Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(37)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/extensions/webstore_inline_installer.cc

Issue 908063002: Prevent inline CRX installs in popup windows. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Open the popup from the test file rather than using browser navigation Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/extensions/webstore_inline_installer_browsertest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/webstore_inline_installer.h" 5 #include "chrome/browser/extensions/webstore_inline_installer.h"
6 6
7 #include "base/strings/stringprintf.h" 7 #include "base/strings/stringprintf.h"
8 #include "chrome/browser/profiles/profile.h" 8 #include "chrome/browser/profiles/profile.h"
9 #include "chrome/browser/ui/browser_finder.h"
9 #include "content/public/browser/web_contents.h" 10 #include "content/public/browser/web_contents.h"
10 11
11 using content::WebContents; 12 using content::WebContents;
12 13
13 namespace extensions { 14 namespace extensions {
14 15
15 const char kInvalidWebstoreResponseError[] = "Invalid Chrome Web Store reponse"; 16 const char kInvalidWebstoreResponseError[] =
17 "Invalid Chrome Web Store response.";
16 const char kNoVerifiedSitesError[] = 18 const char kNoVerifiedSitesError[] =
17 "Inline installs can only be initiated for Chrome Web Store items that " 19 "Inline installs can only be initiated for Chrome Web Store items that "
18 "have one or more verified sites"; 20 "have one or more verified sites.";
19 const char kNotFromVerifiedSitesError[] = 21 const char kNotFromVerifiedSitesError[] =
20 "Installs can only be initiated by one of the Chrome Web Store item's " 22 "Installs can only be initiated by one of the Chrome Web Store item's "
21 "verified sites"; 23 "verified sites.";
22 const char kInlineInstallSupportedError[] = 24 const char kInlineInstallSupportedError[] =
23 "Inline installation is not supported for this item. The user will be " 25 "Inline installation is not supported for this item. The user will be "
24 "redirected to the Chrome Web Store."; 26 "redirected to the Chrome Web Store.";
27 const char kInitiatedFromPopupError[] =
28 "Inline installs can not be initiated from pop-up windows.";
25 29
26 WebstoreInlineInstaller::WebstoreInlineInstaller( 30 WebstoreInlineInstaller::WebstoreInlineInstaller(
27 content::WebContents* web_contents, 31 content::WebContents* web_contents,
28 const std::string& webstore_item_id, 32 const std::string& webstore_item_id,
29 const GURL& requestor_url, 33 const GURL& requestor_url,
30 const Callback& callback) 34 const Callback& callback)
31 : WebstoreStandaloneInstaller( 35 : WebstoreStandaloneInstaller(
32 webstore_item_id, 36 webstore_item_id,
33 Profile::FromBrowserContext(web_contents->GetBrowserContext()), 37 Profile::FromBrowserContext(web_contents->GetBrowserContext()),
34 callback), 38 callback),
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after
119 return true; 123 return true;
120 } 124 }
121 125
122 WebContents* WebstoreInlineInstaller::GetWebContents() const { 126 WebContents* WebstoreInlineInstaller::GetWebContents() const {
123 return web_contents(); 127 return web_contents();
124 } 128 }
125 129
126 bool WebstoreInlineInstaller::CheckInlineInstallPermitted( 130 bool WebstoreInlineInstaller::CheckInlineInstallPermitted(
127 const base::DictionaryValue& webstore_data, 131 const base::DictionaryValue& webstore_data,
128 std::string* error) const { 132 std::string* error) const {
133 Browser* browser = chrome::FindBrowserWithWebContents(web_contents());
134 DCHECK(browser);
135 if (browser->is_type_popup()) {
136 *error = kInitiatedFromPopupError;
137 return false;
138 }
129 // The store may not support inline installs for this item, in which case 139 // The store may not support inline installs for this item, in which case
130 // we open the store-provided redirect URL in a new tab and abort the 140 // we open the store-provided redirect URL in a new tab and abort the
131 // installation process. 141 // installation process.
132 bool inline_install_not_supported = false; 142 bool inline_install_not_supported = false;
133 if (webstore_data.HasKey(kInlineInstallNotSupportedKey) 143 if (webstore_data.HasKey(kInlineInstallNotSupportedKey)
134 && !webstore_data.GetBoolean(kInlineInstallNotSupportedKey, 144 && !webstore_data.GetBoolean(kInlineInstallNotSupportedKey,
135 &inline_install_not_supported)) { 145 &inline_install_not_supported)) {
136 *error = kInvalidWebstoreResponseError; 146 *error = kInvalidWebstoreResponseError;
137 return false; 147 return false;
138 } 148 }
139 if (inline_install_not_supported) { 149 if (inline_install_not_supported) {
140 std::string redirect_url; 150 std::string redirect_url;
141 if (!webstore_data.GetString(kRedirectUrlKey, &redirect_url)) { 151 if (!webstore_data.GetString(kRedirectUrlKey, &redirect_url)) {
142 *error = kInvalidWebstoreResponseError; 152 *error = kInvalidWebstoreResponseError;
143 return false; 153 return false;
144 } 154 }
145 web_contents()->OpenURL(content::OpenURLParams( 155 web_contents()->OpenURL(content::OpenURLParams(
146 GURL(redirect_url), 156 GURL(redirect_url),
147 content::Referrer::SanitizeForRequest( 157 content::Referrer::SanitizeForRequest(
148 GURL(redirect_url), 158 GURL(redirect_url),
149 content::Referrer(web_contents()->GetURL(), 159 content::Referrer(web_contents()->GetURL(),
150 blink::WebReferrerPolicyDefault)), 160 blink::WebReferrerPolicyDefault)),
151 NEW_FOREGROUND_TAB, ui::PAGE_TRANSITION_AUTO_BOOKMARK, false)); 161 NEW_FOREGROUND_TAB, ui::PAGE_TRANSITION_AUTO_BOOKMARK, false));
152 *error = kInlineInstallSupportedError; 162 *error = kInlineInstallSupportedError;
153 return false; 163 return false;
154 } 164 }
155
156 *error = ""; 165 *error = "";
157 return true; 166 return true;
158 } 167 }
159 168
160 bool WebstoreInlineInstaller::CheckRequestorPermitted( 169 bool WebstoreInlineInstaller::CheckRequestorPermitted(
161 const base::DictionaryValue& webstore_data, 170 const base::DictionaryValue& webstore_data,
162 std::string* error) const { 171 std::string* error) const {
163 return IsRequestorPermitted(webstore_data, requestor_url_, error); 172 return IsRequestorPermitted(webstore_data, requestor_url_, error);
164 } 173 }
165 174
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
215 DLOG(WARNING) << "Could not parse " << verified_site_pattern_spec << 224 DLOG(WARNING) << "Could not parse " << verified_site_pattern_spec <<
216 " as URL pattern " << parse_result; 225 " as URL pattern " << parse_result;
217 return false; 226 return false;
218 } 227 }
219 verified_site_pattern.SetScheme("*"); 228 verified_site_pattern.SetScheme("*");
220 229
221 return verified_site_pattern.MatchesURL(requestor_url); 230 return verified_site_pattern.MatchesURL(requestor_url);
222 } 231 }
223 232
224 } // namespace extensions 233 } // namespace extensions
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/extensions/webstore_inline_installer_browsertest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698