. Show quoted text On 2017/04/25 16:52:54, Charlie Reis wrote: > nit: belong Done.
	161 // extension.

	162 bool is_signin_extension =

	163 extension && extension->id() == "mfffpogegjflfpflabcdkioaeobkgjik";
	Charlie Reis 2017/04/25 16:52:54 Is there a constant we can use here rather than a Is there a constant we can use here rather than a magic string? Or is it in a layer we can't access? msarda 2017/04/26 11:14:35 The constant is defined in https://cs.chromium.org Show quoted text On 2017/04/25 16:52:54, Charlie Reis wrote: > Is there a constant we can use here rather than a magic string? Or is it in a > layer we can't access? The constant is defined in https://cs.chromium.org/chromium/src/chrome/browser/extensions/signin/gaia_au... , but that is not accessible in //extensions/. I think having the string here makes more sense than having a client/provider API as I do not think this should be something configurable by the user of extensions.
	164 if (owner_extension != extension && !is_signin_extension) {
	Charlie Reis 2017/04/25 16:52:54 Devlin: What do you think about whitelisting signi Devlin: What do you think about whitelisting signin vs removing the whole owner_extension check for now (which you suggested on the bug)? I wasn't in that review, so I'm not sure how important the check is. Devlin 2017/04/26 01:59:37 Lucas knows more about the history of this check t Show quoted text On 2017/04/25 16:52:54, Charlie Reis wrote: > Devlin: What do you think about whitelisting signin vs removing the whole > owner_extension check for now (which you suggested on the bug)? I wasn't in > that review, so I'm not sure how important the check is. Lucas knows more about the history of this check than I do. I was worried that this might be something other apps are legitimately doing, but it seems like maybe not? If that's the case, I'm fine with a whitelist approach. msarda 2017/04/26 11:14:34 Lucas: Please advise on whether to keep this code Show quoted text On 2017/04/26 01:59:37, Devlin wrote: > On 2017/04/25 16:52:54, Charlie Reis wrote: > > Devlin: What do you think about whitelisting signin vs removing the whole > > owner_extension check for now (which you suggested on the bug)? I wasn't in > > that review, so I'm not sure how important the check is. > > Lucas knows more about the history of this check than I do. I was worried that > this might be something other apps are legitimately doing, but it seems like > maybe not? If that's the case, I'm fine with a whitelist approach. Lucas: Please advise on whether to keep this code as is or remove the it. lfg 2017/04/26 16:24:18 We should use the whitelist approach instead of re Show quoted text On 2017/04/26 11:14:34, msarda wrote: > On 2017/04/26 01:59:37, Devlin wrote: > > On 2017/04/25 16:52:54, Charlie Reis wrote: > > > Devlin: What do you think about whitelisting signin vs removing the whole > > > owner_extension check for now (which you suggested on the bug)? I wasn't in > > > that review, so I'm not sure how important the check is. > > > > Lucas knows more about the history of this check than I do. I was worried > that > > this might be something other apps are legitimately doing, but it seems like > > maybe not? If that's the case, I'm fine with a whitelist approach. > > Lucas: Please advise on whether to keep this code as is or remove the it. We should use the whitelist approach instead of removing the check. Removing the owners check would mean that any app could load resources listed in the manifest from any other app. Charlie Reis 2017/04/26 20:10:25 Acknowledged. Show quoted text On 2017/04/26 16:24:18, lfg wrote: > On 2017/04/26 11:14:34, msarda wrote: > > On 2017/04/26 01:59:37, Devlin wrote: > > > On 2017/04/25 16:52:54, Charlie Reis wrote: > > > > Devlin: What do you think about whitelisting signin vs removing the whole > > > > owner_extension check for now (which you suggested on the bug)? I wasn't > in > > > > that review, so I'm not sure how important the check is. > > > > > > Lucas knows more about the history of this check than I do. I was worried > > that > > > this might be something other apps are legitimately doing, but it seems like > > > maybe not? If that's the case, I'm fine with a whitelist approach. > > > > Lucas: Please advise on whether to keep this code as is or remove the it. > > We should use the whitelist approach instead of removing the check. Removing the > owners check would mean that any app could load resources listed in the manifest > from any other app. Acknowledged.
159 *allowed = false;	165 *allowed = false;

160 return true;	166 return true;

161 }	167 }

162	168

163 *allowed = WebviewInfo::IsResourceWebviewAccessible(extension, partition_id,	169 *allowed = WebviewInfo::IsResourceWebviewAccessible(extension, partition_id,

164 resource_path);	170 resource_path);

165 return true;	171 return true;

166 }	172 }

167	173

168 return false;	174 return false;

169 }	175 }

170	176

171 } // namespace url_request_util	177 } // namespace url_request_util

172 } // namespace extensions	178 } // namespace extensions

OLD	NEW