[nacl] Dropping whitelist of G+ Photos.

This is no longer needed as the app has been turned off.

BUG=None
TEST=None
R=jschuh@chromium.org,sky@chromium.org

Review-Url: https://codereview.chromium.org/2711003003
Cr-Commit-Position: refs/heads/master@{#453255}

chrome/renderer/app_categorizer.cc

@@ -20,11 +20,6 @@ const char* const kPredefinedHangoutsDomains[] = {
   "plus.sandbox.google.com"
 };
 
-const char* const kPredefinedPlusDomains[] = {
-  "plus.google.com",
-  "plus.sandbox.google.com"
-};
-
 bool IsInWhitelistedDomain(
     const GURL& url, const char* const domains[], size_t number_of_domains) {
   for (size_t i = 0; i < number_of_domains; ++i) {
@@ -55,19 +50,6 @@ bool AppCategorizer::IsWhitelistedApp(
   if (!app_url.SchemeIsCryptographic())
     return false;
 
-  std::string manifest_url_path = manifest_url.path();
-  bool is_photo_app =
-      manifest_url.SchemeIsCryptographic() &&
-      manifest_url.DomainIs("ssl.gstatic.com") &&
-      (base::StartsWith(manifest_url_path, "/s2/oz/nacl/",
-                        base::CompareCase::SENSITIVE) ||
-       base::StartsWith(manifest_url_path, "/photos/nacl/",
-                        base::CompareCase::SENSITIVE)) &&
-      IsInWhitelistedDomain(
-          app_url,
-          kPredefinedPlusDomains,
-          arraysize(kPredefinedPlusDomains));
-
   bool is_hangouts_app =
       manifest_url.SchemeIsFileSystem() &&
       manifest_url.inner_url() != NULL &&
@@ -76,5 +58,5 @@ bool AppCategorizer::IsWhitelistedApp(
       (manifest_url.inner_url()->host() == app_url.host()) &&
       IsHangoutsUrl(app_url);
 
-  return is_photo_app || is_hangouts_app;
+  return is_hangouts_app;
 }

chrome/renderer/app_categorizer_unittest.cc

@@ -34,32 +34,6 @@ const char* kBadChatAppURLs[] = {
   "https://talkgadget.evil.com/hangouts/foo"    // domain not whitelisted
 };
 
-const char* kPhotosAppURLs[] = {
-  "https://foo.plus.google.com",
-  "https://foo.plus.sandbox.google.com"
-};
-
-const char* kPhotosManifestURLs[] = {
-  "https://ssl.gstatic.com/photos/nacl/foo",
-  "https://ssl.gstatic.com/s2/oz/nacl/foo"
-};
-
-const char* kBadPhotosAppURLs[] = {
-  "https://plus.google.com/foo",
-  "https://plus.google.com/foo",
-  "https://plus.google.com/foo",
-  "http://plus.google.com/foo", // http scheme
-  "https://plus.evil.com/foo",  // domain not whitelisted
-};
-
-const char* kBadPhotosManifestURLs[] = {
-  "http://ssl.gstatic.com/photos/nacl/foo",         // http scheme
-  "https://lss.gstatic.com/photos/nacl/foo",        // bad hostname
-  "https://ssl.gstatic.com/wrong/photos/nacl/foo",  // bad path
-  "https://ssl.gstatic.com/photos/nacl/foo",
-  "https://ssl.gstatic.com/photos/nacl/foo",
-};
-
 }  // namespace
 
 TEST(AppCategorizerTest, IsHangoutsUrl) {
@@ -101,25 +75,4 @@ TEST(AppCategorizerTest, IsWhitelistedApp) {
         GURL("filesystem:https://meet.google.com/foo"),
         GURL("https://hangouts.google.com/hangouts/foo")));
   }
-
-  // Photos app
-  {
-    EXPECT_EQ(arraysize(kPhotosAppURLs), arraysize(kPhotosManifestURLs));
-    for (size_t i = 0; i < arraysize(kPhotosAppURLs); ++i) {
-      EXPECT_TRUE(AppCategorizer::IsWhitelistedApp(
-          GURL(kPhotosManifestURLs[i]), GURL(kPhotosAppURLs[i])));
-    }
-    // The app/manifest two sides do not have any coorelation for the Photos app
-    for (size_t i = 0; i < arraysize(kPhotosAppURLs); ++i) {
-      EXPECT_TRUE(AppCategorizer::IsWhitelistedApp(
-          GURL(kPhotosManifestURLs[(i + 1) % arraysize(kPhotosAppURLs)]),
-          GURL(kPhotosAppURLs[i])));
-    }
-
-    EXPECT_EQ(arraysize(kBadPhotosAppURLs), arraysize(kBadPhotosManifestURLs));
-    for (size_t i = 0; i < arraysize(kBadPhotosAppURLs); ++i) {
-      EXPECT_FALSE(AppCategorizer::IsWhitelistedApp(
-          GURL(kBadPhotosManifestURLs[i]), GURL(kBadPhotosAppURLs[i])));
-    }
-  }
 }

chrome/renderer/chrome_content_renderer_client_unittest.cc

@@ -61,9 +61,6 @@ const bool kHostedApp = true;
 #if !defined(DISABLE_NACL)
 const char kExtensionUrl[] = "chrome-extension://extension_id/background.html";
 
-const char kPhotosAppURL[] = "https://foo.plus.google.com";
-const char kPhotosManifestURL[] = "https://ssl.gstatic.com/photos/nacl/foo";
-
 const char kChatManifestFS[] = "filesystem:https://talkgadget.google.com/foo";
 #endif
 
@@ -277,15 +274,6 @@ TEST_F(ChromeContentRendererClientTest, NaClRestriction) {
   // interfaces. There is a whitelist for the app URL and the manifest URL.
   {
     WebPluginParams params;
-    // Whitelisted Photos app is allowed (two app URLs, two manifest URLs)
-    EXPECT_TRUE(ChromeContentRendererClient::IsNaClAllowed(
-        GURL(kPhotosManifestURL),
-        GURL(kPhotosAppURL),
-        kNaClRestricted,
-        nullptr,
-        &params));
-    EXPECT_FALSE(AllowsDevInterfaces(params));
-
     // Whitelisted Chat app is allowed.
     EXPECT_TRUE(ChromeContentRendererClient::IsNaClAllowed(
         GURL(kChatManifestFS),
@@ -296,51 +284,33 @@ TEST_F(ChromeContentRendererClientTest, NaClRestriction) {
 
     // Whitelisted manifest URL, bad app URLs, NOT allowed.
     EXPECT_FALSE(ChromeContentRendererClient::IsNaClAllowed(
-        GURL(kPhotosManifestURL),
+        GURL(kChatManifestFS),
         GURL("http://plus.google.com/foo"),  // http scheme
-        kNaClRestricted,
-        nullptr,
-        &params));
+        kNaClRestricted, nullptr, &params));
     EXPECT_FALSE(ChromeContentRendererClient::IsNaClAllowed(
-        GURL(kPhotosManifestURL),
+        GURL(kChatManifestFS),
         GURL("http://plus.sandbox.google.com/foo"),  // http scheme
-        kNaClRestricted,
-        nullptr,
-        &params));
+        kNaClRestricted, nullptr, &params));
     EXPECT_FALSE(ChromeContentRendererClient::IsNaClAllowed(
-        GURL(kPhotosManifestURL),
+        GURL(kChatManifestFS),
         GURL("https://plus.google.evil.com/foo"),  // bad host
-        kNaClRestricted,
-        nullptr,
-        &params));
+        kNaClRestricted, nullptr, &params));
     // Whitelisted app URL, bad manifest URL, NOT allowed.
     EXPECT_FALSE(ChromeContentRendererClient::IsNaClAllowed(
         GURL("http://ssl.gstatic.com/s2/oz/nacl/foo"),  // http scheme
-        GURL(kPhotosAppURL),
-        kNaClRestricted,
-        nullptr,
-        &params));
+        GURL(kChatAppURL), kNaClRestricted, nullptr, &params));
     EXPECT_FALSE(ChromeContentRendererClient::IsNaClAllowed(
         GURL("https://ssl.gstatic.evil.com/s2/oz/nacl/foo"),  // bad host
-        GURL(kPhotosAppURL),
-        kNaClRestricted,
-        nullptr,
-        &params));
+        GURL(kChatAppURL), kNaClRestricted, nullptr, &params));
     EXPECT_FALSE(ChromeContentRendererClient::IsNaClAllowed(
         GURL("https://ssl.gstatic.com/wrong/s2/oz/nacl/foo"),  // bad path
-        GURL(kPhotosAppURL),
-        kNaClRestricted,
-        nullptr,
-        &params));
+        GURL(kChatAppURL), kNaClRestricted, nullptr, &params));
   }
   // Whitelisted URLs can't get 'dev' interfaces with --enable-nacl.
   {
     WebPluginParams params;
     EXPECT_TRUE(ChromeContentRendererClient::IsNaClAllowed(
-        GURL(kPhotosManifestURL),
-        GURL(kPhotosAppURL),
-        kNaClUnrestricted,
-        nullptr,
+        GURL(kChatManifestFS), GURL(kChatAppURL), kNaClUnrestricted, nullptr,
         &params));
     EXPECT_FALSE(AllowsDevInterfaces(params));
   }
@@ -350,10 +320,7 @@ TEST_F(ChromeContentRendererClientTest, NaClRestriction) {
     WebPluginParams params;
     AddFakeDevAttribute(&params);
     EXPECT_TRUE(ChromeContentRendererClient::IsNaClAllowed(
-        GURL(kPhotosManifestURL),
-        GURL(kPhotosAppURL),
-        kNaClRestricted,
-        nullptr,
+        GURL(kChatManifestFS), GURL(kChatAppURL), kNaClRestricted, nullptr,
         &params));
     EXPECT_FALSE(AllowsDevInterfaces(params));
   }