diff options
Diffstat (limited to 'chrome/browser/extensions/crx_installer.cc')
| -rw-r--r-- | chrome/browser/extensions/crx_installer.cc | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/chrome/browser/extensions/crx_installer.cc b/chrome/browser/extensions/crx_installer.cc index 3609320..70f8146 100644 --- a/chrome/browser/extensions/crx_installer.cc +++ b/chrome/browser/extensions/crx_installer.cc @@ -43,7 +43,7 @@ CrxInstaller::CrxInstaller(const FilePath& install_directory, install_source_(Extension::INTERNAL), delete_source_(false), allow_privilege_increase_(false), - force_web_origin_to_download_url_(false), + limit_web_extent_to_download_host_(false), create_app_shortcut_(false), frontend_(frontend), client_(client) { @@ -84,10 +84,6 @@ void CrxInstaller::InstallCrx(const FilePath& source_file) { g_browser_process->resource_dispatcher_host(), this)); - if (force_web_origin_to_download_url_) { - unpacker->set_web_origin(original_url_.GetOrigin()); - } - ChromeThread::PostTask( ChromeThread::FILE, FROM_HERE, NewRunnableMethod( @@ -164,6 +160,22 @@ void CrxInstaller::OnUnpackSuccess(const FilePath& temp_dir, return; } + // Require that apps are served from the domain they claim in their extent, + // or some ancestor domain. + if (extension_->is_app() && limit_web_extent_to_download_host_) { + URLPattern pattern; + pattern.set_host(original_url_.host()); + pattern.set_match_subdomains(true); + + for (size_t i = 0; i < extension_->web_extent().patterns().size(); ++i) { + if (!pattern.MatchesHost(extension_->web_extent().patterns()[i].host())) { + ReportFailureFromFileThread(StringPrintf( + "Apps must be served from the host that they affect.")); + return; + } + } + } + if (client_ || extension_->GetFullLaunchURL().is_valid()) { Extension::DecodeIcon(extension_.get(), Extension::EXTENSION_ICON_LARGE, &install_icon_); @@ -185,13 +197,11 @@ void CrxInstaller::ConfirmInstall() { GURL overlapping_url; Extension* overlapping_extension = - frontend_->GetExtensionByOverlappingWebExtent( - extension_->web_extent(), &overlapping_url); + frontend_->GetExtensionByOverlappingWebExtent(extension_->web_extent()); if (overlapping_extension) { ReportFailureFromUIThread(l10n_util::GetStringFUTF8( IDS_EXTENSION_OVERLAPPING_WEB_EXTENT, - UTF8ToUTF16(overlapping_extension->name()), - UTF8ToUTF16(overlapping_url.spec()))); + UTF8ToUTF16(overlapping_extension->name()))); return; } |