Consider the origin when computing extension permissions

chrome/common/extensions/extension_set.h

Index: chrome/common/extensions/extension_set.h
===================================================================
--- chrome/common/extensions/extension_set.h	(revision 112170)
+++ chrome/common/extensions/extension_set.h	(working copy)
@@ -14,7 +14,30 @@
 #include "base/memory/ref_counted.h"
 #include "chrome/common/extensions/extension.h"
 #include "googleurl/src/gurl.h"
+#include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h"
 
+class ExtensionURLInfo {
+ public:
+  // The extension system uses both a document's origin and its URL to
+  // grant permissions. Ideally, we would use only the origin, but because
+  // the web extent of a hosted app can be less than an entire origin, we
+  // take the URL into account as well
+  ExtensionURLInfo(WebKit::WebSecurityOrigin origin, const GURL& url);
+
+  // WARNING! Using this constructor can miss important security checks if
+  //          you're trying to find a running extension. For example, if the
+  //          URL in question is being rendered inside an iframe sandbox, then
+  //          we might incorrectly grant it access to powerful extension APIs.
+  explicit ExtensionURLInfo(const GURL& url);
+
+  const WebKit::WebSecurityOrigin& origin() const { return origin_; }
+  const GURL& url() const { return url_; }
+
+ private:
+  WebKit::WebSecurityOrigin origin_;
+  GURL url_;
+};
+
 // The one true extension container. Extensions are identified by their id.
 // Only one extension can be in the set with a given ID.
 class ExtensionSet {
@@ -43,16 +66,16 @@
   // Removes the specified extension.
   void Remove(const std::string& id);
 
-  // Returns the extension ID that the given URL is a part of, or empty if
-  // none. This includes web URLs that are part of an extension's web extent.
-  std::string GetIdByURL(const GURL& url) const;
+  // Returns the extension ID, or empty if none. This includes web URLs that
+  // are part of an extension's web extent.
+  std::string GetIdByInfo(const ExtensionURLInfo& info) const;

[Aaron Boodman, 2011/11/30 23:32:18]

sorry to nit, but can you name it either GetIdByURL or GetIdByURLInfo ?

 
-  // Returns the Extension that the given URL is a part of, or NULL if none.
-  // This includes web URLs that are part of an extension's web extent.
+  // Returns the Extension, or NULL if none.  This includes web URLs that are
+  // part of an extension's web extent.
   // NOTE: This can return NULL if called before UpdateExtensions receives
   // bulk extension data (e.g. if called from
   // EventBindings::HandleContextCreated)
-  const Extension* GetByURL(const GURL& url) const;
+  const Extension* GetByInfo(const ExtensionURLInfo& info) const;
 
   // Returns true if |new_url| is in the extent of the same extension as
   // |old_url|.  Also returns true if neither URL is in an app.
@@ -61,10 +84,10 @@
   // Look up an Extension object by id.
   const Extension* GetByID(const std::string& id) const;
 
-  // Returns true if |url| should get extension api bindings and be permitted
+  // Returns true if |info| should get extension api bindings and be permitted
   // to make api calls. Note that this is independent of what extension
   // permissions the given extension has been granted.
-  bool ExtensionBindingsAllowed(const GURL& url) const;
+  bool ExtensionBindingsAllowed(const ExtensionURLInfo& info) const;
 
  private:
   FRIEND_TEST_ALL_PREFIXES(ExtensionSetTest, ExtensionSet);