Merge pull request #8392 from brave/bsc-extension-verify-parity

Match Chromium behavior for extension loading

app/brave_main_delegate.cc

@@ -164,15 +164,6 @@ bool BraveMainDelegate::BasicStartupComplete(int* exit_code) {
   command_line.AppendSwitch(switches::kDisableDomainReliability);
   command_line.AppendSwitch(switches::kNoPings);
 
-  // Setting these to default values in Chromium to maintain parity
-  // See: ChromeContentVerifierDelegate::GetDefaultMode for ContentVerification
-  // See: GetStatus in install_verifier.cc for InstallVerification
-  command_line.AppendSwitchASCII(
-      switches::kExtensionContentVerification,
-      switches::kExtensionContentVerificationEnforceStrict);
-  command_line.AppendSwitchASCII(switches::kExtensionsInstallVerification,
-                                 "enforce");
-
   if (!base::CommandLine::ForCurrentProcess()->HasSwitch(
           embedder_support::kOriginTrialPublicKey)) {
     command_line.AppendSwitchASCII(embedder_support::kOriginTrialPublicKey,

browser/extensions/chrome_content_verifier_delegate_unittest.cc

@@ -0,0 +1,25 @@
+/* Copyright (c) 2021 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "chrome/browser/extensions/chrome_content_verifier_delegate.h"
+
+#include "testing/gtest/include/gtest/gtest.h"
+
+#if defined(OFFICIAL_BUILD)
+
+TEST(ChromeContentVerifierDelegateUnitTest, TestShouldEnforce) {
+  EXPECT_EQ(extensions::ChromeContentVerifierDelegate::GetDefaultMode(),
+            extensions::ChromeContentVerifierDelegate::VerifyInfo::Mode::
+                ENFORCE_STRICT);
+}
+
+#else
+
+TEST(ChromeContentVerifierDelegateUnitTest, TestShouldNotEnforce) {
+  EXPECT_EQ(extensions::ChromeContentVerifierDelegate::GetDefaultMode(),
+            extensions::ChromeContentVerifierDelegate::VerifyInfo::Mode::NONE);
+}
+
+#endif  // defined(OFFICIAL_BUILD)

browser/extensions/install_verifier_unittest.cc

@@ -0,0 +1,22 @@
+/* Copyright (c) 2021 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "chrome/browser/extensions/install_verifier.h"
+
+#include "testing/gtest/include/gtest/gtest.h"
+
+#if defined(OFFICIAL_BUILD)
+
+#if defined(OS_WIN) || defined(OS_MAC)
+TEST(InstallVerifierUnitTest, TestShouldEnforce) {
+  EXPECT_TRUE(extensions::InstallVerifier::ShouldEnforce());
+}
+#else
+TEST(InstallVerifierUnitTest, TestShouldNotEnforce) {
+  EXPECT_FALSE(extensions::InstallVerifier::ShouldEnforce());
+}
+#endif  // defined(OS_WIN) || defined(OS_MAC)
+
+#endif  // defined(OFFICIAL_BUILD)

chromium_src/chrome/browser/extensions/chrome_content_verifier_delegate.cc

@@ -0,0 +1,58 @@
+/* Copyright (c) 2021 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "chrome/browser/extensions/chrome_content_verifier_delegate.h"
+
+#include <algorithm>
+#include <memory>
+#include <set>
+#include <vector>
+
+#include "base/base_switches.h"
+#include "base/command_line.h"
+#include "base/metrics/field_trial.h"
+#include "base/metrics/histogram_macros.h"
+#include "base/no_destructor.h"
+#include "base/strings/string_piece.h"
+#include "base/strings/string_util.h"
+#include "base/syslog_logging.h"
+#include "base/threading/thread_task_runner_handle.h"
+#include "base/version.h"
+#include "build/branding_buildflags.h"
+#include "build/build_config.h"
+#include "build/chromeos_buildflags.h"
+#include "chrome/browser/extensions/extension_service.h"
+#include "chrome/browser/extensions/install_verifier.h"
+#include "chrome/browser/extensions/policy_extension_reinstaller.h"
+#include "chrome/common/chrome_switches.h"
+#include "chrome/common/extensions/extension_constants.h"
+#include "extensions/browser/disable_reason.h"
+#include "extensions/browser/extension_prefs.h"
+#include "extensions/browser/extension_registry.h"
+#include "extensions/browser/extension_system.h"
+#include "extensions/browser/management_policy.h"
+#include "extensions/browser/pref_types.h"
+#include "extensions/common/extension_urls.h"
+#include "extensions/common/extensions_client.h"
+#include "extensions/common/manifest.h"
+#include "extensions/common/manifest_url_handlers.h"
+#include "net/base/backoff_entry.h"
+#include "net/base/escape.h"
+
+#if BUILDFLAG(IS_CHROMEOS_ASH)
+#include "chrome/browser/extensions/extension_assets_manager_chromeos.h"
+#endif
+
+// All above headers copied from original chrome_content_verifier_delegate.cc
+// are included to prevent below GOOGLE_CHROME_BUILD affect them.
+
+// `VerifyInfo::Mode::ENFORCE_STRICT` is only defaulted for google chrome.
+#if defined(OFFICIAL_BUILD)
+#undef BUILDFLAG_INTERNAL_GOOGLE_CHROME_BRANDING
+#define BUILDFLAG_INTERNAL_GOOGLE_CHROME_BRANDING() (1)
+#endif
+#include "../../../../../chrome/browser/extensions/chrome_content_verifier_delegate.cc"
+#if defined(OFFICIAL_BUILD)
+#undef BUILDFLAG_INTERNAL_GOOGLE_CHROME_BRANDING
+#endif

chromium_src/chrome/browser/extensions/install_verifier.cc

@@ -0,0 +1,54 @@
+/* Copyright (c) 2021 The Brave Authors. All rights reserved.
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "chrome/browser/extensions/install_verifier.h"
+
+#include <algorithm>
+#include <string>
+#include <utility>
+
+#include "base/base_switches.h"
+#include "base/bind.h"
+#include "base/command_line.h"
+#include "base/containers/contains.h"
+#include "base/metrics/field_trial.h"
+#include "base/metrics/histogram_macros.h"
+#include "base/one_shot_event.h"
+#include "base/trace_event/trace_event.h"
+#include "build/branding_buildflags.h"
+#include "build/build_config.h"
+#include "chrome/browser/extensions/extension_management.h"
+#include "chrome/browser/extensions/extension_service.h"
+#include "chrome/browser/extensions/install_signer.h"
+#include "chrome/browser/extensions/install_verifier_factory.h"
+#include "chrome/common/chrome_switches.h"
+#include "chrome/grit/generated_resources.h"
+#include "components/prefs/pref_service.h"
+#include "content/public/browser/browser_context.h"
+#include "content/public/browser/storage_partition.h"
+#include "content/public/common/content_switches.h"
+#include "extensions/browser/extension_prefs.h"
+#include "extensions/browser/extension_registry.h"
+#include "extensions/browser/extension_system.h"
+#include "extensions/browser/pref_names.h"
+#include "extensions/common/extension.h"
+#include "extensions/common/extension_id.h"
+#include "extensions/common/extension_set.h"
+#include "extensions/common/manifest.h"
+#include "extensions/common/manifest_url_handlers.h"
+#include "services/network/public/mojom/url_loader_factory.mojom.h"
+#include "ui/base/l10n/l10n_util.h"
+
+// All above headers copied from original install_verifier.cc are
+// included to prevent below GOOGLE_CHROME_BUILD affect them.
+
+// `VerifyStatus::ENFORCE` is only defaulted for google chrome.
+#if defined(OFFICIAL_BUILD)
+#undef BUILDFLAG_INTERNAL_GOOGLE_CHROME_BRANDING
+#define BUILDFLAG_INTERNAL_GOOGLE_CHROME_BRANDING() (1)
+#endif
+#include "../../../../../chrome/browser/extensions/install_verifier.cc"
+#if defined(OFFICIAL_BUILD)
+#undef BUILDFLAG_INTERNAL_GOOGLE_CHROME_BRANDING
+#endif

test/BUILD.gn

@@ -335,6 +335,8 @@ test("brave_unit_tests") {
   if (enable_extensions) {
     sources += [
       "//brave/browser/extensions/api/brave_extensions_api_client_unittest.cc",
+      "//brave/browser/extensions/chrome_content_verifier_delegate_unittest.cc",
+      "//brave/browser/extensions/install_verifier_unittest.cc",
       "//brave/chromium_src/extensions/browser/sandboxed_unpacker_unittest.cc",
       "//brave/common/importer/chrome_importer_utils_unittest.cc",
       "//chrome/browser/extensions/extension_service_test_base.cc",
@@ -344,6 +346,7 @@ test("brave_unit_tests") {
     deps += [
       "//brave/browser/extensions",
       "//brave/common/importer",
+      "//chrome/browser/extensions",
       "//components/crx_file",
       "//components/policy/core/common:test_support",
       "//extensions/browser:test_support",