| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/webstore_inline_installer.h" | 5 #include "chrome/browser/extensions/webstore_inline_installer.h" |
| 6 | 6 |
| 7 #include "base/strings/stringprintf.h" | 7 #include "base/strings/stringprintf.h" |
| 8 #include "chrome/browser/profiles/profile.h" | 8 #include "chrome/browser/profiles/profile.h" |
| 9 #include "content/public/browser/web_contents.h" | 9 #include "content/public/browser/web_contents.h" |
| 10 | 10 |
| (...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 135 &inline_install_not_supported)) { | 135 &inline_install_not_supported)) { |
| 136 *error = kInvalidWebstoreResponseError; | 136 *error = kInvalidWebstoreResponseError; |
| 137 return false; | 137 return false; |
| 138 } | 138 } |
| 139 if (inline_install_not_supported) { | 139 if (inline_install_not_supported) { |
| 140 std::string redirect_url; | 140 std::string redirect_url; |
| 141 if (!webstore_data.GetString(kRedirectUrlKey, &redirect_url)) { | 141 if (!webstore_data.GetString(kRedirectUrlKey, &redirect_url)) { |
| 142 *error = kInvalidWebstoreResponseError; | 142 *error = kInvalidWebstoreResponseError; |
| 143 return false; | 143 return false; |
| 144 } | 144 } |
| 145 web_contents()->OpenURL( | 145 web_contents()->OpenURL(content::OpenURLParams( |
| 146 content::OpenURLParams( | 146 GURL(redirect_url), |
| 147 content::Referrer::SanitizeForRequest( |
| 147 GURL(redirect_url), | 148 GURL(redirect_url), |
| 148 content::Referrer(web_contents()->GetURL(), | 149 content::Referrer(web_contents()->GetURL(), |
| 149 blink::WebReferrerPolicyDefault), | 150 blink::WebReferrerPolicyDefault)), |
| 150 NEW_FOREGROUND_TAB, ui::PAGE_TRANSITION_AUTO_BOOKMARK, false)); | 151 NEW_FOREGROUND_TAB, ui::PAGE_TRANSITION_AUTO_BOOKMARK, false)); |
| 151 *error = kInlineInstallSupportedError; | 152 *error = kInlineInstallSupportedError; |
| 152 return false; | 153 return false; |
| 153 } | 154 } |
| 154 | 155 |
| 155 *error = ""; | 156 *error = ""; |
| 156 return true; | 157 return true; |
| 157 } | 158 } |
| 158 | 159 |
| 159 bool WebstoreInlineInstaller::CheckRequestorPermitted( | 160 bool WebstoreInlineInstaller::CheckRequestorPermitted( |
| 160 const base::DictionaryValue& webstore_data, | 161 const base::DictionaryValue& webstore_data, |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 214 DLOG(WARNING) << "Could not parse " << verified_site_pattern_spec << | 215 DLOG(WARNING) << "Could not parse " << verified_site_pattern_spec << |
| 215 " as URL pattern " << parse_result; | 216 " as URL pattern " << parse_result; |
| 216 return false; | 217 return false; |
| 217 } | 218 } |
| 218 verified_site_pattern.SetScheme("*"); | 219 verified_site_pattern.SetScheme("*"); |
| 219 | 220 |
| 220 return verified_site_pattern.MatchesURL(requestor_url); | 221 return verified_site_pattern.MatchesURL(requestor_url); |
| 221 } | 222 } |
| 222 | 223 |
| 223 } // namespace extensions | 224 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 898613004:
Sanitize referrers before we create them (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master