| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" | 5 #include "chrome/browser/ui/webui/signin/inline_login_handler_impl.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/strings/string_number_conversions.h" | 10 #include "base/strings/string_number_conversions.h" |
| (...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 247 // Returns early if this is not a gaia iframe navigation. | 247 // Returns early if this is not a gaia iframe navigation. |
| 248 const GURL kGaiaExtOrigin( | 248 const GURL kGaiaExtOrigin( |
| 249 "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/"); | 249 "chrome-extension://mfffpogegjflfpflabcdkioaeobkgjik/"); |
| 250 content::RenderFrameHost* gaia_iframe = InlineLoginUI::GetAuthIframe( | 250 content::RenderFrameHost* gaia_iframe = InlineLoginUI::GetAuthIframe( |
| 251 web_contents(), kGaiaExtOrigin, "signin-frame"); | 251 web_contents(), kGaiaExtOrigin, "signin-frame"); |
| 252 if (render_frame_host != gaia_iframe) | 252 if (render_frame_host != gaia_iframe) |
| 253 return; | 253 return; |
| 254 | 254 |
| 255 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process | 255 // Loading any untrusted (e.g., HTTP) URLs in the privileged sign-in process |
| 256 // will require confirmation before the sign in takes effect. | 256 // will require confirmation before the sign in takes effect. |
| 257 if (!url.is_empty() && | 257 if (!url.is_empty()) { |
| 258 url.spec() != url::kAboutBlankURL && | 258 GURL origin(url.GetOrigin()); |
| 259 !gaia::IsGaiaSignonRealm(url.GetOrigin()) && | 259 if (url.spec() != url::kAboutBlankURL && |
| 260 !signin::IsContinueUrlForWebBasedSigninFlow(url)) { | 260 origin != kGaiaExtOrigin && |
| 261 confirm_untrusted_signin_ = true; | 261 !gaia::IsGaiaSignonRealm(origin)) { |
| 262 confirm_untrusted_signin_ = true; |
| 263 } |
| 262 } | 264 } |
| 263 } | 265 } |
| 264 | 266 |
| 265 void InlineLoginHandlerImpl::SetExtraInitParams(base::DictionaryValue& params) { | 267 void InlineLoginHandlerImpl::SetExtraInitParams(base::DictionaryValue& params) { |
| 266 params.SetString("service", "chromiumsync"); | 268 params.SetString("service", "chromiumsync"); |
| 267 | 269 |
| 268 content::WebContents* contents = web_ui()->GetWebContents(); | 270 content::WebContents* contents = web_ui()->GetWebContents(); |
| 269 const GURL& current_url = contents->GetURL(); | 271 const GURL& current_url = contents->GetURL(); |
| 270 std::string is_constrained; | 272 std::string is_constrained; |
| 271 net::GetValueForKeyInQuery(current_url, "constrained", &is_constrained); | 273 net::GetValueForKeyInQuery(current_url, "constrained", &is_constrained); |
| (...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 449 } | 451 } |
| 450 } | 452 } |
| 451 | 453 |
| 452 if (show_account_management) { | 454 if (show_account_management) { |
| 453 browser->window()->ShowAvatarBubbleFromAvatarButton( | 455 browser->window()->ShowAvatarBubbleFromAvatarButton( |
| 454 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, | 456 BrowserWindow::AVATAR_BUBBLE_MODE_ACCOUNT_MANAGEMENT, |
| 455 signin::ManageAccountsParams()); | 457 signin::ManageAccountsParams()); |
| 456 } | 458 } |
| 457 } | 459 } |
| 458 } | 460 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 418043002:
Add test for showing confirmation dialog for unsecure signin (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src