Make <all_urls> and file:///* in permissions trigger "Allow file access"

chrome/browser/extensions/extension_prefs.cc

Index: chrome/browser/extensions/extension_prefs.cc
diff --git a/chrome/browser/extensions/extension_prefs.cc b/chrome/browser/extensions/extension_prefs.cc
index 1e1a3d6213bad6203e724e734f88ea57556a9162..a0aaa80c2ce566dc7b1056d1e657e61f345f97c6 100644
--- a/chrome/browser/extensions/extension_prefs.cc
+++ b/chrome/browser/extensions/extension_prefs.cc
@@ -10,6 +10,7 @@
 #include "chrome/browser/extensions/extension_pref_store.h"
 #include "chrome/browser/prefs/pref_notifier.h"
 #include "chrome/browser/prefs/scoped_user_pref_update.h"
+#include "chrome/common/url_constants.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/url_pattern.h"
 #include "chrome/common/pref_names.h"
@@ -567,11 +568,15 @@ bool ExtensionPrefs::GetGrantedPermissions(
   // The granted host permissions contain hosts from the manifest's
   // "permissions" array and from the content script "matches" arrays,
   // so the URLPattern needs to accept valid schemes from both types.
+  // file:/// is temporarily included, but is removed below if not actually
+  // allowed.
+  int valid_schemes = Extension::kValidHostPermissionSchemes |
+        UserScript::kValidUserScriptSchemes | URLPattern::SCHEME_FILE;
+  bool allow_file_access = AllowFileAccess(extension_id);
+
   for (std::set<std::string>::iterator i = host_permissions.begin();
        i != host_permissions.end(); ++i) {
-    URLPattern pattern(
-        Extension::kValidHostPermissionSchemes |
-        UserScript::kValidUserScriptSchemes);
+    URLPattern pattern(valid_schemes);
 
     // Parse without strict checks, so that new strict checks do not
     // fail on a pattern in an installed extension.
@@ -579,6 +584,15 @@ bool ExtensionPrefs::GetGrantedPermissions(
             *i, URLPattern::PARSE_LENIENT)) {
       NOTREACHED();  // Corrupt prefs?  Hand editing?
     } else {
+      if (!allow_file_access && pattern.MatchesScheme(chrome::kFileScheme)) {

[Aaron Boodman, 2011/03/31 16:04:57]

I'm not sure why this branch was needed. Perhaps it is related to ALL_SCHEMES |
SCHEME_FILE ?

[Mihai Parparita -not on Chrome, 2011/03/31 21:56:31]

Without the changes in this file,
ExtensionServiceTest.LoadAllExtensionsFromDirectorySources fails (ends up in the
NOTREACHED branch above). That's because we load
http://src.chromium.org/viewvc/chrome/trunk/src/chrome/test/data/extensions/g...,
which has a file:/// permission. However, I removed SCHEME_FILE from
UserScript::kValidUserScriptSchemes, so file:/// permissions are not valid. I
added it back to mask at line 574, but it seemed more correct to actually filter
out those patterns if they weren't really a granted permission, hence the
filtering here.

+        if (pattern.scheme() == chrome::kFileScheme) {
+          continue;
+        } else {
+          CHECK_EQ("*", pattern.scheme());
+          pattern.set_valid_schemes(
+              pattern.valid_schemes() & ~URLPattern::SCHEME_FILE);
+        }
+      }
       host_extent->AddPattern(pattern);
     }
   }
@@ -634,6 +648,12 @@ void ExtensionPrefs::SetAllowFileAccess(const std::string& extension_id,
   SavePrefsAndNotify();
 }
 
+bool ExtensionPrefs::HasAllowFileAccessSetting(
+    const std::string& extension_id) const {
+  DictionaryValue* ext = GetExtensionPref(extension_id);
+  return ext && ext->HasKey(kPrefAllowFileAccess);
+}
+
 ExtensionPrefs::LaunchType ExtensionPrefs::GetLaunchType(
     const std::string& extension_id,
     ExtensionPrefs::LaunchType default_pref_value) {