-
Dominick Ng authored
http://crrev.com/c/768312 addresses a URL spoofing risk in permission prompts by eliding display origins in prompts from the HEAD. This means that the most significant part of the origin will be displayed if the entire origin is too long. http://crrev.com/c/677983 replaces the extension URL with the extension title when extensions request web permissions. These two CLs mean that extensions with long names have their titles elided, which is undesirable. This CL addresses the issue by not eliding the display origin if it isn't a URL. This requires a minor API change to PermissionPrompt::GetDisplayOrigin, making it return a small struct containing the display origin string and a bool indicating whether or not the string is a URL. The struct is neccesary to ensure that the bool state is calculated at the same time as the display origin. BUG=790958 TBR=tapted@chromium.org Change-Id: Icdf37feae4448f1fdd7044c7bbe690989f118023 Reviewed-on: https://chromium-review.googlesource.com/807606 Commit-Queue: Dominick Ng <dominickn@chromium.org> Reviewed-by:
Trent Apted <tapted@chromium.org> Reviewed-by:
Raymes Khoury <raymes@chromium.org> Cr-Commit-Position: refs/heads/master@{#522012}
693c964b
