Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(36)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/extensions/extension.cc

Issue 402029: Don't allow content scripts to execute on file:// urls.... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 11 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/common/extensions/docs/static/content_scripts.html ('k') | chrome/common/extensions/extension_constants.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/extensions/extension.h" 5 #include "chrome/common/extensions/extension.h"
6 6
7 #include "app/resource_bundle.h" 7 #include "app/resource_bundle.h"
8 #include "base/basictypes.h" 8 #include "base/basictypes.h"
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/file_path.h" 10 #include "base/file_path.h"
(...skipping 229 matching lines...) Expand 10 before | Expand all | Expand 10 after
240 IntToString(definition_index), IntToString(j)); 240 IntToString(definition_index), IntToString(j));
241 return false; 241 return false;
242 } 242 }
243 243
244 URLPattern pattern; 244 URLPattern pattern;
245 if (!pattern.Parse(match_str)) { 245 if (!pattern.Parse(match_str)) {
246 *error = ExtensionErrorUtils::FormatErrorMessage(errors::kInvalidMatch, 246 *error = ExtensionErrorUtils::FormatErrorMessage(errors::kInvalidMatch,
247 IntToString(definition_index), IntToString(j)); 247 IntToString(definition_index), IntToString(j));
248 return false; 248 return false;
249 } 249 }
250 std::string scheme = pattern.scheme();
251 if (scheme == "file") {
252 // No content scripts are allowed unless the command line override switch
253 // was provided.
254 if (!CommandLine::ForCurrentProcess()->HasSwitch(
255 switches::kEnableJsOnFileUrls)) {
256 *error = errors::kInvalidJsMatches;
257 return false;
258 }
259 }
250 260
251 result->add_url_pattern(pattern); 261 result->add_url_pattern(pattern);
252 } 262 }
253 263
254 // include/exclude globs (mostly for Greasemonkey compat) 264 // Include/exclude globs (mostly for Greasemonkey compatibility).
255 if (!LoadGlobsHelper(content_script, definition_index, keys::kIncludeGlobs, 265 if (!LoadGlobsHelper(content_script, definition_index, keys::kIncludeGlobs,
256 error, &UserScript::add_glob, result)) { 266 error, &UserScript::add_glob, result)) {
257 return false; 267 return false;
258 } 268 }
259 269
260 if (!LoadGlobsHelper(content_script, definition_index, keys::kExcludeGlobs, 270 if (!LoadGlobsHelper(content_script, definition_index, keys::kExcludeGlobs,
261 error, &UserScript::add_exclude_glob, result)) { 271 error, &UserScript::add_exclude_glob, result)) {
262 return false; 272 return false;
263 } 273 }
264 274
265 // js and css keys 275 // js and css keys.
266 ListValue* js = NULL; 276 ListValue* js = NULL;
267 if (content_script->HasKey(keys::kJs) && 277 if (content_script->HasKey(keys::kJs) &&
268 !content_script->GetList(keys::kJs, &js)) { 278 !content_script->GetList(keys::kJs, &js)) {
269 *error = ExtensionErrorUtils::FormatErrorMessage(errors::kInvalidJsList, 279 *error = ExtensionErrorUtils::FormatErrorMessage(errors::kInvalidJsList,
270 IntToString(definition_index)); 280 IntToString(definition_index));
271 return false; 281 return false;
272 } 282 }
273 283
274 ListValue* css = NULL; 284 ListValue* css = NULL;
275 if (content_script->HasKey(keys::kCss) && 285 if (content_script->HasKey(keys::kCss) &&
(...skipping 969 matching lines...) Expand 10 before | Expand all | Expand 10 after
1245 UserScript::PatternList::const_iterator pattern = 1255 UserScript::PatternList::const_iterator pattern =
1246 content_script->url_patterns().begin(); 1256 content_script->url_patterns().begin();
1247 for (; pattern != content_script->url_patterns().end(); ++pattern) { 1257 for (; pattern != content_script->url_patterns().end(); ++pattern) {
1248 if (pattern->match_subdomains() && pattern->host().empty()) 1258 if (pattern->match_subdomains() && pattern->host().empty())
1249 return true; 1259 return true;
1250 } 1260 }
1251 } 1261 }
1252 1262
1253 return false; 1263 return false;
1254 } 1264 }
OLDNEW
« no previous file with comments | « chrome/common/extensions/docs/static/content_scripts.html ('k') | chrome/common/extensions/extension_constants.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698