Make <all_urls> and file:///* in permissions trigger "Allow file access"

chrome/common/extensions/extension.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/extensions/extension.h"
 
 #include <algorithm>
 
 #include "base/base64.h"
 #include "base/basictypes.h"
@@ skipping 246 matching lines @@
 const size_t Extension::kNumHostedAppPermissions =
     arraysize(Extension::kHostedAppPermissionNames);
 
 // We purposefully don't put this into kPermissionNames.
 const char Extension::kOldUnlimitedStoragePermission[] = "unlimited_storage";
 
 const int Extension::kValidWebExtentSchemes =
     URLPattern::SCHEME_HTTP | URLPattern::SCHEME_HTTPS;
 
 const int Extension::kValidHostPermissionSchemes =
-    (UserScript::kValidUserScriptSchemes |
-     URLPattern::SCHEME_CHROMEUI) & ~URLPattern::SCHEME_FILE;
+    UserScript::kValidUserScriptSchemes | URLPattern::SCHEME_CHROMEUI;
 
 //
 // Extension
 //
 
 // static
 scoped_refptr<Extension> Extension::Create(const FilePath& path,
                                            Location location,
                                            const DictionaryValue& value,
                                            int flags,
@@ skipping 270 matching lines @@
   *output = StringToLowerASCII(base::HexEncode(hash, sizeof(hash)));
   ConvertHexadecimalToIDAlphabet(output);
 
   return true;
 }
 
 // Helper method that loads a UserScript object from a dictionary in the
 // content_script list of the manifest.
 bool Extension::LoadUserScriptHelper(const DictionaryValue* content_script,
                                      int definition_index,
-                                     URLPattern::ParseOption parse_strictness,
+                                     int flags,
                                      std::string* error,
                                      UserScript* result) {
+  // When strict error checks are enabled, make URL pattern parsing strict.
+  URLPattern::ParseOption parse_strictness =
+      (flags & STRICT_ERROR_CHECKS ? URLPattern::PARSE_STRICT
+                                   : URLPattern::PARSE_LENIENT);
+
   // run_at
   if (content_script->HasKey(keys::kRunAt)) {
     std::string run_location;
     if (!content_script->GetString(keys::kRunAt, &run_location)) {
       *error = ExtensionErrorUtils::FormatErrorMessage(errors::kInvalidRunAt,
           base::IntToString(definition_index));
       return false;
     }
 
     if (run_location == values::kRunAtDocumentStart) {
@@ skipping 52 matching lines @@
                                                          parse_strictness);
     if (parse_result != URLPattern::PARSE_SUCCESS) {
       *error = ExtensionErrorUtils::FormatErrorMessage(
           errors::kInvalidMatch,
           base::IntToString(definition_index),
           base::IntToString(j),
           URLPattern::GetParseResultString(parse_result));
       return false;
     }
 
+    if (pattern.MatchesScheme(chrome::kFileScheme) &&
+        !CanExecuteScriptEverywhere()) {
+      wants_file_access_ = true;
+      if (!(flags & ALLOW_FILE_ACCESS))
+        pattern.set_valid_schemes(
+            pattern.valid_schemes() & ~URLPattern::SCHEME_FILE);
+    }
+
     result->add_url_pattern(pattern);
   }
 
   // include/exclude globs (mostly for Greasemonkey compatibility)
   if (!LoadGlobsHelper(content_script, definition_index, keys::kIncludeGlobs,
                        error, &UserScript::add_glob, result)) {
       return false;
   }
 
   if (!LoadGlobsHelper(content_script, definition_index, keys::kExcludeGlobs,
@@ skipping 561 matching lines @@
 
 Extension::Extension(const FilePath& path, Location location)
     : incognito_split_mode_(false),
       location_(location),
       converted_from_user_script_(false),
       is_theme_(false),
       is_app_(false),
       is_storage_isolated_(false),
       launch_container_(extension_misc::LAUNCH_TAB),
       launch_width_(0),
-      launch_height_(0) {
+      launch_height_(0),
+      wants_file_access_(false) {
   DCHECK(path.IsAbsolute());
   path_ = MaybeNormalizePath(path);
 }
 Extension::~Extension() {
 }
 ExtensionResource Extension::GetResource(
     const std::string& relative_path) const {
 #if defined(OS_POSIX)
   FilePath relative_file_path(relative_path);
 #elif defined(OS_WIN)
@@ skipping 541 matching lines @@
 
     for (size_t i = 0; i < list_value->GetSize(); ++i) {
       DictionaryValue* content_script;
       if (!list_value->GetDictionary(i, &content_script)) {
         *error = ExtensionErrorUtils::FormatErrorMessage(
             errors::kInvalidContentScript, base::IntToString(i));
         return false;
       }
 
       UserScript script;
-      if (!LoadUserScriptHelper(content_script, i, parse_strictness, error,
-                                &script))
+      if (!LoadUserScriptHelper(content_script, i, flags, error, &script))
         return false;  // Failed to parse script context definition.
       script.set_extension_id(id());
       if (converted_from_user_script_) {
         script.set_emulate_greasemonkey(true);
         script.set_match_all_frames(true);  // Greasemonkey matches all frames.
       }
       content_scripts_.push_back(script);
     }
   }
 
@@ skipping 165 matching lines @@
         if (!CanSpecifyHostPermission(pattern)) {
           *error = ExtensionErrorUtils::FormatErrorMessage(
               errors::kInvalidPermissionScheme, base::IntToString(i));
           return false;
         }
 
         // The path component is not used for host permissions, so we force it
         // to match all paths.
         pattern.SetPath("/*");
 
+        if (pattern.MatchesScheme(chrome::kFileScheme) &&
+            !CanExecuteScriptEverywhere()) {
+          wants_file_access_ = true;
+          if (!(flags & ALLOW_FILE_ACCESS))
+            pattern.set_valid_schemes(
+                pattern.valid_schemes() & ~URLPattern::SCHEME_FILE);
+        }
+
         host_permissions_.push_back(pattern);
       }
 
       // If it's not a host permission, then it's probably an unknown API
       // permission. Do not throw an error so extensions can retain
       // backwards compatability (http://crbug.com/42742).
       // TODO(jstritar): We can improve error messages by adding better
       // validation of API permissions here.
       // TODO(skerner): Consider showing the reason |permission_str| is not
       // a valid URL pattern if it is almost valid.  For example, if it has
@@ skipping 431 matching lines @@
   if (browser_action())
     ++num_surfaces;
 
   if (is_app())
     ++num_surfaces;
 
   return num_surfaces > 1;
 }
 
 bool Extension::CanExecuteScriptOnPage(const GURL& page_url,
-                                       UserScript* script,
+                                       const UserScript* script,
                                        std::string* error) const {
   // The gallery is special-cased as a restricted URL for scripting to prevent
   // access to special JS bindings we expose to the gallery (and avoid things
   // like extensions removing the "report abuse" link).
   // TODO(erikkay): This seems like the wrong test.  Shouldn't we we testing
   // against the store app extent?
   if ((page_url.host() == GURL(Extension::ChromeStoreLaunchURL()).host()) &&
       !CanExecuteScriptEverywhere() &&
       !CommandLine::ForCurrentProcess()->HasSwitch(
           switches::kAllowScriptingGallery)) {
@@ skipping 138 matching lines @@
 
 UninstalledExtensionInfo::~UninstalledExtensionInfo() {}
 
 
 UnloadedExtensionInfo::UnloadedExtensionInfo(
     const Extension* extension,
     Reason reason)
   : reason(reason),
     already_disabled(false),
     extension(extension) {}