1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/extensions/webstore_inline_installer.h"
#include "base/strings/stringprintf.h"
#include "chrome/browser/profiles/profile.h"
#include "content/public/browser/web_contents.h"
using content::WebContents;
namespace extensions {
const char kInvalidWebstoreResponseError[] = "Invalid Chrome Web Store reponse";
const char kNoVerifiedSitesError[] =
"Inline installs can only be initiated for Chrome Web Store items that "
"have one or more verified sites";
const char kNotFromVerifiedSitesError[] =
"Installs can only be initiated by one of the Chrome Web Store item's "
"verified sites";
const char kInlineInstallSupportedError[] =
"Inline installation is not supported for this item. The user will be "
"redirected to the Chrome Web Store.";
WebstoreInlineInstaller::WebstoreInlineInstaller(
content::WebContents* web_contents,
const std::string& webstore_item_id,
const GURL& requestor_url,
const Callback& callback)
: WebstoreStandaloneInstaller(
webstore_item_id,
Profile::FromBrowserContext(web_contents->GetBrowserContext()),
callback),
content::WebContentsObserver(web_contents),
requestor_url_(requestor_url) {
}
WebstoreInlineInstaller::~WebstoreInlineInstaller() {}
// static
bool WebstoreInlineInstaller::IsRequestorPermitted(
const base::DictionaryValue& webstore_data,
const GURL& requestor_url,
std::string* error) {
// Ensure that there is at least one verified site present.
const bool data_has_single_site = webstore_data.HasKey(kVerifiedSiteKey);
const bool data_has_site_list = webstore_data.HasKey(kVerifiedSitesKey);
if (!data_has_single_site && !data_has_site_list) {
*error = kNoVerifiedSitesError;
return false;
}
bool requestor_is_ok = false;
// Handle the deprecated single-site case.
if (!data_has_site_list) {
std::string verified_site;
if (!webstore_data.GetString(kVerifiedSiteKey, &verified_site)) {
*error = kInvalidWebstoreResponseError;
return false;
}
requestor_is_ok = IsRequestorURLInVerifiedSite(requestor_url,
verified_site);
} else {
const base::ListValue* verified_sites = NULL;
if (!webstore_data.GetList(kVerifiedSitesKey, &verified_sites)) {
*error = kInvalidWebstoreResponseError;
return false;
}
for (base::ListValue::const_iterator it = verified_sites->begin();
it != verified_sites->end() && !requestor_is_ok; ++it) {
std::string verified_site;
if (!(*it)->GetAsString(&verified_site)) {
*error = kInvalidWebstoreResponseError;
return false;
}
if (IsRequestorURLInVerifiedSite(requestor_url, verified_site)) {
requestor_is_ok = true;
}
}
}
if (!requestor_is_ok) {
*error = kNotFromVerifiedSitesError;
return false;
}
*error = "";
return true;
}
bool WebstoreInlineInstaller::CheckRequestorAlive() const {
// The tab may have gone away - cancel installation in that case.
return web_contents() != NULL;
}
const GURL& WebstoreInlineInstaller::GetRequestorURL() const {
return requestor_url_;
}
scoped_refptr<ExtensionInstallPrompt::Prompt>
WebstoreInlineInstaller::CreateInstallPrompt() const {
scoped_refptr<ExtensionInstallPrompt::Prompt> prompt(
new ExtensionInstallPrompt::Prompt(
ExtensionInstallPrompt::INLINE_INSTALL_PROMPT));
// crbug.com/260742: Don't display the user count if it's zero. The reason
// it's zero is very often that the number isn't actually being counted
// (intentionally), which means that it's unlikely to be correct.
prompt->SetWebstoreData(localized_user_count(),
show_user_count(),
average_rating(),
rating_count());
return prompt;
}
bool WebstoreInlineInstaller::ShouldShowPostInstallUI() const {
return true;
}
bool WebstoreInlineInstaller::ShouldShowAppInstalledBubble() const {
return true;
}
WebContents* WebstoreInlineInstaller::GetWebContents() const {
return web_contents();
}
bool WebstoreInlineInstaller::CheckInlineInstallPermitted(
const base::DictionaryValue& webstore_data,
std::string* error) const {
// The store may not support inline installs for this item, in which case
// we open the store-provided redirect URL in a new tab and abort the
// installation process.
bool inline_install_not_supported = false;
if (webstore_data.HasKey(kInlineInstallNotSupportedKey)
&& !webstore_data.GetBoolean(kInlineInstallNotSupportedKey,
&inline_install_not_supported)) {
*error = kInvalidWebstoreResponseError;
return false;
}
if (inline_install_not_supported) {
std::string redirect_url;
if (!webstore_data.GetString(kRedirectUrlKey, &redirect_url)) {
*error = kInvalidWebstoreResponseError;
return false;
}
web_contents()->OpenURL(
content::OpenURLParams(
GURL(redirect_url),
content::Referrer(web_contents()->GetURL(),
blink::WebReferrerPolicyDefault),
NEW_FOREGROUND_TAB, ui::PAGE_TRANSITION_AUTO_BOOKMARK, false));
*error = kInlineInstallSupportedError;
return false;
}
*error = "";
return true;
}
bool WebstoreInlineInstaller::CheckRequestorPermitted(
const base::DictionaryValue& webstore_data,
std::string* error) const {
return IsRequestorPermitted(webstore_data, requestor_url_, error);
}
//
// Private implementation.
//
void WebstoreInlineInstaller::WebContentsDestroyed() {
AbortInstall();
}
// static
bool WebstoreInlineInstaller::IsRequestorURLInVerifiedSite(
const GURL& requestor_url,
const std::string& verified_site) {
// Turn the verified site into a URL that can be parsed by URLPattern.
// |verified_site| must follow the format:
//
// [scheme://]host[:port][/path/specifier]
//
// If scheme is omitted, URLPattern will match against either an
// HTTP or HTTPS requestor. If scheme is specified, it must be either HTTP
// or HTTPS, and URLPattern will only match the scheme specified.
GURL verified_site_url(verified_site);
int valid_schemes = URLPattern::SCHEME_HTTP | URLPattern::SCHEME_HTTPS;
if (!verified_site_url.is_valid() || !verified_site_url.IsStandard())
// If no scheme is specified, GURL will fail to parse the string correctly.
// It will either determine that the URL is invalid, or parse a
// host:port/path as scheme:host/path.
verified_site_url = GURL("http://" + verified_site);
else if (verified_site_url.SchemeIs("http"))
valid_schemes = URLPattern::SCHEME_HTTP;
else if (verified_site_url.SchemeIs("https"))
valid_schemes = URLPattern::SCHEME_HTTPS;
else
return false;
std::string port_spec =
verified_site_url.has_port() ? ":" + verified_site_url.port() : "";
std::string path_spec = verified_site_url.path() + "*";
std::string verified_site_pattern_spec =
base::StringPrintf(
"%s://*.%s%s%s",
verified_site_url.scheme().c_str(),
verified_site_url.host().c_str(),
port_spec.c_str(),
path_spec.c_str());
URLPattern verified_site_pattern(valid_schemes);
URLPattern::ParseResult parse_result =
verified_site_pattern.Parse(verified_site_pattern_spec);
if (parse_result != URLPattern::PARSE_SUCCESS) {
DLOG(WARNING) << "Could not parse " << verified_site_pattern_spec <<
" as URL pattern " << parse_result;
return false;
}
verified_site_pattern.SetScheme("*");
return verified_site_pattern.MatchesURL(requestor_url);
}
} // namespace extensions
|
