| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/extensions/extension_permission_set.h" | 5 #include "chrome/common/extensions/extension_permission_set.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/memory/singleton.h" | 10 #include "base/memory/singleton.h" |
| 11 #include "base/values.h" | 11 #include "base/values.h" |
| 12 #include "base/string_number_conversions.h" | 12 #include "base/string_number_conversions.h" |
| 13 #include "base/utf_string_conversions.h" | 13 #include "base/utf_string_conversions.h" |
| 14 #include "chrome/common/extensions/extension.h" | 14 #include "chrome/common/extensions/extension.h" |
| 15 #include "chrome/common/extensions/extension_constants.h" | 15 #include "chrome/common/extensions/extension_constants.h" |
| 16 #include "chrome/common/extensions/extension_l10n_util.h" | 16 #include "chrome/common/extensions/extension_l10n_util.h" |
| 17 #include "chrome/common/extensions/url_pattern.h" | 17 #include "chrome/common/extensions/url_pattern.h" |
| 18 #include "chrome/common/extensions/url_pattern_set.h" | 18 #include "chrome/common/extensions/url_pattern_set.h" |
| 19 #include "content/common/url_constants.h" |
| 19 #include "grit/generated_resources.h" | 20 #include "grit/generated_resources.h" |
| 20 #include "net/base/registry_controlled_domain.h" | 21 #include "net/base/registry_controlled_domain.h" |
| 21 #include "ui/base/l10n/l10n_util.h" | 22 #include "ui/base/l10n/l10n_util.h" |
| 22 | 23 |
| 23 namespace { | 24 namespace { |
| 24 | 25 |
| 25 // Helper for GetDistinctHosts(): com > net > org > everything else. | 26 // Helper for GetDistinctHosts(): com > net > org > everything else. |
| 26 bool RcdBetterThan(std::string a, std::string b) { | 27 bool RcdBetterThan(std::string a, std::string b) { |
| 27 if (a == b) | 28 if (a == b) |
| 28 return false; | 29 return false; |
| (...skipping 481 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 510 i != apis_.end(); ++i) { | 511 i != apis_.end(); ++i) { |
| 511 ExtensionAPIPermission* permission = info->GetByID(*i); | 512 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 512 if (permission) | 513 if (permission) |
| 513 apis_str.insert(permission->name()); | 514 apis_str.insert(permission->name()); |
| 514 } | 515 } |
| 515 return apis_str; | 516 return apis_str; |
| 516 } | 517 } |
| 517 | 518 |
| 518 std::set<std::string> | 519 std::set<std::string> |
| 519 ExtensionPermissionSet::GetDistinctHostsForDisplay() const { | 520 ExtensionPermissionSet::GetDistinctHostsForDisplay() const { |
| 520 return GetDistinctHosts(effective_hosts_, true); | 521 return GetDistinctHosts(effective_hosts_, true, true); |
| 521 } | 522 } |
| 522 | 523 |
| 523 ExtensionPermissionMessages | 524 ExtensionPermissionMessages |
| 524 ExtensionPermissionSet::GetPermissionMessages() const { | 525 ExtensionPermissionSet::GetPermissionMessages() const { |
| 525 ExtensionPermissionMessages messages; | 526 ExtensionPermissionMessages messages; |
| 526 | 527 |
| 527 if (HasEffectiveFullAccess()) { | 528 if (HasEffectiveFullAccess()) { |
| 528 messages.push_back(ExtensionPermissionMessage( | 529 messages.push_back(ExtensionPermissionMessage( |
| 529 ExtensionPermissionMessage::kFullAccess, | 530 ExtensionPermissionMessage::kFullAccess, |
| 530 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS))); | 531 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS))); |
| (...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 680 return true; | 681 return true; |
| 681 | 682 |
| 682 if (HasLessAPIPrivilegesThan(permissions)) | 683 if (HasLessAPIPrivilegesThan(permissions)) |
| 683 return true; | 684 return true; |
| 684 | 685 |
| 685 return false; | 686 return false; |
| 686 } | 687 } |
| 687 | 688 |
| 688 // static | 689 // static |
| 689 std::set<std::string> ExtensionPermissionSet::GetDistinctHosts( | 690 std::set<std::string> ExtensionPermissionSet::GetDistinctHosts( |
| 690 const URLPatternSet& host_patterns, bool include_rcd) { | 691 const URLPatternSet& host_patterns, |
| 692 bool include_rcd, |
| 693 bool exclude_file_scheme) { |
| 691 // Use a vector to preserve order (also faster than a map on small sets). | 694 // Use a vector to preserve order (also faster than a map on small sets). |
| 692 // Each item is a host split into two parts: host without RCDs and | 695 // Each item is a host split into two parts: host without RCDs and |
| 693 // current best RCD. | 696 // current best RCD. |
| 694 typedef std::vector<std::pair<std::string, std::string> > HostVector; | 697 typedef std::vector<std::pair<std::string, std::string> > HostVector; |
| 695 HostVector hosts_best_rcd; | 698 HostVector hosts_best_rcd; |
| 696 for (URLPatternSet::const_iterator i = host_patterns.begin(); | 699 for (URLPatternSet::const_iterator i = host_patterns.begin(); |
| 697 i != host_patterns.end(); ++i) { | 700 i != host_patterns.end(); ++i) { |
| 701 if (exclude_file_scheme && i->scheme() == chrome::kFileScheme) |
| 702 continue; |
| 703 |
| 698 std::string host = i->host(); | 704 std::string host = i->host(); |
| 699 | 705 |
| 700 // Add the subdomain wildcard back to the host, if necessary. | 706 // Add the subdomain wildcard back to the host, if necessary. |
| 701 if (i->match_subdomains()) | 707 if (i->match_subdomains()) |
| 702 host = "*." + host; | 708 host = "*." + host; |
| 703 | 709 |
| 704 // If the host has an RCD, split it off so we can detect duplicates. | 710 // If the host has an RCD, split it off so we can detect duplicates. |
| 705 std::string rcd; | 711 std::string rcd; |
| 706 size_t reg_len = net::RegistryControlledDomainService::GetRegistryLength( | 712 size_t reg_len = net::RegistryControlledDomainService::GetRegistryLength( |
| 707 host, false); | 713 host, false); |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 817 // a privilege increase. | 823 // a privilege increase. |
| 818 if (permissions->HasEffectiveAccessToAllHosts()) | 824 if (permissions->HasEffectiveAccessToAllHosts()) |
| 819 return true; | 825 return true; |
| 820 | 826 |
| 821 const URLPatternSet& old_list = effective_hosts(); | 827 const URLPatternSet& old_list = effective_hosts(); |
| 822 const URLPatternSet& new_list = permissions->effective_hosts(); | 828 const URLPatternSet& new_list = permissions->effective_hosts(); |
| 823 | 829 |
| 824 // TODO(jstritar): This is overly conservative with respect to subdomains. | 830 // TODO(jstritar): This is overly conservative with respect to subdomains. |
| 825 // For example, going from *.google.com to www.google.com will be | 831 // For example, going from *.google.com to www.google.com will be |
| 826 // considered an elevation, even though it is not (http://crbug.com/65337). | 832 // considered an elevation, even though it is not (http://crbug.com/65337). |
| 827 std::set<std::string> new_hosts_set = GetDistinctHosts(new_list, false); | 833 std::set<std::string> new_hosts_set(GetDistinctHosts(new_list, false, false)); |
| 828 std::set<std::string> old_hosts_set = GetDistinctHosts(old_list, false); | 834 std::set<std::string> old_hosts_set(GetDistinctHosts(old_list, false, false)); |
| 829 std::set<std::string> new_hosts_only; | 835 std::set<std::string> new_hosts_only; |
| 830 | 836 |
| 831 std::set_difference(new_hosts_set.begin(), new_hosts_set.end(), | 837 std::set_difference(new_hosts_set.begin(), new_hosts_set.end(), |
| 832 old_hosts_set.begin(), old_hosts_set.end(), | 838 old_hosts_set.begin(), old_hosts_set.end(), |
| 833 std::inserter(new_hosts_only, new_hosts_only.begin())); | 839 std::inserter(new_hosts_only, new_hosts_only.begin())); |
| 834 | 840 |
| 835 return !new_hosts_only.empty(); | 841 return !new_hosts_only.empty(); |
| 836 } | 842 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7582017:
Do not display warnings for file:/// extension permissions. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src