Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5111)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chrome_content_browser_client.cc

Issue 10993078: Use extensions socket permission for TCP/UDP socket APIs in Pepper (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: nit Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | content/browser/renderer_host/pepper/pepper_message_filter.h » ('j') | content/public/browser/content_browser_client.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chrome_content_browser_client.cc
diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
index 1186cca10118db9dbc0bf552a093e79395e99d65..05bf455ff58a84aeaad44ed874c8c47a6232cc97 100644
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc
@@ -79,6 +79,7 @@
#include "chrome/common/extensions/extension.h"
#include "chrome/common/extensions/extension_process_policy.h"
#include "chrome/common/extensions/extension_set.h"
+#include "chrome/common/extensions/permissions/socket_permission.h"
#include "chrome/common/logging_chrome.h"
#include "chrome/common/pref_names.h"
#include "chrome/common/render_messages.h"
@@ -392,6 +393,34 @@ int GetCrashSignalFD(const CommandLine& command_line) {
}
#endif // defined(OS_POSIX) && !defined(OS_MACOSX)
+extensions::SocketPermission::CheckParam ConvertSocketPermissions(
+ const content::ContentBrowserClient::SocketPermissionParam& params) {
+ extensions::SocketPermissionData::OperationType type =
+ extensions::SocketPermissionData::NONE;
+ switch (params.type) {
+ case content::ContentBrowserClient::SocketPermissionParam::TCP_CONNECT:
+ type = extensions::SocketPermissionData::TCP_CONNECT;
+ break;
+
+ case content::ContentBrowserClient::SocketPermissionParam::TCP_LISTEN:
+ type = extensions::SocketPermissionData::TCP_LISTEN;
+ break;
+
+ case content::ContentBrowserClient::SocketPermissionParam::UDP_BIND:
+ type = extensions::SocketPermissionData::UDP_BIND;
+ break;
+
+ case content::ContentBrowserClient::SocketPermissionParam::UDP_SEND_TO:
+ type = extensions::SocketPermissionData::UDP_SEND_TO;
+ break;
+
+ default:
+ NOTREACHED();
+ }
+ return extensions::SocketPermission::CheckParam(
+ type, params.host, params.port);
+}
+
} // namespace
namespace chrome {
@@ -1699,7 +1728,9 @@ void ChromeContentBrowserClient::DidCreatePpapiPlugin(
}
bool ChromeContentBrowserClient::AllowPepperSocketAPI(
- content::BrowserContext* browser_context, const GURL& url) {
+ content::BrowserContext* browser_context,
+ const GURL& url,
+ const SocketPermissionParam& params) {
if (!url.is_valid())
return false;
@@ -1735,7 +1766,10 @@ bool ChromeContentBrowserClient::AllowPepperSocketAPI(
if (!extension)
return false;
- if (extension->HasAPIPermission(APIPermission::kSocket))
+ extensions::SocketPermission::CheckParam extension_params =
+ ConvertSocketPermissions(params);
+ if (extension->CheckAPIPermissionWithParam(APIPermission::kSocket,
+ &extension_params))
return true;
return false;
« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | content/browser/renderer_host/pepper/pepper_message_filter.h » ('j') | content/public/browser/content_browser_client.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698