OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/search/local_ntp_source.h" | 5 #include "chrome/browser/search/local_ntp_source.h" |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
9 #include "base/feature_list.h" | 9 #include "base/feature_list.h" |
10 #include "base/json/json_string_value_serializer.h" | 10 #include "base/json/json_string_value_serializer.h" |
(...skipping 413 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
424 "' " | 424 "' " |
425 "'sha256-yAvSu2Dl9rlQTpQn8P1hcE5GUFQVGbuCMHypwtN6uDg=';"; | 425 "'sha256-yAvSu2Dl9rlQTpQn8P1hcE5GUFQVGbuCMHypwtN6uDg=';"; |
426 } | 426 } |
427 | 427 |
428 std::string LocalNtpSource::GetContentSecurityPolicyChildSrc() const { | 428 std::string LocalNtpSource::GetContentSecurityPolicyChildSrc() const { |
429 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | 429 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); |
430 | 430 |
431 if (one_google_bar_service_) { | 431 if (one_google_bar_service_) { |
432 // Allow embedding of the most visited iframe, as well as the account | 432 // Allow embedding of the most visited iframe, as well as the account |
433 // switcher and the notifications dropdown from the One Google Bar. | 433 // switcher and the notifications dropdown from the One Google Bar. |
434 // TODO(treib): Figure out a way to also allow staging instances. | 434 return base::StringPrintf("child-src %s https://*.google.com/;", |
435 return base::StringPrintf( | 435 chrome::kChromeSearchMostVisitedUrl); |
436 "child-src %s https://accounts.google.com/ https://docs.google.com " | |
437 "https://notifications.google.com;", | |
438 chrome::kChromeSearchMostVisitedUrl); | |
fhorschig
2017/05/03 10:41:59
As discussed offline, please point this out in the
| |
439 } | 436 } |
440 // Allow embedding of the most visited iframe. | 437 // Allow embedding of the most visited iframe. |
441 return base::StringPrintf("child-src %s;", | 438 return base::StringPrintf("child-src %s;", |
442 chrome::kChromeSearchMostVisitedUrl); | 439 chrome::kChromeSearchMostVisitedUrl); |
443 } | 440 } |
444 | 441 |
445 void LocalNtpSource::OnOneGoogleBarDataChanged() { | 442 void LocalNtpSource::OnOneGoogleBarDataChanged() { |
446 const base::Optional<OneGoogleBarData>& data = | 443 const base::Optional<OneGoogleBarData>& data = |
447 one_google_bar_service_->one_google_bar_data(); | 444 one_google_bar_service_->one_google_bar_data(); |
448 if (data.has_value()) | 445 if (data.has_value()) |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
490 base::Bind(&LocalNtpSource::SetDefaultSearchProviderIsGoogleOnIOThread, | 487 base::Bind(&LocalNtpSource::SetDefaultSearchProviderIsGoogleOnIOThread, |
491 weak_ptr_factory_.GetWeakPtr(), is_google)); | 488 weak_ptr_factory_.GetWeakPtr(), is_google)); |
492 } | 489 } |
493 | 490 |
494 void LocalNtpSource::SetDefaultSearchProviderIsGoogleOnIOThread( | 491 void LocalNtpSource::SetDefaultSearchProviderIsGoogleOnIOThread( |
495 bool is_google) { | 492 bool is_google) { |
496 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); | 493 DCHECK_CURRENTLY_ON(content::BrowserThread::IO); |
497 | 494 |
498 default_search_provider_is_google_io_thread_ = is_google; | 495 default_search_provider_is_google_io_thread_ = is_google; |
499 } | 496 } |
OLD | NEW |