Google Git
Sign in
chromium / chromium / src.git / 1deace22c69c99286d99bf6d621c1dd405b5ef71^! / . / chrome / browser / chrome_content_browser_client.cc
commit1deace22c69c99286d99bf6d621c1dd405b5ef71[log] [tgz]
author[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Wed May 22 06:14:46 2013
committer[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Wed May 22 06:14:46 2013
treea13585b2bbd6d74046ad90cafe2d061b80972809
parent618c6260efe070cc74c878bb2eeebc09ac89777a [diff] [blame]
Disallow extensions on the Chrome signin page.

We recognize the signin page by:
- in the browser on the UI thread, checking the renderer's process_id against SigninManager::signin_process_id.
- in the browser on the IO thread, checking the renderer's process_id against ExtensionInfoMap::signin_process_id (a cache of SigninManager's value).
- in the renderer, checking for a --signin_process command line flag.

This means we can still allow extensions on non-chrome-signin pages hosted on accounts.google.com.

BUG=220039
TEST=In a fresh Chrome profile, install the extension listed in bug comment #49. Click Hotdog menu -> Sign in to Chrome. The signin page should not be redirected away from the accounts.google.com page, and it should not have a red background. But if you navigate directly to accounts.google.com, it *should* either be redirected or have a red background.

Review URL: https://chromiumcodereview.appspot.com/15030008

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@201444 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
index 361ad7b..5d1fec5 100644
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc

@@ -34,6 +34,7 @@
 #include "chrome/browser/download/download_util.h"
 #include "chrome/browser/extensions/activity_log/activity_log.h"
 #include "chrome/browser/extensions/api/web_request/web_request_api.h"
+#include "chrome/browser/extensions/browser_permissions_policy_delegate.h"
 #include "chrome/browser/extensions/extension_host.h"
 #include "chrome/browser/extensions/extension_info_map.h"
 #include "chrome/browser/extensions/extension_process_manager.h"
@@ -479,6 +480,9 @@
 ChromeContentBrowserClient::ChromeContentBrowserClient() {
   for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i)
     allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]);
+
+  permissions_policy_delegate_.reset(
+      new extensions::BrowserPermissionsPolicyDelegate());
 }
 
 ChromeContentBrowserClient::~ChromeContentBrowserClient() {
@@ -1045,6 +1049,11 @@
         SigninManagerFactory::GetForProfile(profile);
     if (signin_manager)
       signin_manager->SetSigninProcess(site_instance->GetProcess()->GetID());
+    BrowserThread::PostTask(
+        BrowserThread::IO, FROM_HERE,
+        base::Bind(&ExtensionInfoMap::SetSigninProcess,
+                   extensions::ExtensionSystem::Get(profile)->info_map(),
+                   site_instance->GetProcess()->GetID()));
   }
 #endif