| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" | 5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/strings/string_number_conversions.h" | 10 #include "base/strings/string_number_conversions.h" |
| (...skipping 210 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 221 // Returns early if this is not a gaia iframe navigation. | 221 // Returns early if this is not a gaia iframe navigation. |
| 222 const GURL kGaiaExtOrigin( | 222 const GURL kGaiaExtOrigin( |
| 223 "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/"); | 223 "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/"); |
| 224 content::RenderFrameHost* gaia_iframe = InlineLoginUI::GetAuthIframe( | 224 content::RenderFrameHost* gaia_iframe = InlineLoginUI::GetAuthIframe( |
| 225 web_contents(), kGaiaExtOrigin, "signin-frame"); | 225 web_contents(), kGaiaExtOrigin, "signin-frame"); |
| 226 if (render_frame_host != gaia_iframe) | 226 if (render_frame_host != gaia_iframe) |
| 227 return; | 227 return; |
| 228 | 228 |
| 229 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process | 229 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process |
| 230 // will require confirmation before the sign in takes effect. | 230 // will require confirmation before the sign in takes effect. |
| 231 if (!url.is_empty() && | 231 if (!url.is_empty()) { |
| 232 url.spec() != url::kAboutBlankURL && | 232 GURL origin(url.GetOrigin()); |
| 233 !gaia::IsGaiaSignonRealm(url.GetOrigin()) && | 233 if (url.spec() != url::kAboutBlankURL && |
| 234 !signin::IsContinueUrlForWebBasedSigninFlow(url)) { | 234 origin != kGaiaExtOrigin && |
| 235 confirm_untrusted_signin_ = true; | 235 !gaia::IsGaiaSignonRealm(origin)) { |
| 236 confirm_untrusted_signin_ = true; |
| 237 } |
| 236 } | 238 } |
| 237 } | 239 } |
| 238 | 240 |
| 239 void InlineLoginHandlerImpl::SetExtraInitParams(base::DictionaryValue& params) { | 241 void InlineLoginHandlerImpl::SetExtraInitParams(base::DictionaryValue& params) { |
| 240 params.SetString("service", "chromiumsync"); | 242 params.SetString("service", "chromiumsync"); |
| 241 | 243 |
| 242 content::WebContents* contents = web_ui()->GetWebContents(); | 244 content::WebContents* contents = web_ui()->GetWebContents(); |
| 243 const GURL& current_url = contents->GetURL(); | 245 const GURL& current_url = contents->GetURL(); |
| 244 std::string is_constrained; | 246 std::string is_constrained; |
| 245 net::GetValueForKeyInQuery(current_url, "constrained", &is_constrained); | 247 net::GetValueForKeyInQuery(current_url, "constrained", &is_constrained); |
| (...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 424 } | 426 } |
| 425 } | 427 } |
| 426 | 428 |
| 427 if (show_account_management) { | 429 if (show_account_management) { |
| 428 browser->window()->ShowAvatarBubbleFromAvatarButton( | 430 browser->window()->ShowAvatarBubbleFromAvatarButton( |
| 429 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, | 431 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, |
| 430 signin::ManageAccountsParams()); | 432 signin::ManageAccountsParams()); |
| 431 } | 433 } |
| 432 } | 434 } |
| 433 } | 435 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 418043002:
Add test for showing confirmation dialog for unsecure signin (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src