[Kiosk] Do not use launch_url if it has different origin

To avoid potential risks, do not update launch url if its origin does not much the one provided by policy. Bug: 1046260 Change-Id: Ifa82de2eb45ada3bd9a68351ffbbf88324d9f9fb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2027849 Commit-Queue: Anatoliy Potapchuk <apotapchuk@chromium.org> Reviewed-by: Sergey Poromov <poromov@chromium.org> Cr-Commit-Position: refs/heads/master@{#737295}

[Kiosk] Do not use launch_url if it has different origin
To avoid potential risks, do not update launch url if its origin does not much the one provided by policy. Bug: 1046260 Change-Id: Ifa82de2eb45ada3bd9a68351ffbbf88324d9f9fb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2027849 Commit-Queue: Anatoliy Potapchuk <apotapchuk@chromium.org> Reviewed-by: Sergey Poromov <poromov@chromium.org> Cr-Commit-Position: refs/heads/master@{#737295}
5c61d15d · Anatoliy Potapchuk · Commit Bot · cffcbc6f · 5c61d15d · 5c61d15d
Commit 5c61d15d authored Jan 31, 2020 by Anatoliy Potapchuk Committed by Commit Bot Jan 31, 2020
2 changed files
--- a/chrome/browser/chromeos/app_mode/web_app/web_kiosk_app_launcher.cc
+++ b/chrome/browser/chromeos/app_mode/web_app/web_kiosk_app_launcher.cc
@@ -8,6 +8,7 @@
 #include "ash/public/cpp/window_pin_type.h"
 #include "ash/public/cpp/window_properties.h"
 #include "base/bind.h"
+#include "base/logging.h"
 #include "chrome/browser/chromeos/app_mode/web_app/web_kiosk_app_data.h"
 #include "chrome/browser/chromeos/app_mode/web_app/web_kiosk_app_manager.h"
 #include "chrome/browser/extensions/api/tabs/tabs_util.h"
@@ -20,6 +21,7 @@
 #include "components/account_id/account_id.h"
 #include "ui/aura/window.h"
 #include "ui/base/page_transition_types.h"
+#include "url/origin.h"
 namespace chromeos {
@@ -60,6 +62,13 @@ void WebKioskAppLauncher::ContinueWithNetworkReady() {
                     weak_ptr_factory_.GetWeakPtr()));
 }
+const WebKioskAppData* WebKioskAppLauncher::GetCurrentApp() const {
+  const WebKioskAppData* app =
+      WebKioskAppManager::Get()->GetAppByAccountId(account_id_);
+  DCHECK(app);
+  return app;
+}
 void WebKioskAppLauncher::OnAppDataObtained(
    std::unique_ptr<WebApplicationInfo> app_info) {
  if (!app_info) {
@@ -68,6 +77,15 @@ void WebKioskAppLauncher::OnAppDataObtained(
    return;
  }
+  // When received |app_info->app_url| origin does not match the origin of
+  // |install_url|, fail.
+  if (url::Origin::Create(GetCurrentApp()->install_url()) !=
+      url::Origin::Create(app_info->app_url)) {
+    VLOG(1) << "Origin of the app does not match the origin of install url";
+    delegate_->OnAppLaunchFailed();
+    return;
+  }
  WebKioskAppManager::Get()->UpdateAppByAccountId(account_id_,
                                                  std::move(app_info));
  delegate_->OnAppPrepared();
@@ -75,9 +93,7 @@ void WebKioskAppLauncher::OnAppDataObtained(
 void WebKioskAppLauncher::LaunchApp() {
  DCHECK(!browser_);
-  const WebKioskAppData* app =
+  const WebKioskAppData* app = GetCurrentApp();
-      WebKioskAppManager::Get()->GetAppByAccountId(account_id_);
-  DCHECK(app);
  GURL url = app->status() == WebKioskAppData::STATUS_INSTALLED
                 ? app->launch_url()

--- a/chrome/browser/chromeos/app_mode/web_app/web_kiosk_app_launcher.h
+++ b/chrome/browser/chromeos/app_mode/web_app/web_kiosk_app_launcher.h
@@ -27,6 +27,8 @@ class WebAppUrlLoader;
 namespace chromeos {
+class WebKioskAppData;
 // Object responsible for preparing and launching web kiosk app. Is destroyed
 // upon app launch.
 class WebKioskAppLauncher {
@@ -59,6 +61,8 @@ class WebKioskAppLauncher {
 private:
  void OnAppDataObtained(std::unique_ptr<WebApplicationInfo> app_info);
+  const WebKioskAppData* GetCurrentApp() const;
  bool is_installed_ = false;  // Whether the installation was completed.
  AccountId account_id_;
  Profile* const profile_;