Disallow extensions on the Chrome signin page.
We recognize the signin page by:
- in the browser on the UI thread, checking the renderer's process_id against SigninManager::signin_process_id.
- in the browser on the IO thread, checking the renderer's process_id against ExtensionInfoMap::signin_process_id (a cache of SigninManager's value).
- in the renderer, checking for a --signin_process command line flag.
This means we can still allow extensions on non-chrome-signin pages hosted on accounts.google.com.
BUG=220039
TEST=In a fresh Chrome profile, install the extension listed in bug comment #49. Click Hotdog menu -> Sign in to Chrome. The signin page should not be redirected away from the accounts.google.com page, and it should not have a red background. But if you navigate directly to accounts.google.com, it *should* either be redirected or have a red background.
Review URL: https://chromiumcodereview.appspot.com/15030008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@201444 0039d316-1c4b-4281-b951-d872f2087c98
diff --git a/chrome/browser/extensions/extension_info_map.cc b/chrome/browser/extensions/extension_info_map.cc
index ec6cff5..e7549d2 100644
--- a/chrome/browser/extensions/extension_info_map.cc
+++ b/chrome/browser/extensions/extension_info_map.cc
@@ -37,7 +37,7 @@
ExtensionInfoMap::ExtraData::~ExtraData() {}
-ExtensionInfoMap::ExtensionInfoMap() {}
+ExtensionInfoMap::ExtensionInfoMap() : signin_process_id_(-1) {}
const extensions::ProcessMap& ExtensionInfoMap::process_map() const {
return process_map_;
@@ -167,6 +167,14 @@
return quota_service_.get();
}
+void ExtensionInfoMap::SetSigninProcess(int process_id) {
+ signin_process_id_ = process_id;
+}
+
+bool ExtensionInfoMap::IsSigninProcess(int process_id) const {
+ return process_id == signin_process_id_;
+}
+
ExtensionInfoMap::~ExtensionInfoMap() {
if (quota_service_) {
BrowserThread::DeleteSoon(BrowserThread::IO, FROM_HERE,
