Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2683)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/api/identity/web_auth_flow.cc

Issue 2901283002: Avoid treating the load of about:blank as a failure in the web auth flow. (Closed)
Patch Set: Better comment Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/api/identity/web_auth_flow.cc
diff --git a/chrome/browser/extensions/api/identity/web_auth_flow.cc b/chrome/browser/extensions/api/identity/web_auth_flow.cc
index c6c84168512b9e6464435389028b7075638c6c1a..f7435a570d2a80e7b89ea1ed51da47ac93661406 100644
--- a/chrome/browser/extensions/api/identity/web_auth_flow.cc
+++ b/chrome/browser/extensions/api/identity/web_auth_flow.cc
@@ -36,6 +36,7 @@
#include "extensions/browser/extension_system.h"
#include "net/http/http_response_headers.h"
#include "url/gurl.h"
+#include "url/url_constants.h"
using content::RenderViewHost;
using content::ResourceRedirectDetails;
@@ -207,10 +208,26 @@ void WebAuthFlow::DidFinishNavigation(
bool failed = false;
if (navigation_handle->GetNetErrorCode() != net::OK) {
- failed = true;
- TRACE_EVENT_ASYNC_STEP_PAST1("identity", "WebAuthFlow", this,
- "DidFinishNavigationFailure", "error_code",
- navigation_handle->GetNetErrorCode());
+ if (navigation_handle->GetURL().spec() == url::kAboutBlankURL) {
+ // As part of the OAUth 2.0 protocol with GAIA, at the end of the web
+ // authorization flow, GAIA redirects to a custom scheme URL of type
+ // |com.googleusercontent.apps.123:/<extension_id>|, where
+ // |com.googleusercontent.apps.123| is the reverse DNS notation of the
+ // client ID of the extension that started thwe web sign-in flow.
+ //
+ // This URL is not an accessible URL from within a Guest WebView, so
Michael Courage 2017/05/30 22:55:39 the intent of this weird URL scheme was to make su
msarda 2017/05/31 12:26:14 That makes sense. I've updated the comment to make
+ // during its load of this URL, Chrome changes it to |about:blank| and
+ // then the Identity Scope Approval Dialog extension fails to load it.
+ // Failing to load |about:blank| must not be treated as a failure of
+ // the web auth flow.
+ DCHECK_EQ(net::ERR_UNKNOWN_URL_SCHEME,
+ navigation_handle->GetNetErrorCode());
+ } else {
+ failed = true;
+ TRACE_EVENT_ASYNC_STEP_PAST1("identity", "WebAuthFlow", this,
+ "DidFinishNavigationFailure", "error_code",
+ navigation_handle->GetNetErrorCode());
+ }
} else if (navigation_handle->IsInMainFrame() &&
navigation_handle->GetResponseHeaders() &&
navigation_handle->GetResponseHeaders()->response_code() >= 400) {
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698