Packaged (CRX) extensions shouldn't be able to get 'dev' interfaces in NaCl.

ppapi/native_client/src/trusted/plugin/plugin.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifdef _MSC_VER
 // Do not warn about use of std::copy with raw pointers.
 #pragma warning(disable : 4996)
 #endif
 
 #include "native_client/src/trusted/plugin/plugin.h"
@@ skipping 85 matching lines @@
 // The "nacl" attribute of the <embed> tag.  We use the value of this attribute
 // to find the manifest file when NaCl is registered as a plug-in for another
 // MIME type because the "src" attribute is used to supply us with the resource
 // of that MIME type that we're supposed to display.
 const char* const kNaClManifestAttribute = "nacl";
 // This is a pretty arbitrary limit on the byte size of the NaCl manfest file.
 // Note that the resulting string object has to have at least one byte extra
 // for the null termination character.
 const size_t kNaClManifestMaxFileBytes = 1024 * 1024;
 
+// Define an argument name to enable 'dev' interfaces. To make sure it doesn't
+// collide with any user-defined HTML attribute, make the first character '@'.
+const char* const kDevAttribute = "@dev";
+
 // URL schemes that we treat in special ways.
 const char* const kChromeExtensionUriScheme = "chrome-extension";
 const char* const kDataUriScheme = "data";
 
 // The key used to find the dictionary nexe URLs in the manifest file.
 const char* const kNexesKey = "nexes";
 
 bool GetLastError(void* obj, SrpcParams* params) {
   NaClSrpcArg** outs = params->outs();
   PLUGIN_PRINTF(("GetLastError (obj=%p)\n", obj));
@@ skipping 769 matching lines @@
                  static_cast<const void*>(url_util_)));
 
   bool status = Plugin::Init(
       browser_interface,
       static_cast<int>(argc),
       // TODO(polina): Can we change the args on our end to be const to
       // avoid these ugly casts?
       const_cast<char**>(argn),
       const_cast<char**>(argv));
   if (status) {
+    // Look for the developer attribute; if it's present, enable 'dev'
+    // interfaces.
+    const char* dev_settings = LookupArgument(kDevAttribute);
+    enable_dev_interfaces_ = (dev_settings != NULL);
+
     const char* type_attr = LookupArgument(kTypeAttribute);
     if (type_attr != NULL) {
       mime_type_ = nacl::string(type_attr);
       std::transform(mime_type_.begin(), mime_type_.end(), mime_type_.begin(),
                      tolower);
     }
 
     const char* manifest_url = LookupArgument(kSrcManifestAttribute);
     // If the MIME type is foreign, then 'src' will be the URL for the content
     // and 'nacl' will be the URL for the manifest.
     if (IsForeignMIMEType()) {
       manifest_url = LookupArgument(kNaClManifestAttribute);
-      enable_dev_interfaces_ = RequiresDevInterfaces(manifest_url);
     }
     // Use the document URL as the base for resolving relative URLs to find the
     // manifest.  This takes into account the setting of <base> tags that
     // precede the embed/object.
     CHECK(url_util_ != NULL);
     pp::Var base_var = url_util_->GetDocumentURL(*this);
     if (!base_var.is_string()) {
       PLUGIN_PRINTF(("Plugin::Init (unable to find document url)\n"));
       return false;
     }
@@ skipping 375 matching lines @@
   UNREFERENCED_PARAMETER(pp_error);
   if (was_successful) {
     ReportLoadSuccess(LENGTH_IS_NOT_COMPUTABLE,
                       kUnknownBytes,
                       kUnknownBytes);
   } else {
     ReportLoadError(error_info);
   }
 }
 
-// Check manifest_url and return whether or not to enable PPAPI Dev interfaces.
-// Returning true here will enable the PPAPI Dev interfaces regardless of
-// the environment variable NACL_ENABLE_PPAPI_DEV.
-bool Plugin::RequiresDevInterfaces(const nacl::string& manifest_url) {
-  const char* extensions[] = {
-      "chrome-extension://acadkphlmlegjaadjagenfimbpphcgnh/",  // PDF
-  };
-  for (size_t i = 0; i < sizeof(extensions) / sizeof(const char*); ++i) {
-    if (manifest_url.find(extensions[i]) == 0) {
-      return true;
-    }
-  }
-  return false;
-}
-
 bool Plugin::StartProxiedExecution(NaClSrpcChannel* srpc_channel,
                                    ErrorInfo* error_info) {
   PLUGIN_PRINTF(("Plugin::StartProxiedExecution (srpc_channel=%p)\n",
                  static_cast<void*>(srpc_channel)));
 
   // Log the amound of time that has passed between the trusted plugin being
   // initialized and the untrusted plugin being initialized.  This is (roughly)
   // the cost of using NaCl, in terms of startup time.
   HistogramStartupTimeMedium(
       "NaCl.Perf.StartupTime.NaClOverhead",
@@ skipping 680 matching lines @@
   std::string scheme = canonicalized.AsString().substr(comps.scheme.begin,
                                                        comps.scheme.len);
   if (scheme == kChromeExtensionUriScheme)
     return SCHEME_CHROME_EXTENSION;
   if (scheme == kDataUriScheme)
     return SCHEME_DATA;
   return SCHEME_OTHER;
 }
 
 }  // namespace plugin