diff --git a/src/javascript/crypto/e2e/extension/config.js b/src/javascript/crypto/e2e/extension/config.js index 7dbbb5cd..50143928 100644 --- a/src/javascript/crypto/e2e/extension/config.js +++ b/src/javascript/crypto/e2e/extension/config.js @@ -28,9 +28,9 @@ goog.provide('e2e.ext.config'); */ e2e.ext.config = { /* The name of the cookie used to authenticate users to the keyserver. */ - AUTH_COOKIE: 'YOUR_COOKIE_HERE', + AUTH_COOKIE: 'YBY', /* Some location that has access to the auth cookie. */ - AUTH_DEFAULT_ORIGIN: 'https://us-mg5.mail.yahoo.com', + AUTH_DEFAULT_ORIGIN: 'https://mail.yahoo.com', /* The CONAME CONFIG */ CONAME: { diff --git a/src/javascript/crypto/e2e/extension/manifest.json b/src/javascript/crypto/e2e/extension/manifest.json index 840ec4e0..3d130d55 100644 --- a/src/javascript/crypto/e2e/extension/manifest.json +++ b/src/javascript/crypto/e2e/extension/manifest.json @@ -10,10 +10,11 @@ "webRequest", "webRequestBlocking", "https://localhost:25519/*", - "https://*.mail.yahoo.com/*", - "https://www.facebook.com/*/publickey/download?_rdr=p" + "https://*.mail.yahoo.com/*" + ], + "optional_permissions": [ + "https://www.facebook.com/*/publickey/download" ], - "optional_permissions": [], "background": {"scripts": ["launcher_binary.js"]}, "options_page": "settings.html", "browser_action": { @@ -28,7 +29,7 @@ "run_at": "document_end" }, { - "matches": ["https://alpha.coname.corp.yahoo.com:25519/auth/cookies"], + "matches": ["https://localhost:25519/auth/cookies"], "js": ["yAuth/cookies.js"] } ], diff --git a/src/javascript/crypto/e2e/extension/ui/panels/keyringmgmt/keyringmgmtmini.js b/src/javascript/crypto/e2e/extension/ui/panels/keyringmgmt/keyringmgmtmini.js index 556f843a..466e341e 100644 --- a/src/javascript/crypto/e2e/extension/ui/panels/keyringmgmt/keyringmgmtmini.js +++ b/src/javascript/crypto/e2e/extension/ui/panels/keyringmgmt/keyringmgmtmini.js @@ -280,7 +280,7 @@ panels.KeyringMgmtMini.prototype.enterDocument = function() { listen( goog.dom.getElementByClass(constants.CssClass.ACTION, fbImportDiv), goog.events.EventType.CLICK, - this.fbImportKey_). + this.fbImportGetPermission_). listen( goog.dom.getElementByClass( constants.CssClass.CANCEL, passphraseChangeDiv), @@ -308,7 +308,7 @@ panels.KeyringMgmtMini.prototype.enterDocument = function() { listen( keyboardHandler, goog.ui.KeyboardShortcutHandler.EventType.SHORTCUT_TRIGGERED, - this.fbImportKey_); + this.fbImportGetPermission_); }; @@ -377,6 +377,24 @@ panels.KeyringMgmtMini.prototype.importKeyring_ = function() { }; +/** + * Request for permission to access Facebook PGP key address + * @param {Event} event + * @private + */ +panels.KeyringMgmtMini.prototype.fbImportGetPermission_ = function(event) { + // Permissions must be requested from inside a user gesture, like a button's + // click handler. + chrome.permissions.request({ + origins: ['https://www.facebook.com/'] + }, goog.bind(function(granted) { + if (granted) { + this.fbImportKey_(event); + } + }, this)); +}; + + /** * Handles requests from the user to import a key from Facebook. * @param {Event} event @@ -413,7 +431,7 @@ panels.KeyringMgmtMini.prototype.fbImportKey_ = function(event) { panels.KeyringMgmtMini.prototype.sendFbRequest_ = function(username, cb, errback) { var url = ['https://www.facebook.com', username, 'publickey', - 'download?_rdr=p'].join('/'); + 'download'].join('/'); var xhr = new XMLHttpRequest(); xhr.timeout = 2000; xhr.open('GET', url, true); diff --git a/src/javascript/crypto/e2e/extension/utils/utils.js b/src/javascript/crypto/e2e/extension/utils/utils.js index b4c5a6a9..cae1f294 100644 --- a/src/javascript/crypto/e2e/extension/utils/utils.js +++ b/src/javascript/crypto/e2e/extension/utils/utils.js @@ -267,8 +267,7 @@ utils.openAuthWindow = function(email) { // TODO: url now hardcoded. support openid type var authUrl = 'https://by.bouncer.login.yahoo.com/login?url=' + - encodeURIComponent( - 'https://alpha.coname.corp.yahoo.com:25519/auth/cookies'); + encodeURIComponent(e2e.ext.config.CONAME.realms[0].addr + '/auth/cookies'); chrome.windows.create({ url: authUrl,