Enforce HTTPS URLs to show app banners.

BUG=459773 Review URL: https://codereview.chromium.org/932703006 Cr-Commit-Position: refs/heads/master@{#317116}

Enforce HTTPS URLs to show app banners.
BUG=459773 Review URL: https://codereview.chromium.org/932703006 Cr-Commit-Position: refs/heads/master@{#317116}
6f401eef · tedchoc · Commit bot · 0acea6ae · 6f401eef · 6f401eef
Commit 6f401eef authored Feb 19, 2015 by tedchoc Committed by Commit bot Feb 19, 2015
4 changed files
--- a/chrome/android/java/src/org/chromium/chrome/browser/banners/AppBannerManager.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/banners/AppBannerManager.java
@@ -140,6 +140,12 @@ public class AppBannerManager extends EmptyTabObserver {
        nativeSetTimeDeltaForTesting(days);
    }
+    /** Disables the HTTPS scheme requirement for testing. */
+    @VisibleForTesting
+    static void disableSecureSchemeCheckForTesting() {
+        nativeDisableSecureSchemeCheckForTesting();
+    }
    /** Returns whether a BitmapFetcher is actively retrieving an app icon. */
    @VisibleForTesting
    public boolean isFetcherActiveForTesting() {
@@ -156,5 +162,6 @@ public class AppBannerManager extends EmptyTabObserver {
    // Testing methods.
    private static native void nativeSetTimeDeltaForTesting(int days);
+    private static native void nativeDisableSecureSchemeCheckForTesting();
    private native boolean nativeIsFetcherActive(long nativeAppBannerManager);
 }
--- a/chrome/android/javatests/src/org/chromium/chrome/browser/banners/AppBannerManagerTest.java
+++ b/chrome/android/javatests/src/org/chromium/chrome/browser/banners/AppBannerManagerTest.java
@@ -93,6 +93,7 @@ public class AppBannerManagerTest extends ChromeShellTestBase {
        mActivityTab = getActivity().getActiveTab();
        mInfoBarContainer = mActivityTab.getInfoBarContainer();
        mAppBannerManager = mActivityTab.getAppBannerManagerForTesting();
+        AppBannerManager.disableSecureSchemeCheckForTesting();
    }
    private boolean waitUntilNoInfoBarsExist() throws Exception {

--- a/chrome/browser/android/banners/app_banner_manager.cc
+++ b/chrome/browser/android/banners/app_banner_manager.cc
@@ -44,6 +44,7 @@ using base::android::ConvertUTF16ToJavaString;
 namespace {
 const char kBannerTag[] = "google-play-id";
 base::TimeDelta gTimeDeltaForTesting;
+bool gDisableSecureCheckForTesting = false;
 }  // namespace
 namespace banners {
@@ -132,6 +133,11 @@ void AppBannerManager::DidFinishLoad(
    return;
  validated_url_ = validated_url;
+  // A secure scheme is required to show banners, so exit early if we see the
+  // URL is invalid.
+  if (!validated_url_.SchemeIsSecure() && !gDisableSecureCheckForTesting)
+    return;
  // See if the page has a manifest. Using Unretained(this) here is safe as the
  // lifetime of this object extends beyond the lifetime of the web_contents(),
  // and when web_contents() is destroyed it will call OnDidGetManifest.
@@ -363,6 +369,10 @@ void SetTimeDeltaForTesting(JNIEnv* env, jclass clazz, jint days) {
  gTimeDeltaForTesting = base::TimeDelta::FromDays(days);
 }
+void DisableSecureSchemeCheckForTesting(JNIEnv* env, jclass clazz) {
+  gDisableSecureCheckForTesting = true;
+}
 // Register native methods
 bool RegisterAppBannerManager(JNIEnv* env) {
  return RegisterNativesImpl(env);

--- a/chrome/browser/banners/app_banner_settings_helper_unittest.cc
+++ b/chrome/browser/banners/app_banner_settings_helper_unittest.cc
@@ -9,7 +9,7 @@
 namespace {
-const char kTestURL[] = "http://www.google.com";
+const char kTestURL[] = "https://www.google.com";
 const char kTestPackageName[] = "test.package";
 base::Time GetReferenceTime() {