Google Git
Sign in
chromium / chromium / src / 05aad2da76c3041ffa80c961e225aa12abfc1fc0^! / . / chrome / browser / extensions / extension_service.cc
commit05aad2da76c3041ffa80c961e225aa12abfc1fc0[log] [tgz]
author[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Fri Oct 28 10:12:37 2011
committer[email protected] <[email protected]@0039d316-1c4b-4281-b951-d872f2087c98>Fri Oct 28 10:12:37 2011
treeefa148f8f10af3831c30d0d356c334952b735501
parentd85d45f942271a29921afc34725e19707607dfcb [diff] [blame]
Exempt component and policy-installed extensions from policy blacklist check.

Component extensions and policy-installed extensions shouldn't be affected by the policy blacklist: The former are considered internal UI that happens to be part of an extension, and they should have first-class policy knobs if we want to disable them. For the latter, the admin specifying them is enough indication that they should be installed, and requiring them to explicitly white-listed in some cases is redundant.

BUG=chromium-os:16702, chromium-os:21281
TEST=On ChromeOS, configure ExtensionInstallBlacklist = * and load chrome://bookmarks


Review URL: http://codereview.chromium.org/8380006

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@107707 0039d316-1c4b-4281-b951-d872f2087c98

diff --git a/chrome/browser/extensions/extension_service.cc b/chrome/browser/extensions/extension_service.cc
index 53fac60c..531d3b6 100644
--- a/chrome/browser/extensions/extension_service.cc
+++ b/chrome/browser/extensions/extension_service.cc

@@ -7,8 +7,8 @@
 #include <algorithm>
 #include <set>
 
-#include "base/bind.h"
 #include "base/basictypes.h"
+#include "base/bind.h"
 #include "base/callback.h"
 #include "base/command_line.h"
 #include "base/file_util.h"
@@ -92,8 +92,8 @@
 #include "content/browser/plugin_service.h"
 #include "content/browser/renderer_host/render_process_host.h"
 #include "content/browser/user_metrics.h"
-#include "content/public/browser/notification_service.h"
 #include "content/common/pepper_plugin_registry.h"
+#include "content/public/browser/notification_service.h"
 #include "content/public/browser/notification_types.h"
 #include "googleurl/src/gurl.h"
 #include "net/base/registry_controlled_domain.h"
@@ -1400,7 +1400,12 @@
                                               bool write_to_prefs) {
   std::string error;
   scoped_refptr<const Extension> extension(NULL);
-  if (!extension_prefs_->IsExtensionAllowedByPolicy(info.extension_id)) {
+
+  // An explicit check against policy is required to behave correctly during
+  // startup.  This is because extensions that were previously OK might have
+  // been blacklisted in policy while Chrome was not running.
+  if (!extension_prefs_->IsExtensionAllowedByPolicy(info.extension_id,
+                                                    info.extension_location)) {
     error = errors::kDisabledByPolicy;
   } else if (info.extension_manifest.get()) {
     extension = Extension::Create(
@@ -1694,8 +1699,10 @@
   for (ExtensionList::const_iterator iter = extensions_.begin();
        iter != extensions_.end(); ++iter) {
     const Extension* extension = (*iter);
-    if (!extension_prefs_->IsExtensionAllowedByPolicy(extension->id()))
+    if (!extension_prefs_->IsExtensionAllowedByPolicy(extension->id(),
+                                                      extension->location())) {
       to_be_removed.push_back(extension->id());
+    }
   }
 
   // UnloadExtension will change the extensions_ list. So, we should