OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/extension_service.h" | 5 #include "chrome/browser/extensions/extension_service.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <set> | 8 #include <set> |
9 | 9 |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
(...skipping 239 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
250 // source. In this case, signal that this extension will not be | 250 // source. In this case, signal that this extension will not be |
251 // installed by returning false. | 251 // installed by returning false. |
252 if (!pending_extension_manager()->AddFromExternalUpdateUrl( | 252 if (!pending_extension_manager()->AddFromExternalUpdateUrl( |
253 id, update_url, location)) | 253 id, update_url, location)) |
254 return false; | 254 return false; |
255 | 255 |
256 update_once_all_providers_are_ready_ = true; | 256 update_once_all_providers_are_ready_ = true; |
257 return true; | 257 return true; |
258 } | 258 } |
259 | 259 |
| 260 // If a download url matches one of these patterns and has a referrer of the |
| 261 // webstore, then we're willing to treat that as a gallery download. |
| 262 static const char* kAllowedDownloadURLPatterns[] = { |
| 263 "https://clients2.google.com/service/update2*", |
| 264 "https://clients2.googleusercontent.com/crx/*" |
| 265 }; |
| 266 |
| 267 bool ExtensionService::IsDownloadFromGallery(const GURL& download_url, |
| 268 const GURL& referrer_url) { |
| 269 const Extension* download_extension = |
| 270 extensions_.GetHostedAppByURL(ExtensionURLInfo(download_url)); |
| 271 const Extension* referrer_extension = |
| 272 extensions_.GetHostedAppByURL(ExtensionURLInfo(referrer_url)); |
| 273 const Extension* webstore_app = GetWebStoreApp(); |
| 274 |
| 275 bool referrer_valid = (referrer_extension == webstore_app); |
| 276 bool download_valid = (download_extension == webstore_app); |
| 277 |
| 278 // We also allow the download to be from a small set of trusted paths. |
| 279 if (!download_valid) { |
| 280 for (size_t i = 0; i < arraysize(kAllowedDownloadURLPatterns); i++) { |
| 281 URLPattern pattern(URLPattern::SCHEME_HTTPS, |
| 282 kAllowedDownloadURLPatterns[i]); |
| 283 if (pattern.MatchesURL(download_url)) { |
| 284 download_valid = true; |
| 285 break; |
| 286 } |
| 287 } |
| 288 } |
| 289 |
| 290 // If the command-line gallery URL is set, then be a bit more lenient. |
| 291 GURL store_url = |
| 292 GURL(CommandLine::ForCurrentProcess()->GetSwitchValueASCII( |
| 293 switches::kAppsGalleryURL)); |
| 294 if (!store_url.is_empty()) { |
| 295 std::string store_tld = |
| 296 net::RegistryControlledDomainService::GetDomainAndRegistry(store_url); |
| 297 if (!referrer_valid) { |
| 298 std::string referrer_tld = |
| 299 net::RegistryControlledDomainService::GetDomainAndRegistry( |
| 300 referrer_url); |
| 301 // The referrer gets stripped when transitioning from https to http, |
| 302 // or when hitting an unknown test cert and that commonly happens in |
| 303 // testing environments. Given this, we allow an empty referrer when |
| 304 // the command-line flag is set. |
| 305 // Otherwise, the TLD must match the TLD of the command-line url. |
| 306 referrer_valid = referrer_url.is_empty() || (referrer_tld == store_tld); |
| 307 } |
| 308 |
| 309 if (!download_valid) { |
| 310 std::string download_tld = |
| 311 net::RegistryControlledDomainService::GetDomainAndRegistry( |
| 312 download_url); |
| 313 |
| 314 // Otherwise, the TLD must match the TLD of the command-line url. |
| 315 download_valid = (download_tld == store_tld); |
| 316 } |
| 317 } |
| 318 |
| 319 return (referrer_valid && download_valid); |
| 320 } |
| 321 |
260 const Extension* ExtensionService::GetInstalledApp(const GURL& url) { | 322 const Extension* ExtensionService::GetInstalledApp(const GURL& url) { |
261 const Extension* extension = extensions_.GetExtensionOrAppByURL( | 323 const Extension* extension = extensions_.GetExtensionOrAppByURL( |
262 ExtensionURLInfo(url)); | 324 ExtensionURLInfo(url)); |
263 if (extension && extension->is_app()) | 325 if (extension && extension->is_app()) |
264 return extension; | 326 return extension; |
265 | 327 |
266 return NULL; | 328 return NULL; |
267 } | 329 } |
268 | 330 |
269 bool ExtensionService::IsInstalledApp(const GURL& url) { | 331 bool ExtensionService::IsInstalledApp(const GURL& url) { |
(...skipping 1963 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2233 const Extension* ExtensionService::GetTerminatedExtension( | 2295 const Extension* ExtensionService::GetTerminatedExtension( |
2234 const std::string& id) const { | 2296 const std::string& id) const { |
2235 return GetExtensionByIdInternal(id, false, false, true); | 2297 return GetExtensionByIdInternal(id, false, false, true); |
2236 } | 2298 } |
2237 | 2299 |
2238 const Extension* ExtensionService::GetInstalledExtension( | 2300 const Extension* ExtensionService::GetInstalledExtension( |
2239 const std::string& id) const { | 2301 const std::string& id) const { |
2240 return GetExtensionByIdInternal(id, true, true, true); | 2302 return GetExtensionByIdInternal(id, true, true, true); |
2241 } | 2303 } |
2242 | 2304 |
| 2305 const Extension* ExtensionService::GetWebStoreApp() { |
| 2306 return GetExtensionById(extension_misc::kWebStoreAppId, false); |
| 2307 } |
| 2308 |
2243 bool ExtensionService::ExtensionBindingsAllowed(const GURL& url) { | 2309 bool ExtensionService::ExtensionBindingsAllowed(const GURL& url) { |
2244 // Allow bindings for all packaged extensions and component hosted apps. | 2310 // Allow bindings for all packaged extensions and component hosted apps. |
2245 const Extension* extension = extensions_.GetExtensionOrAppByURL( | 2311 const Extension* extension = extensions_.GetExtensionOrAppByURL( |
2246 ExtensionURLInfo(url)); | 2312 ExtensionURLInfo(url)); |
2247 return extension && (!extension->is_hosted_app() || | 2313 return extension && (!extension->is_hosted_app() || |
2248 extension->location() == Extension::COMPONENT); | 2314 extension->location() == Extension::COMPONENT); |
2249 } | 2315 } |
2250 | 2316 |
2251 const SkBitmap& ExtensionService::GetOmniboxIcon( | 2317 const SkBitmap& ExtensionService::GetOmniboxIcon( |
2252 const std::string& extension_id) { | 2318 const std::string& extension_id) { |
(...skipping 323 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2576 // To coexist with certain unit tests that don't have an IO thread message | 2642 // To coexist with certain unit tests that don't have an IO thread message |
2577 // loop available at ExtensionService shutdown, we lazy-initialize this | 2643 // loop available at ExtensionService shutdown, we lazy-initialize this |
2578 // object so that those cases neither create nor destroy an | 2644 // object so that those cases neither create nor destroy an |
2579 // APIResourceController. | 2645 // APIResourceController. |
2580 CHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 2646 CHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
2581 if (!api_resource_controller_) { | 2647 if (!api_resource_controller_) { |
2582 api_resource_controller_ = new extensions::APIResourceController(); | 2648 api_resource_controller_ = new extensions::APIResourceController(); |
2583 } | 2649 } |
2584 return api_resource_controller_; | 2650 return api_resource_controller_; |
2585 } | 2651 } |
OLD | NEW |