OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/policy/policy_helpers.h" | 5 #include "chrome/browser/policy/policy_helpers.h" |
6 | 6 |
7 #include "net/base/net_errors.h" | 7 #include "net/base/net_errors.h" |
8 #include "url/gurl.h" | 8 #include "url/gurl.h" |
9 | 9 |
10 #if defined(OS_CHROMEOS) | 10 #if defined(OS_CHROMEOS) |
11 #include "base/command_line.h" | 11 #include "base/command_line.h" |
12 #include "chromeos/chromeos_switches.h" | 12 #include "chromeos/chromeos_switches.h" |
13 #endif | 13 #endif |
14 | 14 |
15 #if !defined(OS_CHROMEOS) && !defined(OS_IOS) | 15 #if !defined(OS_CHROMEOS) && !defined(OS_IOS) |
16 #include "components/signin/core/browser/signin_manager.h" | |
17 #include "google_apis/gaia/gaia_urls.h" | 16 #include "google_apis/gaia/gaia_urls.h" |
18 #endif | 17 #endif |
19 | 18 |
20 namespace policy { | 19 namespace policy { |
21 | 20 |
22 bool OverrideBlacklistForURL(const GURL& url, bool* block, int* reason) { | 21 bool OverrideBlacklistForURL(const GURL& url, bool* block, int* reason) { |
23 #if defined(OS_CHROMEOS) | 22 #if defined(OS_CHROMEOS) |
24 // On ChromeOS browsing is only allowed once OOBE has completed. Therefore all | 23 // On ChromeOS browsing is only allowed once OOBE has completed. Therefore all |
25 // requests are blocked until this condition is met. | 24 // requests are blocked until this condition is met. |
26 if (base::CommandLine::ForCurrentProcess()->HasSwitch( | 25 if (base::CommandLine::ForCurrentProcess()->HasSwitch( |
27 chromeos::switches::kOobeGuestSession)) { | 26 chromeos::switches::kOobeGuestSession)) { |
28 if (!url.SchemeIs("chrome") && !url.SchemeIs("chrome-extension")) { | 27 if (!url.SchemeIs("chrome") && !url.SchemeIs("chrome-extension")) { |
29 *reason = net::ERR_BLOCKED_ENROLLMENT_CHECK_PENDING; | 28 *reason = net::ERR_BLOCKED_ENROLLMENT_CHECK_PENDING; |
30 *block = true; | 29 *block = true; |
31 return true; | 30 return true; |
32 } | 31 } |
33 } | 32 } |
34 return false; | 33 return false; |
35 #elif defined(OS_IOS) | 34 #elif defined(OS_IOS) |
36 return false; | 35 return false; |
37 #else | 36 #else |
38 static const char kServiceLoginAuth[] = "/ServiceLoginAuth"; | 37 static const char kServiceLoginAuth[] = "/ServiceLoginAuth"; |
39 | 38 |
40 *block = false; | 39 *block = false; |
41 // Whitelist all the signin flow URLs flagged by the SigninManager. | |
42 if (SigninManager::IsWebBasedSigninFlowURL(url)) | |
43 return true; | |
44 | |
45 // Additionally whitelist /ServiceLoginAuth. | 40 // Additionally whitelist /ServiceLoginAuth. |
46 if (url.GetOrigin() != GaiaUrls::GetInstance()->gaia_url().GetOrigin()) | 41 if (url.GetOrigin() != GaiaUrls::GetInstance()->gaia_url().GetOrigin()) |
47 return false; | 42 return false; |
48 | 43 |
49 return url.path() == kServiceLoginAuth; | 44 return url.path() == kServiceLoginAuth; |
50 #endif | 45 #endif |
51 } | 46 } |
52 | 47 |
53 } // namespace policy | 48 } // namespace policy |
OLD | NEW |