Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(68)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/renderer/chrome_content_renderer_client.cc

Issue 10792008: `chrome-extension` resources should bypass Content Security Policy. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Bad rebase. Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/extensions/extension_resource_request_policy_apitest.cc ('k') | chrome/test/data/extensions/api_test/extension_resource_request_policy/web_accessible/accessible_resource_with_csp.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/renderer/chrome_content_renderer_client.h" 5 #include "chrome/renderer/chrome_content_renderer_client.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 222 matching lines...) Expand 10 before | Expand all | Expand 10 after
233 // chrome-extension: resources should be allowed to receive CORS requests. 233 // chrome-extension: resources should be allowed to receive CORS requests.
234 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme); 234 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme);
235 235
236 WebString extension_resource_scheme( 236 WebString extension_resource_scheme(
237 ASCIIToUTF16(chrome::kExtensionResourceScheme)); 237 ASCIIToUTF16(chrome::kExtensionResourceScheme));
238 WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme); 238 WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme);
239 239
240 // chrome-extension-resource: resources should be allowed to receive CORS 240 // chrome-extension-resource: resources should be allowed to receive CORS
241 // requests. 241 // requests.
242 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme); 242 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);
243
244 // chrome-extension: resources should bypass Content Security Policy checks
245 // when included in protected resources.
246 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
247 extension_scheme);
248 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
249 extension_resource_scheme);
243 } 250 }
244 251
245 void ChromeContentRendererClient::RenderViewCreated( 252 void ChromeContentRendererClient::RenderViewCreated(
246 content::RenderView* render_view) { 253 content::RenderView* render_view) {
247 ContentSettingsObserver* content_settings = 254 ContentSettingsObserver* content_settings =
248 new ContentSettingsObserver(render_view); 255 new ContentSettingsObserver(render_view);
249 if (chrome_observer_.get()) { 256 if (chrome_observer_.get()) {
250 content_settings->SetContentSettingRules( 257 content_settings->SetContentSettingRules(
251 chrome_observer_->content_setting_rules()); 258 chrome_observer_->content_setting_rules());
252 } 259 }
(...skipping 687 matching lines...) Expand 10 before | Expand all | Expand 10 after
940 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() { 947 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() {
941 return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled(); 948 return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled();
942 } 949 }
943 950
944 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories( 951 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories(
945 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { 952 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) {
946 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); 953 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory);
947 } 954 }
948 955
949 } // namespace chrome 956 } // namespace chrome
OLDNEW
« no previous file with comments | « chrome/browser/extensions/extension_resource_request_policy_apitest.cc ('k') | chrome/test/data/extensions/api_test/extension_resource_request_policy/web_accessible/accessible_resource_with_csp.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698