6 files changed, 33 insertions, 8 deletions

diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd
index b6b1123..c238b6f 100644
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -4556,6 +4556,9 @@ Make sure you do not expose any sensitive information.
       <message name="IDS_EXTENSION_INSTALL_KIOSK_MODE_ONLY" desc="Error displayed during installation of an app with 'kiosk_only' attribute but user is not in ChromeOS kiosk mode.">
         App with 'kiosk_only' manifest attribute must be installed in ChromeOS kiosk mode.
       </message>
+      <message name="IDS_EXTENSION_INSTALL_DISALLOW_UNTRUSTED_EXTENSION" desc="Error displayed during installation of a side-loaded extension from an untrusted source.">
+        Cannot install untrusted extension with ID "<ph name="IMPORT_ID">$1<ex>aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa</ex></ph>."
+      </message>
       <message name="IDS_EXTENSION_OVERLAPPING_WEB_EXTENT" desc="Error message when a user tries to install an app with a web extent that overlaps another installed app.">
         Could not add application because it conflicts with "<ph name="APP_NAME">$1<ex>Google Mail</ex></ph>".
       </message>
diff --git a/chrome/browser/extensions/external_provider_impl.cc b/chrome/browser/extensions/external_provider_impl.cc
index 271d0a4..13914f4 100644
--- a/chrome/browser/extensions/external_provider_impl.cc
+++ b/chrome/browser/extensions/external_provider_impl.cc
@@ -66,6 +66,7 @@ const char ExternalProviderImpl::kIsFromWebstore[] = "is_from_webstore";
 const char ExternalProviderImpl::kKeepIfPresent[] = "keep_if_present";
 const char ExternalProviderImpl::kWasInstalledByOem[] = "was_installed_by_oem";
 const char ExternalProviderImpl::kSupportedLocales[] = "supported_locales";
+const char ExternalProviderImpl::kMayBeUntrusted[] = "may_be_untrusted";
 
 ExternalProviderImpl::ExternalProviderImpl(
     VisitorInterface* service,
@@ -204,12 +205,12 @@ void ExternalProviderImpl::SetPrefs(base::DictionaryValue* prefs) {
         is_bookmark_app) {
       creation_flags |= Extension::FROM_BOOKMARK;
     }
-    bool is_from_webstore;
+    bool is_from_webstore = false;
     if (extension->GetBoolean(kIsFromWebstore, &is_from_webstore) &&
         is_from_webstore) {
       creation_flags |= Extension::FROM_WEBSTORE;
     }
-    bool keep_if_present;
+    bool keep_if_present = false;
     if (extension->GetBoolean(kKeepIfPresent, &keep_if_present) &&
         keep_if_present && profile_) {
       ExtensionServiceInterface* extension_service =
@@ -223,11 +224,16 @@ void ExternalProviderImpl::SetPrefs(base::DictionaryValue* prefs) {
         continue;
       }
     }
-    bool was_installed_by_oem;
+    bool was_installed_by_oem = false;
     if (extension->GetBoolean(kWasInstalledByOem, &was_installed_by_oem) &&
         was_installed_by_oem) {
       creation_flags |= Extension::WAS_INSTALLED_BY_OEM;
     }
+    bool may_be_untrusted = false;
+    if (extension->GetBoolean(kMayBeUntrusted, &may_be_untrusted) &&
+        may_be_untrusted) {
+      creation_flags |= Extension::MAY_BE_UNTRUSTED;
+    }
 
     std::string install_parameter;
     extension->GetString(kInstallParam, &install_parameter);
diff --git a/chrome/browser/extensions/external_provider_impl.h b/chrome/browser/extensions/external_provider_impl.h
index 0a148a4..a0e960a 100644
--- a/chrome/browser/extensions/external_provider_impl.h
+++ b/chrome/browser/extensions/external_provider_impl.h
@@ -73,6 +73,7 @@ class ExternalProviderImpl : public ExternalProviderInterface {
   static const char kKeepIfPresent[];
   static const char kSupportedLocales[];
   static const char kWasInstalledByOem[];
+  static const char kMayBeUntrusted[];
 
   void set_auto_acknowledge(bool auto_acknowledge) {
     auto_acknowledge_ = auto_acknowledge;
diff --git a/chrome/browser/extensions/external_registry_loader_win.cc b/chrome/browser/extensions/external_registry_loader_win.cc
index c5f10a4..6de5441 100644
--- a/chrome/browser/extensions/external_registry_loader_win.cc
+++ b/chrome/browser/extensions/external_registry_loader_win.cc
@@ -10,6 +10,7 @@
 #include "base/files/scoped_file.h"
 #include "base/metrics/histogram.h"
 #include "base/strings/string_util.h"
+#include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/time/time.h"
 #include "base/values.h"
@@ -43,6 +44,11 @@ bool CanOpenFileForReading(const base::FilePath& path) {
   return file_handle.get() != NULL;
 }
 
+std::string MakePrefName(const std::string& extension_id,
+                         const std::string& pref_name) {
+  return base::StringPrintf("%s.%s", extension_id.c_str(), pref_name.c_str());
+}
+
 }  // namespace
 
 namespace extensions {
@@ -100,7 +106,7 @@ void ExternalRegistryLoader::LoadOnFileThread() {
     base::string16 extension_dist_id;
     if (key.ReadValue(kRegistryExtensionInstallParam, &extension_dist_id) ==
         ERROR_SUCCESS) {
-      prefs->SetString(id + "." + ExternalProviderImpl::kInstallParam,
+      prefs->SetString(MakePrefName(id, ExternalProviderImpl::kInstallParam),
                        base::UTF16ToASCII(extension_dist_id));
     }
 
@@ -110,7 +116,7 @@ void ExternalRegistryLoader::LoadOnFileThread() {
     if (key.ReadValue(kRegistryExtensionUpdateUrl, &extension_update_url)
         == ERROR_SUCCESS) {
       prefs->SetString(
-          id + "." + ExternalProviderImpl::kExternalUpdateUrl,
+          MakePrefName(id, ExternalProviderImpl::kExternalUpdateUrl),
           base::UTF16ToASCII(extension_update_url));
       continue;
     }
@@ -164,11 +170,14 @@ void ExternalRegistryLoader::LoadOnFileThread() {
     }
 
     prefs->SetString(
-        id + "." + ExternalProviderImpl::kExternalVersion,
+        MakePrefName(id, ExternalProviderImpl::kExternalVersion),
         base::UTF16ToASCII(extension_version));
     prefs->SetString(
-        id + "." + ExternalProviderImpl::kExternalCrx,
+        MakePrefName(id, ExternalProviderImpl::kExternalCrx),
         extension_path_str);
+    prefs->SetBoolean(
+        MakePrefName(id, ExternalProviderImpl::kMayBeUntrusted),
+        true);
   }
 
   prefs_.reset(prefs.release());
diff --git a/extensions/common/extension.cc b/extensions/common/extension.cc
index eb912e9..c9562af 100644
--- a/extensions/common/extension.cc
+++ b/extensions/common/extension.cc
@@ -67,7 +67,7 @@ bool ContainsReservedCharacters(const base::FilePath& path) {
 
 }  // namespace
 
-const int Extension::kInitFromValueFlagBits = 12;
+const int Extension::kInitFromValueFlagBits = 13;
 
 const char Extension::kMimeType[] = "application/x-chrome-extension";
 
diff --git a/extensions/common/extension.h b/extensions/common/extension.h
index 47f85f3..de0e2f5 100644
--- a/extensions/common/extension.h
+++ b/extensions/common/extension.h
@@ -166,6 +166,12 @@ class Extension : public base::RefCountedThreadSafe<Extension> {
     // custodian of a supervised user.
     WAS_INSTALLED_BY_CUSTODIAN = 1 << 11,
 
+    // |MAY_BE_UNTRUSTED| indicates that this extension came from a potentially
+    // unsafe source (e.g., sideloaded from a local CRX file via the Windows
+    // registry). Such extensions may be subjected to additional constraints
+    // before they are fully installed and enabled.
+    MAY_BE_UNTRUSTED = 1 << 12,
+
     // When adding new flags, make sure to update kInitFromValueFlagBits.
   };