[NTP] Check for allowed schemes before adding custom link

Show error message for URLs with invalid schemes, and remove leftover function that was removed. Bug: 906607 Change-Id: I6cd5a7267de3d439c1e54c01f846f03fd9247f62 Reviewed-on: https://chromium-review.googlesource.com/c/1343365Reviewed-by: Ramya Nagarajan <ramyan@chromium.org> Commit-Queue: Kristi Park <kristipark@chromium.org> Cr-Commit-Position: refs/heads/master@{#611388}

[NTP] Check for allowed schemes before adding custom link
Show error message for URLs with invalid schemes, and remove leftover function that was removed. Bug: 906607 Change-Id: I6cd5a7267de3d439c1e54c01f846f03fd9247f62 Reviewed-on: https://chromium-review.googlesource.com/c/1343365Reviewed-by: Ramya Nagarajan <ramyan@chromium.org> Commit-Queue: Kristi Park <kristipark@chromium.org> Cr-Commit-Position: refs/heads/master@{#611388}
0bb60b09 · Kristi Park · Commit Bot · 36a1b5d4 · 0bb60b09 · 0bb60b09
Commit 0bb60b09 authored Nov 27, 2018 by Kristi Park Committed by Commit Bot Nov 27, 2018
3 changed files
--- a/chrome/browser/resources/local_ntp/custom_links_edit.js
+++ b/chrome/browser/resources/local_ntp/custom_links_edit.js
@@ -134,9 +134,9 @@ function finishEditLink() {
  if (urlValue != prepopulatedLink.url) {
    newUrl = chrome.embeddedSearch.newTabPage.fixupAndValidateUrl(urlValue);
    // Show error message for invalid urls.
-    if (!newUrl) {
+    if (!newUrl || (newUrl && !utils.isSchemeAllowed(newUrl))) {
      showInvalidUrlUntilTextInput();
-      disableSubmitUntilTextInput();
+      $(IDS.DONE).disabled = true;  // Disable submit until text input.
      return;
    }
  }

--- a/chrome/browser/resources/local_ntp/most_visited_single.js
+++ b/chrome/browser/resources/local_ntp/most_visited_single.js
@@ -648,16 +648,6 @@ function setupReorder(tile) {
 }


-/**
- * Returns whether the given URL has a known, safe scheme.
- * @param {string} url URL to check.
- */
-var isSchemeAllowed = function(url) {
-  return url.startsWith('http://') || url.startsWith('https://') ||
-      url.startsWith('ftp://') || url.startsWith('chrome-extension://');
-};
-
-
 /**
 * Renders a MostVisited tile to the DOM.
 * @param {object} data Object containing rid, url, title, favicon, thumbnail,
@@ -695,7 +685,7 @@ var renderMostVisitedTile = function(data) {
  tile.className = 'mv-tile';
  tile.setAttribute('data-tid', data.tid);

-  if (isSchemeAllowed(data.url)) {
+  if (utils.isSchemeAllowed(data.url)) {
    tile.href = data.url;
  }
  tile.setAttribute('aria-label', data.title);
@@ -852,7 +842,7 @@ function renderMaterialDesignTile(data) {
  mdTile.tabIndex = 0;
  mdTile.setAttribute('data-tid', data.tid);
  mdTile.setAttribute('data-pos', position);
-  if (isSchemeAllowed(data.url)) {
+  if (utils.isSchemeAllowed(data.url)) {
    mdTile.href = data.url;
  }
  mdTile.setAttribute('aria-label', data.title);

--- a/chrome/browser/resources/local_ntp/utils.js
+++ b/chrome/browser/resources/local_ntp/utils.js
@@ -32,3 +32,13 @@ utils.disableOutlineOnMouseClick = function(element) {
    }, {once: true});
  });
 };
+
+
+/**
+ * Returns whether the given URL has a known, safe scheme.
+ * @param {string} url URL to check.
+ */
+utils.isSchemeAllowed = function(url) {
+  return url.startsWith('http://') || url.startsWith('https://') ||
+      url.startsWith('ftp://') || url.startsWith('chrome-extension://');
+};