Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(620)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/extensions/extension.cc

Issue 6879047: Make sure that extensions can launch web urls, create bookmark url with web safe schemes only. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/extensions/extension_bookmarks_module.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/extensions/extension.h" 5 #include "chrome/common/extensions/extension.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/basictypes.h" 10 #include "base/basictypes.h"
11 #include "base/command_line.h" 11 #include "base/command_line.h"
12 #include "base/file_path.h" 12 #include "base/file_path.h"
13 #include "base/file_util.h" 13 #include "base/file_util.h"
14 #include "base/i18n/rtl.h" 14 #include "base/i18n/rtl.h"
15 #include "base/logging.h" 15 #include "base/logging.h"
16 #include "base/memory/singleton.h" 16 #include "base/memory/singleton.h"
17 #include "base/stl_util-inl.h" 17 #include "base/stl_util-inl.h"
18 #include "base/string16.h" 18 #include "base/string16.h"
19 #include "base/string_number_conversions.h" 19 #include "base/string_number_conversions.h"
20 #include "base/utf_string_conversions.h" 20 #include "base/utf_string_conversions.h"
21 #include "base/values.h" 21 #include "base/values.h"
22 #include "base/version.h" 22 #include "base/version.h"
23 #include "crypto/sha2.h"
24 #include "crypto/third_party/nss/blapi.h"
25 #include "chrome/common/chrome_constants.h" 23 #include "chrome/common/chrome_constants.h"
26 #include "chrome/common/chrome_switches.h" 24 #include "chrome/common/chrome_switches.h"
27 #include "chrome/common/chrome_version_info.h" 25 #include "chrome/common/chrome_version_info.h"
28 #include "chrome/common/extensions/extension_action.h" 26 #include "chrome/common/extensions/extension_action.h"
29 #include "chrome/common/extensions/extension_constants.h" 27 #include "chrome/common/extensions/extension_constants.h"
30 #include "chrome/common/extensions/extension_error_utils.h" 28 #include "chrome/common/extensions/extension_error_utils.h"
31 #include "chrome/common/extensions/extension_l10n_util.h" 29 #include "chrome/common/extensions/extension_l10n_util.h"
32 #include "chrome/common/extensions/extension_resource.h" 30 #include "chrome/common/extensions/extension_resource.h"
33 #include "chrome/common/extensions/extension_sidebar_defaults.h" 31 #include "chrome/common/extensions/extension_sidebar_defaults.h"
34 #include "chrome/common/extensions/extension_sidebar_utils.h" 32 #include "chrome/common/extensions/extension_sidebar_utils.h"
35 #include "chrome/common/extensions/file_browser_handler.h" 33 #include "chrome/common/extensions/file_browser_handler.h"
36 #include "chrome/common/extensions/user_script.h" 34 #include "chrome/common/extensions/user_script.h"
37 #include "chrome/common/url_constants.h" 35 #include "chrome/common/url_constants.h"
36 #include "content/browser/child_process_security_policy.h"
37 #include "crypto/sha2.h"
38 #include "crypto/third_party/nss/blapi.h"
38 #include "googleurl/src/url_util.h" 39 #include "googleurl/src/url_util.h"
39 #include "grit/chromium_strings.h" 40 #include "grit/chromium_strings.h"
40 #include "grit/generated_resources.h" 41 #include "grit/generated_resources.h"
41 #include "grit/theme_resources.h" 42 #include "grit/theme_resources.h"
42 #include "net/base/registry_controlled_domain.h" 43 #include "net/base/registry_controlled_domain.h"
43 #include "third_party/skia/include/core/SkBitmap.h" 44 #include "third_party/skia/include/core/SkBitmap.h"
44 #include "ui/base/l10n/l10n_util.h" 45 #include "ui/base/l10n/l10n_util.h"
45 #include "ui/base/resource/resource_bundle.h" 46 #include "ui/base/resource/resource_bundle.h"
46 #include "webkit/glue/image_decoder.h" 47 #include "webkit/glue/image_decoder.h"
47 48
(...skipping 1154 matching lines...) Expand 10 before | Expand all | Expand 10 after
1202 } 1203 }
1203 1204
1204 launch_local_path_ = launch_path; 1205 launch_local_path_ = launch_path;
1205 } else if (manifest->Get(keys::kLaunchWebURL, &temp)) { 1206 } else if (manifest->Get(keys::kLaunchWebURL, &temp)) {
1206 std::string launch_url; 1207 std::string launch_url;
1207 if (!temp->GetAsString(&launch_url)) { 1208 if (!temp->GetAsString(&launch_url)) {
1208 *error = errors::kInvalidLaunchWebURL; 1209 *error = errors::kInvalidLaunchWebURL;
1209 return false; 1210 return false;
1210 } 1211 }
1211 1212
1212 // Ensure the launch URL is a valid absolute URL. 1213 // Ensure the launch URL is a valid absolute URL and has a web safe scheme.
1213 if (!GURL(launch_url).is_valid()) { 1214 GURL url(launch_url);
1215 ChildProcessSecurityPolicy *policy =
1216 ChildProcessSecurityPolicy::GetInstance();
1217 if (!url.is_valid() || !policy->IsWebSafeScheme(url.scheme())) {
Aaron Boodman 2011/04/19 18:29:33 I think it would be better to use Extension::kVali
1214 *error = errors::kInvalidLaunchWebURL; 1218 *error = errors::kInvalidLaunchWebURL;
1215 return false; 1219 return false;
1216 } 1220 }
1217 1221
1218 launch_web_url_ = launch_url; 1222 launch_web_url_ = launch_url;
1219 } else if (is_app()) { 1223 } else if (is_app()) {
1220 *error = errors::kLaunchURLRequired; 1224 *error = errors::kLaunchURLRequired;
1221 return false; 1225 return false;
1222 } 1226 }
1223 1227
(...skipping 1632 matching lines...) Expand 10 before | Expand all | Expand 10 after
2856 2860
2857 UninstalledExtensionInfo::~UninstalledExtensionInfo() {} 2861 UninstalledExtensionInfo::~UninstalledExtensionInfo() {}
2858 2862
2859 2863
2860 UnloadedExtensionInfo::UnloadedExtensionInfo( 2864 UnloadedExtensionInfo::UnloadedExtensionInfo(
2861 const Extension* extension, 2865 const Extension* extension,
2862 Reason reason) 2866 Reason reason)
2863 : reason(reason), 2867 : reason(reason),
2864 already_disabled(false), 2868 already_disabled(false),
2865 extension(extension) {} 2869 extension(extension) {}
OLDNEW
« no previous file with comments | « chrome/browser/extensions/extension_bookmarks_module.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698