| Index: chrome/common/extensions/extension_set.cc
|
| ===================================================================
|
| --- chrome/common/extensions/extension_set.cc (revision 112565)
|
| +++ chrome/common/extensions/extension_set.cc (working copy)
|
| @@ -7,6 +7,18 @@
|
| #include "base/logging.h"
|
| #include "chrome/common/url_constants.h"
|
|
|
| +using WebKit::WebSecurityOrigin;
|
| +
|
| +ExtensionURLInfo::ExtensionURLInfo(WebSecurityOrigin origin, const GURL& url)
|
| + : origin_(origin),
|
| + url_(url) {
|
| + DCHECK(!origin_.isNull());
|
| +}
|
| +
|
| +ExtensionURLInfo::ExtensionURLInfo(const GURL& url)
|
| + : url_(url) {
|
| +}
|
| +
|
| ExtensionSet::ExtensionSet() {
|
| }
|
|
|
| @@ -29,24 +41,34 @@
|
| extensions_.erase(id);
|
| }
|
|
|
| -std::string ExtensionSet::GetIdByURL(const GURL& url) const {
|
| - if (url.SchemeIs(chrome::kExtensionScheme))
|
| - return url.host();
|
| +std::string ExtensionSet::GetIdByURL(const ExtensionURLInfo& info) const {
|
| + DCHECK(!info.origin().isNull());
|
|
|
| - const Extension* extension = GetByURL(url);
|
| + if (info.url().SchemeIs(chrome::kExtensionScheme))
|
| + return info.origin().isUnique() ? "" : info.url().host();
|
| +
|
| + const Extension* extension = GetByURL(info);
|
| if (!extension)
|
| return "";
|
|
|
| return extension->id();
|
| }
|
|
|
| -const Extension* ExtensionSet::GetByURL(const GURL& url) const {
|
| - if (url.SchemeIs(chrome::kExtensionScheme))
|
| - return GetByID(url.host());
|
| +const Extension* ExtensionSet::GetByURL(const ExtensionURLInfo& info) const {
|
| + // In the common case, the document's origin will correspond to its URL,
|
| + // but in some rare cases involving sandboxing, the two will be different.
|
| + // We catch those cases by checking whether the document's origin is unique.
|
| + // If that's not the case, then we conclude that the document's security
|
| + // context is well-described by its URL and proceed to use only the URL.
|
| + if (!info.origin().isNull() && info.origin().isUnique())
|
| + return NULL;
|
|
|
| + if (info.url().SchemeIs(chrome::kExtensionScheme))
|
| + return GetByID(info.url().host());
|
| +
|
| ExtensionMap::const_iterator i = extensions_.begin();
|
| for (; i != extensions_.end(); ++i) {
|
| - if (i->second->web_extent().MatchesURL(url))
|
| + if (i->second->web_extent().MatchesURL(info.url()))
|
| return i->second.get();
|
| }
|
|
|
| @@ -55,7 +77,8 @@
|
|
|
| bool ExtensionSet::InSameExtent(const GURL& old_url,
|
| const GURL& new_url) const {
|
| - return GetByURL(old_url) == GetByURL(new_url);
|
| + return GetByURL(ExtensionURLInfo(old_url)) ==
|
| + GetByURL(ExtensionURLInfo(new_url));
|
| }
|
|
|
| const Extension* ExtensionSet::GetByID(const std::string& id) const {
|
| @@ -66,14 +89,18 @@
|
| return NULL;
|
| }
|
|
|
| -bool ExtensionSet::ExtensionBindingsAllowed(const GURL& url) const {
|
| - if (url.SchemeIs(chrome::kExtensionScheme))
|
| +bool ExtensionSet::ExtensionBindingsAllowed(
|
| + const ExtensionURLInfo& info) const {
|
| + if (info.origin().isUnique())
|
| + return false;
|
| +
|
| + if (info.url().SchemeIs(chrome::kExtensionScheme))
|
| return true;
|
|
|
| ExtensionMap::const_iterator i = extensions_.begin();
|
| for (; i != extensions_.end(); ++i) {
|
| if (i->second->location() == Extension::COMPONENT &&
|
| - i->second->web_extent().MatchesURL(url))
|
| + i->second->web_extent().MatchesURL(info.url()))
|
| return true;
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 8659009:
Consider the origin when computing extension permissions (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/