OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/extension_service.h" | 5 #include "chrome/browser/extensions/extension_service.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <set> | 8 #include <set> |
9 | 9 |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
(...skipping 238 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
249 // source. In this case, signal that this extension will not be | 249 // source. In this case, signal that this extension will not be |
250 // installed by returning false. | 250 // installed by returning false. |
251 if (!pending_extension_manager()->AddFromExternalUpdateUrl( | 251 if (!pending_extension_manager()->AddFromExternalUpdateUrl( |
252 id, update_url, location)) | 252 id, update_url, location)) |
253 return false; | 253 return false; |
254 | 254 |
255 update_once_all_providers_are_ready_ = true; | 255 update_once_all_providers_are_ready_ = true; |
256 return true; | 256 return true; |
257 } | 257 } |
258 | 258 |
259 // If a download url matches one of these patterns and has a referrer of the | |
260 // webstore, then we're willing to treat that as a gallery download. | |
261 static const char* kAllowedDownloadURLPatterns[] = { | |
262 "https://clients2.google.com/service/update2*", | |
263 "https://clients2.googleusercontent.com/crx/*" | |
264 }; | |
265 | |
266 bool ExtensionService::IsDownloadFromGallery(const GURL& download_url, | |
267 const GURL& referrer_url) { | |
268 const Extension* download_extension = | |
269 extensions_.GetHostedAppByURL(ExtensionURLInfo(download_url)); | |
270 const Extension* referrer_extension = | |
271 extensions_.GetHostedAppByURL(ExtensionURLInfo(referrer_url)); | |
272 const Extension* webstore_app = GetWebStoreApp(); | |
273 | |
274 bool referrer_valid = (referrer_extension == webstore_app); | |
275 bool download_valid = (download_extension == webstore_app); | |
276 | |
277 // We also allow the download to be from a small set of trusted paths. | |
278 if (!download_valid) { | |
279 for (size_t i = 0; i < arraysize(kAllowedDownloadURLPatterns); i++) { | |
280 URLPattern pattern(URLPattern::SCHEME_HTTPS, | |
281 kAllowedDownloadURLPatterns[i]); | |
282 if (pattern.MatchesURL(download_url)) { | |
283 download_valid = true; | |
284 break; | |
285 } | |
286 } | |
287 } | |
288 | |
289 // If the command-line gallery URL is set, then be a bit more lenient. | |
290 GURL store_url = | |
291 GURL(CommandLine::ForCurrentProcess()->GetSwitchValueASCII( | |
292 switches::kAppsGalleryURL)); | |
293 if (!store_url.is_empty()) { | |
294 std::string store_tld = | |
295 net::RegistryControlledDomainService::GetDomainAndRegistry(store_url); | |
296 if (!referrer_valid) { | |
297 std::string referrer_tld = | |
298 net::RegistryControlledDomainService::GetDomainAndRegistry( | |
299 referrer_url); | |
300 // The referrer gets stripped when transitioning from https to http, | |
301 // or when hitting an unknown test cert and that commonly happens in | |
302 // testing environments. Given this, we allow an empty referrer when | |
303 // the command-line flag is set. | |
304 // Otherwise, the TLD must match the TLD of the command-line url. | |
305 referrer_valid = referrer_url.is_empty() || (referrer_tld == store_tld); | |
306 } | |
307 | |
308 if (!download_valid) { | |
309 std::string download_tld = | |
310 net::RegistryControlledDomainService::GetDomainAndRegistry( | |
311 download_url); | |
312 | |
313 // Otherwise, the TLD must match the TLD of the command-line url. | |
314 download_valid = (download_tld == store_tld); | |
315 } | |
316 } | |
317 | |
318 return (referrer_valid && download_valid); | |
319 } | |
320 | |
321 const Extension* ExtensionService::GetInstalledApp(const GURL& url) { | 259 const Extension* ExtensionService::GetInstalledApp(const GURL& url) { |
322 const Extension* extension = extensions_.GetExtensionOrAppByURL( | 260 const Extension* extension = extensions_.GetExtensionOrAppByURL( |
323 ExtensionURLInfo(url)); | 261 ExtensionURLInfo(url)); |
324 if (extension && extension->is_app()) | 262 if (extension && extension->is_app()) |
325 return extension; | 263 return extension; |
326 | 264 |
327 return NULL; | 265 return NULL; |
328 } | 266 } |
329 | 267 |
330 bool ExtensionService::IsInstalledApp(const GURL& url) { | 268 bool ExtensionService::IsInstalledApp(const GURL& url) { |
(...skipping 1964 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2295 const Extension* ExtensionService::GetTerminatedExtension( | 2233 const Extension* ExtensionService::GetTerminatedExtension( |
2296 const std::string& id) const { | 2234 const std::string& id) const { |
2297 return GetExtensionByIdInternal(id, false, false, true); | 2235 return GetExtensionByIdInternal(id, false, false, true); |
2298 } | 2236 } |
2299 | 2237 |
2300 const Extension* ExtensionService::GetInstalledExtension( | 2238 const Extension* ExtensionService::GetInstalledExtension( |
2301 const std::string& id) const { | 2239 const std::string& id) const { |
2302 return GetExtensionByIdInternal(id, true, true, true); | 2240 return GetExtensionByIdInternal(id, true, true, true); |
2303 } | 2241 } |
2304 | 2242 |
2305 const Extension* ExtensionService::GetWebStoreApp() { | |
2306 return GetExtensionById(extension_misc::kWebStoreAppId, false); | |
2307 } | |
2308 | |
2309 bool ExtensionService::ExtensionBindingsAllowed(const GURL& url) { | 2243 bool ExtensionService::ExtensionBindingsAllowed(const GURL& url) { |
2310 // Allow bindings for all packaged extensions and component hosted apps. | 2244 // Allow bindings for all packaged extensions and component hosted apps. |
2311 const Extension* extension = extensions_.GetExtensionOrAppByURL( | 2245 const Extension* extension = extensions_.GetExtensionOrAppByURL( |
2312 ExtensionURLInfo(url)); | 2246 ExtensionURLInfo(url)); |
2313 return extension && (!extension->is_hosted_app() || | 2247 return extension && (!extension->is_hosted_app() || |
2314 extension->location() == Extension::COMPONENT); | 2248 extension->location() == Extension::COMPONENT); |
2315 } | 2249 } |
2316 | 2250 |
2317 const SkBitmap& ExtensionService::GetOmniboxIcon( | 2251 const SkBitmap& ExtensionService::GetOmniboxIcon( |
2318 const std::string& extension_id) { | 2252 const std::string& extension_id) { |
(...skipping 319 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2638 // To coexist with certain unit tests that don't have an IO thread message | 2572 // To coexist with certain unit tests that don't have an IO thread message |
2639 // loop available at ExtensionService shutdown, we lazy-initialize this | 2573 // loop available at ExtensionService shutdown, we lazy-initialize this |
2640 // object so that those cases neither create nor destroy an | 2574 // object so that those cases neither create nor destroy an |
2641 // APIResourceController. | 2575 // APIResourceController. |
2642 CHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 2576 CHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
2643 if (!api_resource_controller_) { | 2577 if (!api_resource_controller_) { |
2644 api_resource_controller_ = new extensions::APIResourceController(); | 2578 api_resource_controller_ = new extensions::APIResourceController(); |
2645 } | 2579 } |
2646 return api_resource_controller_; | 2580 return api_resource_controller_; |
2647 } | 2581 } |
OLD | NEW |