15d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 25d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)// found in the LICENSE file. 45d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 55d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/policy/policy_helpers.h" 65d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 7c5cede9ae108bb15f6b7a8aea21c7e1fefa2834cBen Murdoch#include "net/base/net_errors.h" 85d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "url/gurl.h" 95d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 10effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#if defined(OS_CHROMEOS) 11effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#include "base/command_line.h" 12effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#include "chromeos/chromeos_switches.h" 13effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#endif 14effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch 155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#if !defined(OS_CHROMEOS) && !defined(OS_IOS) 16e5d81f57cb97b3b6b7fccc9c5610d21eb81db09dBen Murdoch#include "components/signin/core/browser/signin_manager.h" 175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "google_apis/gaia/gaia_urls.h" 185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#endif 195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)namespace policy { 215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 22c5cede9ae108bb15f6b7a8aea21c7e1fefa2834cBen Murdochbool OverrideBlacklistForURL(const GURL& url, bool* block, int* reason) { 23effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#if defined(OS_CHROMEOS) 24effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch // On ChromeOS browsing is only allowed once OOBE has completed. Therefore all 25effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch // requests are blocked until this condition is met. 26effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch if (CommandLine::ForCurrentProcess()->HasSwitch( 27effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch chromeos::switches::kOobeGuestSession)) { 28effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch if (!url.SchemeIs("chrome") && !url.SchemeIs("chrome-extension")) { 295c02ac1a9c1b504631c0a3d2b6e737b5d738bae1Bo Liu *reason = net::ERR_BLOCKED_ENROLLMENT_CHECK_PENDING; 30effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch *block = true; 31effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch return true; 32effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch } 33effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch } 34effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch return false; 35effb81e5f8246d0db0270817048dc992db66e9fbBen Murdoch#elif defined(OS_IOS) 365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return false; 375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#else 385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) static const char kServiceLoginAuth[] = "/ServiceLoginAuth"; 395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 40a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) *block = false; 415d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Whitelist all the signin flow URLs flagged by the SigninManager. 425d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (SigninManager::IsWebBasedSigninFlowURL(url)) 435d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return true; 445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Additionally whitelist /ServiceLoginAuth. 465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (url.GetOrigin() != GaiaUrls::GetInstance()->gaia_url().GetOrigin()) 475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return false; 485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return url.path() == kServiceLoginAuth; 505d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#endif 515d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} // namespace policy 54