Make <all_urls> and file:///* in permissions trigger "Allow file access"

chrome/common/extensions/extension.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_COMMON_EXTENSIONS_EXTENSION_H_
 #define CHROME_COMMON_EXTENSIONS_EXTENSION_H_
 #pragma once
 
 #include <map>
 #include <set>
@@ skipping 115 matching lines @@
     // checks that URL patterns do not contain ports.  This error
     // checking may find an error that a previous version of
     // Chrome did not flag.  To avoid errors in installed extensions
     // when Chrome is upgraded, strict error checking is only enabled
     // when loading extensions as a developer would (such as loading
     // an unpacked extension), or when loading an extension that is
     // tied to a specific version of Chrome (such as a component
     // extension).  Most callers will set the |STRICT_ERROR_CHECKS| bit when
     // Extension::ShouldDoStrictErrorChecking(location) returns true.
     STRICT_ERROR_CHECKS = 1 << 1,
+
+    // |ALLOW_FILE_ACCESS| indicates that the user is allowing this extension
+    // to have file access. If it's not present, then permissions and content
+    // scripts that match file:/// URLs will be filtered out.
+    ALLOW_FILE_ACCESS = 1 << 2,
   };
 
   static scoped_refptr<Extension> Create(const FilePath& path,
                                          Location location,
                                          const DictionaryValue& value,
                                          int flags,
                                          std::string* error);
 
   // Return the update url used by gallery/webstore extensions.
   static GURL GalleryUpdateUrl(bool secure);
@@ skipping 122 matching lines @@
   // error checking.  Strict error checks may flag errors older versions
   // of chrome did not detect.  To avoid breaking installed extensions,
   // strict checks are disabled unless the location indicates that the
   // developer is loading the extension, or the extension is a component
   // of chrome.
   static inline bool ShouldDoStrictErrorChecking(Location location) {
     return location == Extension::LOAD ||
            location == Extension::COMPONENT;
   }
 
+  // Unpacked extensions start off with file access since they are a developer
+  // feature.
+  static inline bool ShouldAlwaysAllowFileAccess(Location location) {
+    return location == Extension::LOAD;
+  }
+
   // See Type definition above.
   Type GetType() const;
 
   // Returns an absolute url to a resource inside of an extension. The
   // |extension_url| argument should be the url() from an Extension object. The
   // |relative_path| can be untrusted user input. The returned URL will either
   // be invalid() or a child of |extension_url|.
   // NOTE: Static so that it can be used from multiple threads.
   static GURL GetResourceURL(const GURL& extension_url,
                              const std::string& relative_path);
@@ skipping 137 matching lines @@
                           const gfx::Size& max_size) const;
 
   // Returns true if this extension can execute script on a page. If a
   // UserScript object is passed, permission to run that specific script is
   // checked (using its matches list). Otherwise, permission to execute script
   // programmatically is checked (using the extension's host permission).
   //
   // This method is also aware of certain special pages that extensions are
   // usually not allowed to run script on.
   bool CanExecuteScriptOnPage(const GURL& page_url,
-                              UserScript* script,
+                              const UserScript* script,
                               std::string* error) const;
 
   // Returns true if this extension is a COMPONENT extension, or if it is
   // on the whitelist of extensions that can script all pages.
   bool CanExecuteScriptEverywhere() const;
 
   // Returns true if this extension is allowed to obtain the contents of a
   // page as an image.  Since a page may contain sensitive information, this
   // is restricted to the extension's host permissions as well as the
   // extension page itself.
@@ skipping 41 matching lines @@
     return manifest_value_.get();
   }
   const std::string default_locale() const { return default_locale_; }
   const URLOverrideMap& GetChromeURLOverrides() const {
     return chrome_url_overrides_;
   }
   const std::string omnibox_keyword() const { return omnibox_keyword_; }
   bool incognito_split_mode() const { return incognito_split_mode_; }
   const std::vector<TtsVoice>& tts_voices() const { return tts_voices_; }
 
+  bool wants_file_access() const { return wants_file_access_; }
+
   // App-related.
   bool is_app() const { return is_app_; }
   bool is_hosted_app() const { return is_app() && !web_extent().is_empty(); }
   bool is_packaged_app() const { return is_app() && web_extent().is_empty(); }
   bool is_storage_isolated() const { return is_app() && is_storage_isolated_; }
   const ExtensionExtent& web_extent() const { return extent_; }
   const std::string& launch_local_path() const { return launch_local_path_; }
   const std::string& launch_web_url() const { return launch_web_url_; }
   extension_misc::LaunchContainer launch_container() const {
     return launch_container_;
@@ skipping 49 matching lines @@
   // Helper function for implementing HasCachedImage/GetCachedImage. A return
   // value of NULL means there is no matching image cached (we allow caching an
   // empty SkBitmap).
   SkBitmap* GetCachedImageImpl(const ExtensionResource& source,
                                const gfx::Size& max_size) const;
 
   // Helper method that loads a UserScript object from a
   // dictionary in the content_script list of the manifest.
   bool LoadUserScriptHelper(const DictionaryValue* content_script,
                             int definition_index,
-                            URLPattern::ParseOption parse_strictness,
+                            int flags,
                             std::string* error,
                             UserScript* result);
 
   // Helper method that loads either the include_globs or exclude_globs list
   // from an entry in the content_script lists of the manifest.
   bool LoadGlobsHelper(const DictionaryValue* content_script,
                        int content_script_index,
                        const char* globs_property_name,
                        std::string* error,
                        void(UserScript::*add_method)(const std::string& glob),
@@ skipping 16 matching lines @@
   // Helper method to load an ExtensionAction from the page_action or
   // browser_action entries in the manifest.
   ExtensionAction* LoadExtensionActionHelper(
       const DictionaryValue* extension_action, std::string* error);
 
   // Helper method to load an ExtensionSidebarDefaults from the sidebar manifest
   // entry.
   ExtensionSidebarDefaults* LoadExtensionSidebarDefaults(
       const DictionaryValue* sidebar, std::string* error);
 
+  void InitWantsFileAccess(const std::string& host_str,
+                           URLPattern::ParseOption parse_strictness);
+
   // Calculates the effective host permissions from the permissions and content
   // script petterns.
   void InitEffectiveHostPermissions();
 
   // Returns true if the extension has more than one "UI surface". For example,
   // an extension that has a browser action and a page action.
   bool HasMultipleUISurfaces() const;
 
   // Figures out if a source contains keys not associated with themes - we
   // don't want to allow scripts and such to be bundled with themes.
@@ skipping 158 matching lines @@
   // containers like panels and windows.
   int launch_width_;
   int launch_height_;
 
   // The Omnibox keyword for this extension, or empty if there is none.
   std::string omnibox_keyword_;
 
   // List of text-to-speech voices that this extension provides, if any.
   std::vector<TtsVoice> tts_voices_;
 
+  // Whether the extension has host permissions or user script patterns that
+  // imply access to file:/// scheme URLs (the user may not have actually
+  // granted it that access).
+  bool wants_file_access_;
+
   FRIEND_TEST_ALL_PREFIXES(ExtensionServiceTest,
                            UpdateExtensionPreservesLocation);
   FRIEND_TEST_ALL_PREFIXES(ExtensionTest, LoadPageActionHelper);
   FRIEND_TEST_ALL_PREFIXES(ExtensionTest, InitFromValueInvalid);
   FRIEND_TEST_ALL_PREFIXES(ExtensionTest, InitFromValueValid);
   FRIEND_TEST_ALL_PREFIXES(ExtensionTest, InitFromValueValidNameInRTL);
   FRIEND_TEST_ALL_PREFIXES(TabStripModelTest, Apps);
 
   DISALLOW_COPY_AND_ASSIGN(Extension);
 };
@@ skipping 42 matching lines @@
   // Was the extension already disabled?
   bool already_disabled;
 
   // The extension being unloaded - this should always be non-NULL.
   const Extension* extension;
 
   UnloadedExtensionInfo(const Extension* extension, Reason reason);
 };
 
 #endif  // CHROME_COMMON_EXTENSIONS_EXTENSION_H_