summaryrefslogtreecommitdiffstats
path: root/extensions/browser/updater
diff options
context:
space:
mode:
authorlgarron <lgarron@chromium.org>2015-05-11 19:03:15 -0700
committerCommit bot <commit-bot@chromium.org>2015-05-12 02:03:55 +0000
commit92725553228681b9b7a8fd9a9e9f324d32c12018 (patch)
tree264c4feedbd92773e3a68599425c836ea50b6cc3 /extensions/browser/updater
parent6a9b5b10ff3515adb47718fc23ebe039a9e3b9ff (diff)
downloadchromium_src-92725553228681b9b7a8fd9a9e9f324d32c12018.zip
chromium_src-92725553228681b9b7a8fd9a9e9f324d32c12018.tar.gz
chromium_src-92725553228681b9b7a8fd9a9e9f324d32c12018.tar.bz2
Switch remaining functions from SchemeIsSecure() to
SchemeIsCryptographic(). We recently introduced SchemeIsCryptographic() and IsOriginSecure(), which are meant to replace SchemeIsSecure(). IsOriginSecure() roughly means "do we trust this content not to be tampered with before it reaches the user?" [1] This is a higher-level definition that corresponds to the new "privileged contexts" spec. [2] SchemeIsCryptographic() [3] is close to the old definition of SchemeIsSecure(), and literally just checks if the scheme is a cryptographic scheme (HTTPS or WSS as of right now). The difference is that SchemeIsCryptographic() will not consider filesystem URLs secure. IsOriginSecure() should be correct for most Fizz code. [1] https://code.google.com/p/chromium/codesearch#chromium/src/content/public/common/origin_util.h&sq=package:chromium&type=cs&l=19&rcl=143099866 [2] https://www.chromium.org/Home/chromium-security/prefer-secure-origins-for-powerful-new-features and https://w3c.github.io/webappsec/specs/powerfulfeatures/ [3] https://code.google.com/p/chromium/codesearch#chromium/src/url/gurl.h&sq=package:chromium&type=cs&l=250&rcl=1430998666 BUG=362214 Review URL: https://codereview.chromium.org/1136643004 Cr-Commit-Position: refs/heads/master@{#329310}
Diffstat (limited to 'extensions/browser/updater')
-rw-r--r--extensions/browser/updater/extension_downloader.cc8
1 files changed, 4 insertions, 4 deletions
diff --git a/extensions/browser/updater/extension_downloader.cc b/extensions/browser/updater/extension_downloader.cc
index 87958ae..1c3a9a9 100644
--- a/extensions/browser/updater/extension_downloader.cc
+++ b/extensions/browser/updater/extension_downloader.cc
@@ -279,7 +279,7 @@ void ExtensionDownloader::StartBlacklistUpdate(
// by a public key signature like .crx files are.
scoped_ptr<ManifestFetchData> blacklist_fetch(CreateManifestFetchData(
extension_urls::GetWebstoreUpdateUrl(), request_id));
- DCHECK(blacklist_fetch->base_url().SchemeIsSecure());
+ DCHECK(blacklist_fetch->base_url().SchemeIsCryptographic());
blacklist_fetch->AddExtension(kBlacklistAppID,
version,
&ping_data,
@@ -313,7 +313,7 @@ bool ExtensionDownloader::AddExtensionData(
// Make sure we use SSL for store-hosted extensions.
if (extension_urls::IsWebstoreUpdateUrl(update_url) &&
- !update_url.SchemeIsSecure())
+ !update_url.SchemeIsCryptographic())
update_url = extension_urls::GetWebstoreUpdateUrl();
// Skip extensions with empty IDs.
@@ -589,7 +589,7 @@ void ExtensionDownloader::HandleManifestResults(
DCHECK(extension_urls::IsBlacklistUpdateUrl(crx_url)) << crx_url;
// Force https (crbug.com/129587).
- if (!crx_url.SchemeIsSecure()) {
+ if (!crx_url.SchemeIsCryptographic()) {
url::Replacements<char> replacements;
std::string scheme("https");
replacements.SetScheme(scheme.c_str(),
@@ -766,7 +766,7 @@ void ExtensionDownloader::CreateExtensionFetcher() {
extension_fetcher_->SetAutomaticallyRetryOnNetworkChanges(3);
int load_flags = net::LOAD_DISABLE_CACHE;
- bool is_secure = fetch->url.SchemeIsSecure();
+ bool is_secure = fetch->url.SchemeIsCryptographic();
if (fetch->credentials != ExtensionFetch::CREDENTIALS_COOKIES || !is_secure) {
load_flags |= net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SAVE_COOKIES;
}