| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/extensions/extension_dispatcher.h" | 5 #include "chrome/renderer/extensions/extension_dispatcher.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "chrome/common/child_process_logging.h" | 8 #include "chrome/common/child_process_logging.h" |
| 9 #include "chrome/common/chrome_switches.h" | 9 #include "chrome/common/chrome_switches.h" |
| 10 #include "chrome/common/extensions/extension.h" | 10 #include "chrome/common/extensions/extension.h" |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 RegisterExtension(EventBindings::Get(this), true); | 91 RegisterExtension(EventBindings::Get(this), true); |
| 92 RegisterExtension(RendererExtensionBindings::Get(this), true); | 92 RegisterExtension(RendererExtensionBindings::Get(this), true); |
| 93 RegisterExtension(ExtensionApiTestV8Extension::Get(), true); | 93 RegisterExtension(ExtensionApiTestV8Extension::Get(), true); |
| 94 | 94 |
| 95 // Initialize host permissions for any extensions that were activated before | 95 // Initialize host permissions for any extensions that were activated before |
| 96 // WebKit was initialized. | 96 // WebKit was initialized. |
| 97 for (std::set<std::string>::iterator iter = active_extension_ids_.begin(); | 97 for (std::set<std::string>::iterator iter = active_extension_ids_.begin(); |
| 98 iter != active_extension_ids_.end(); ++iter) { | 98 iter != active_extension_ids_.end(); ++iter) { |
| 99 const Extension* extension = extensions_.GetByID(*iter); | 99 const Extension* extension = extensions_.GetByID(*iter); |
| 100 if (extension) | 100 if (extension) |
| 101 InitHostPermissions(extension); | 101 InitOriginPermissions(extension); |
| 102 } | 102 } |
| 103 | 103 |
| 104 is_webkit_initialized_ = true; | 104 is_webkit_initialized_ = true; |
| 105 } | 105 } |
| 106 | 106 |
| 107 void ExtensionDispatcher::IdleNotification() { | 107 void ExtensionDispatcher::IdleNotification() { |
| 108 if (is_extension_process_) { | 108 if (is_extension_process_) { |
| 109 // Dampen the forced delay as well if the extension stays idle for long | 109 // Dampen the forced delay as well if the extension stays idle for long |
| 110 // periods of time. | 110 // periods of time. |
| 111 int64 forced_delay_s = std::max(static_cast<int64>( | 111 int64 forced_delay_s = std::max(static_cast<int64>( |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 227 RenderThread::current()->ScheduleIdleHandler( | 227 RenderThread::current()->ScheduleIdleHandler( |
| 228 kInitialExtensionIdleHandlerDelayS); | 228 kInitialExtensionIdleHandlerDelayS); |
| 229 | 229 |
| 230 UpdateActiveExtensions(); | 230 UpdateActiveExtensions(); |
| 231 | 231 |
| 232 const Extension* extension = extensions_.GetByID(extension_id); | 232 const Extension* extension = extensions_.GetByID(extension_id); |
| 233 if (!extension) | 233 if (!extension) |
| 234 return; | 234 return; |
| 235 | 235 |
| 236 if (is_webkit_initialized_) | 236 if (is_webkit_initialized_) |
| 237 InitHostPermissions(extension); | 237 InitOriginPermissions(extension); |
| 238 } | 238 } |
| 239 | 239 |
| 240 void ExtensionDispatcher::InitHostPermissions(const Extension* extension) { | 240 void ExtensionDispatcher::InitOriginPermissions(const Extension* extension) { |
| 241 // TODO(jstritar): We should try to remove this special case. Also, these |
| 242 // whitelist entries need to be updated when the kManagement permission |
| 243 // changes. |
| 241 if (extension->HasAPIPermission(ExtensionAPIPermission::kManagement)) { | 244 if (extension->HasAPIPermission(ExtensionAPIPermission::kManagement)) { |
| 242 WebSecurityPolicy::addOriginAccessWhitelistEntry( | 245 WebSecurityPolicy::addOriginAccessWhitelistEntry( |
| 243 extension->url(), | 246 extension->url(), |
| 244 WebString::fromUTF8(chrome::kChromeUIScheme), | 247 WebString::fromUTF8(chrome::kChromeUIScheme), |
| 245 WebString::fromUTF8(chrome::kChromeUIExtensionIconHost), | 248 WebString::fromUTF8(chrome::kChromeUIExtensionIconHost), |
| 246 false); | 249 false); |
| 247 } | 250 } |
| 248 | 251 |
| 249 const URLPatternSet& permissions = | 252 UpdateOriginPermissions(UpdatedExtensionPermissionsInfo::ADDED, |
| 250 extension->GetActivePermissions()->explicit_hosts(); | 253 extension, |
| 251 for (URLPatternSet::const_iterator i = permissions.begin(); | 254 extension->GetActivePermissions()->explicit_hosts()); |
| 252 i != permissions.end(); ++i) { | 255 } |
| 256 |
| 257 void ExtensionDispatcher::UpdateOriginPermissions( |
| 258 UpdatedExtensionPermissionsInfo::Reason reason, |
| 259 const Extension* extension, |
| 260 const URLPatternSet& origins) { |
| 261 for (URLPatternSet::const_iterator i = origins.begin(); |
| 262 i != origins.end(); ++i) { |
| 253 const char* schemes[] = { | 263 const char* schemes[] = { |
| 254 chrome::kHttpScheme, | 264 chrome::kHttpScheme, |
| 255 chrome::kHttpsScheme, | 265 chrome::kHttpsScheme, |
| 256 chrome::kFileScheme, | 266 chrome::kFileScheme, |
| 257 chrome::kChromeUIScheme, | 267 chrome::kChromeUIScheme, |
| 258 }; | 268 }; |
| 259 for (size_t j = 0; j < arraysize(schemes); ++j) { | 269 for (size_t j = 0; j < arraysize(schemes); ++j) { |
| 260 if (i->MatchesScheme(schemes[j])) { | 270 if (i->MatchesScheme(schemes[j])) { |
| 261 WebSecurityPolicy::addOriginAccessWhitelistEntry( | 271 ((reason == UpdatedExtensionPermissionsInfo::REMOVED) ? |
| 262 extension->url(), | 272 WebSecurityPolicy::removeOriginAccessWhitelistEntry : |
| 263 WebString::fromUTF8(schemes[j]), | 273 WebSecurityPolicy::addOriginAccessWhitelistEntry)( |
| 264 WebString::fromUTF8(i->host()), | 274 extension->url(), |
| 265 i->match_subdomains()); | 275 WebString::fromUTF8(schemes[j]), |
| 276 WebString::fromUTF8(i->host()), |
| 277 i->match_subdomains()); |
| 266 } | 278 } |
| 267 } | 279 } |
| 268 } | 280 } |
| 269 } | 281 } |
| 270 | 282 |
| 271 void ExtensionDispatcher::OnUpdatePermissions( | 283 void ExtensionDispatcher::OnUpdatePermissions( |
| 284 int reason_id, |
| 272 const std::string& extension_id, | 285 const std::string& extension_id, |
| 273 const ExtensionAPIPermissionSet& apis, | 286 const ExtensionAPIPermissionSet& apis, |
| 274 const URLPatternSet& explicit_hosts, | 287 const URLPatternSet& explicit_hosts, |
| 275 const URLPatternSet& scriptable_hosts) { | 288 const URLPatternSet& scriptable_hosts) { |
| 276 const Extension* extension = extensions_.GetByID(extension_id); | 289 const Extension* extension = extensions_.GetByID(extension_id); |
| 277 if (!extension) | 290 if (!extension) |
| 278 return; | 291 return; |
| 279 | 292 |
| 280 extension->SetActivePermissions( | 293 scoped_refptr<const ExtensionPermissionSet> delta = |
| 281 new ExtensionPermissionSet(apis, explicit_hosts, scriptable_hosts)); | 294 new ExtensionPermissionSet(apis, explicit_hosts, scriptable_hosts); |
| 295 scoped_refptr<const ExtensionPermissionSet> old_active = |
| 296 extension->GetActivePermissions(); |
| 297 UpdatedExtensionPermissionsInfo::Reason reason = |
| 298 static_cast<UpdatedExtensionPermissionsInfo::Reason>(reason_id); |
| 299 |
| 300 const ExtensionPermissionSet* new_active = NULL; |
| 301 if (reason == UpdatedExtensionPermissionsInfo::ADDED) { |
| 302 new_active = ExtensionPermissionSet::CreateUnion(old_active, delta); |
| 303 } else { |
| 304 CHECK_EQ(UpdatedExtensionPermissionsInfo::REMOVED, reason); |
| 305 new_active = ExtensionPermissionSet::CreateDifference(old_active, delta); |
| 306 } |
| 307 |
| 308 extension->SetActivePermissions(new_active); |
| 309 UpdateOriginPermissions(reason, extension, explicit_hosts); |
| 282 } | 310 } |
| 283 | 311 |
| 284 void ExtensionDispatcher::OnUpdateUserScripts( | 312 void ExtensionDispatcher::OnUpdateUserScripts( |
| 285 base::SharedMemoryHandle scripts) { | 313 base::SharedMemoryHandle scripts) { |
| 286 DCHECK(base::SharedMemory::IsHandleValid(scripts)) << "Bad scripts handle"; | 314 DCHECK(base::SharedMemory::IsHandleValid(scripts)) << "Bad scripts handle"; |
| 287 user_script_slave_->UpdateScripts(scripts); | 315 user_script_slave_->UpdateScripts(scripts); |
| 288 UpdateActiveExtensions(); | 316 UpdateActiveExtensions(); |
| 289 } | 317 } |
| 290 | 318 |
| 291 void ExtensionDispatcher::UpdateActiveExtensions() { | 319 void ExtensionDispatcher::UpdateActiveExtensions() { |
| 292 // In single-process mode, the browser process reports the active extensions. | 320 // In single-process mode, the browser process reports the active extensions. |
| 293 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSingleProcess)) | 321 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSingleProcess)) |
| 294 return; | 322 return; |
| 295 | 323 |
| 296 std::set<std::string> active_extensions = active_extension_ids_; | 324 std::set<std::string> active_extensions = active_extension_ids_; |
| 297 user_script_slave_->GetActiveExtensions(&active_extensions); | 325 user_script_slave_->GetActiveExtensions(&active_extensions); |
| 298 child_process_logging::SetActiveExtensions(active_extensions); | 326 child_process_logging::SetActiveExtensions(active_extensions); |
| 299 } | 327 } |
| 300 | 328 |
| 301 void ExtensionDispatcher::RegisterExtension(v8::Extension* extension, | 329 void ExtensionDispatcher::RegisterExtension(v8::Extension* extension, |
| 302 bool restrict_to_extensions) { | 330 bool restrict_to_extensions) { |
| 303 if (restrict_to_extensions) | 331 if (restrict_to_extensions) |
| 304 restricted_v8_extensions_.insert(extension->name()); | 332 restricted_v8_extensions_.insert(extension->name()); |
| 305 | 333 |
| 306 RenderThread::current()->RegisterExtension(extension); | 334 RenderThread::current()->RegisterExtension(extension); |
| 307 } | 335 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7508029:
Add origin permissions to the extension permissions API. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src