Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(698)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/extensions/extension_protocols.cc

Issue 2808051: Refactored extension privilege enumeration and implemented URLPattern compari... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/extensions/extension_install_ui.cc ('k') | chrome/browser/net/chrome_url_request_context.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/extension_protocols.h" 5 #include "chrome/browser/extensions/extension_protocols.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "app/resource_bundle.h" 9 #include "app/resource_bundle.h"
10 #include "base/file_path.h" 10 #include "base/file_path.h"
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
67 67
68 } // namespace 68 } // namespace
69 69
70 // Factory registered with URLRequest to create URLRequestJobs for extension:// 70 // Factory registered with URLRequest to create URLRequestJobs for extension://
71 // URLs. 71 // URLs.
72 static URLRequestJob* CreateExtensionURLRequestJob(URLRequest* request, 72 static URLRequestJob* CreateExtensionURLRequestJob(URLRequest* request,
73 const std::string& scheme) { 73 const std::string& scheme) {
74 ChromeURLRequestContext* context = 74 ChromeURLRequestContext* context =
75 static_cast<ChromeURLRequestContext*>(request->context()); 75 static_cast<ChromeURLRequestContext*>(request->context());
76 76
77 // Don't allow toplevel navigations to extension resources in incognito mode.
78 // This is because an extension must run in a single process, and an incognito
79 // tab prevents that.
80 // TODO(mpcomplete): better error code.
81 const ResourceDispatcherHostRequestInfo* info = 77 const ResourceDispatcherHostRequestInfo* info =
82 ResourceDispatcherHost::InfoForRequest(request); 78 ResourceDispatcherHost::InfoForRequest(request);
79
80 // Don't allow extension resources to be loaded from origins which are not
81 // present in the extension's effective host permissions with the exception
82 // of empty origins and extension schemes.
83 if (!info->frame_origin().empty() &&
84 !GURL(info->frame_origin()).SchemeIs(chrome::kExtensionScheme)) {
85 ExtensionExtent host_permissions =
86 context->GetEffectiveHostPermissionsForExtension(request->url().host());
87 if (!host_permissions.ContainsURL(GURL(info->frame_origin())))
88 return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE);
89 }
90
91 // Don't allow toplevel navigations to extension resources in incognito mode.
92 // This is because an extension must run in a single process, and an
93 // incognito tab prevents that.
94 // TODO(mpcomplete): better error code.
83 if (context->is_off_the_record() && 95 if (context->is_off_the_record() &&
84 info && info->resource_type() == ResourceType::MAIN_FRAME) 96 info && info->resource_type() == ResourceType::MAIN_FRAME)
85 return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE); 97 return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE);
86 98
87 // chrome-extension://extension-id/resource/path.js 99 // chrome-extension://extension-id/resource/path.js
88 const std::string& extension_id = request->url().host(); 100 const std::string& extension_id = request->url().host();
89 FilePath directory_path = context->GetPathForExtension(extension_id); 101 FilePath directory_path = context->GetPathForExtension(extension_id);
90 if (directory_path.value().empty()) { 102 if (directory_path.value().empty()) {
91 LOG(WARNING) << "Failed to GetPathForExtension: " << extension_id; 103 LOG(WARNING) << "Failed to GetPathForExtension: " << extension_id;
92 return NULL; 104 return NULL;
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after
140 152
141 return new URLRequestFileJob(request, resource.GetFilePath()); 153 return new URLRequestFileJob(request, resource.GetFilePath());
142 } 154 }
143 155
144 void RegisterExtensionProtocols() { 156 void RegisterExtensionProtocols() {
145 URLRequest::RegisterProtocolFactory(chrome::kExtensionScheme, 157 URLRequest::RegisterProtocolFactory(chrome::kExtensionScheme,
146 &CreateExtensionURLRequestJob); 158 &CreateExtensionURLRequestJob);
147 URLRequest::RegisterProtocolFactory(chrome::kUserScriptScheme, 159 URLRequest::RegisterProtocolFactory(chrome::kUserScriptScheme,
148 &CreateUserScriptURLRequestJob); 160 &CreateUserScriptURLRequestJob);
149 } 161 }
OLDNEW
« no previous file with comments | « chrome/browser/extensions/extension_install_ui.cc ('k') | chrome/browser/net/chrome_url_request_context.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698