| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.
h" | 5 #include "chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.
h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 350 #if defined(ENABLE_ONE_CLICK_SIGNIN) | 350 #if defined(ENABLE_ONE_CLICK_SIGNIN) |
| 351 // See if the response contains the Google-Accounts-SignIn header. If so, | 351 // See if the response contains the Google-Accounts-SignIn header. If so, |
| 352 // then the user has just finished signing in, and the server is allowing the | 352 // then the user has just finished signing in, and the server is allowing the |
| 353 // browser to suggest connecting the user's profile to the account. | 353 // browser to suggest connecting the user's profile to the account. |
| 354 OneClickSigninHelper::ShowInfoBarIfPossible(request, info->GetChildID(), | 354 OneClickSigninHelper::ShowInfoBarIfPossible(request, info->GetChildID(), |
| 355 info->GetRouteID()); | 355 info->GetRouteID()); |
| 356 #endif | 356 #endif |
| 357 | 357 |
| 358 // Build in additional protection for the chrome web store origin. | 358 // Build in additional protection for the chrome web store origin. |
| 359 GURL webstore_url(extension_urls::GetWebstoreLaunchURL()); | 359 GURL webstore_url(extension_urls::GetWebstoreLaunchURL()); |
| 360 if (request->url().DomainIs(webstore_url.host().c_str()) && | 360 if (request->url().DomainIs(webstore_url.host().c_str())) { |
| 361 StartsWithASCII(request->url().path(), webstore_url.path(), false)) { | |
| 362 net::HttpResponseHeaders* response_headers = request->response_headers(); | 361 net::HttpResponseHeaders* response_headers = request->response_headers(); |
| 363 if (!response_headers->HasHeaderValue("x-frame-options", "deny") && | 362 if (!response_headers->HasHeaderValue("x-frame-options", "deny") && |
| 364 !response_headers->HasHeaderValue("x-frame-options", "sameorigin")) { | 363 !response_headers->HasHeaderValue("x-frame-options", "sameorigin")) { |
| 365 response_headers->RemoveHeader("x-frame-options"); | 364 response_headers->RemoveHeader("x-frame-options"); |
| 366 response_headers->AddHeader("x-frame-options: sameorigin"); | 365 response_headers->AddHeader("x-frame-options: sameorigin"); |
| 367 } | 366 } |
| 368 } | 367 } |
| 369 | 368 |
| 370 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); | 369 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); |
| 371 if (io_data->resource_prefetch_predictor_observer()) | 370 if (io_data->resource_prefetch_predictor_observer()) |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 458 if (base::Base64Encode(serialized, &hashed)) { | 457 if (base::Base64Encode(serialized, &hashed)) { |
| 459 // If successful, swap the header value with the new one. | 458 // If successful, swap the header value with the new one. |
| 460 // Note that the list of IDs and the header could be temporarily out of sync | 459 // Note that the list of IDs and the header could be temporarily out of sync |
| 461 // if IDs are added as the header is recreated. The receiving servers are OK | 460 // if IDs are added as the header is recreated. The receiving servers are OK |
| 462 // with such descrepancies. | 461 // with such descrepancies. |
| 463 variation_ids_header_ = hashed; | 462 variation_ids_header_ = hashed; |
| 464 } else { | 463 } else { |
| 465 DVLOG(1) << "Failed to base64 encode Variation IDs value: " << serialized; | 464 DVLOG(1) << "Failed to base64 encode Variation IDs value: " << serialized; |
| 466 } | 465 } |
| 467 } | 466 } |
| OLD | NEW |