Content settings: whitelist kExtensionScheme and kChromeInternalScheme on the renderer side.

chrome/renderer/content_settings_observer.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/content_settings_observer.h"
 
 #include "chrome/common/render_messages.h"
 #include "chrome/common/url_constants.h"
 #include "content/public/renderer/document_state.h"
 #include "content/public/renderer/navigation_state.h"
@@ skipping 11 matching lines @@
 using WebKit::WebFrameClient;
 using WebKit::WebSecurityOrigin;
 using WebKit::WebString;
 using WebKit::WebURL;
 using WebKit::WebView;
 using content::DocumentState;
 using content::NavigationState;
 
 namespace {
 
-// True if |frame| contains content that is white-listed for content settings.
-static bool IsWhitelistedForContentSettings(WebFrame* frame) {
-  WebSecurityOrigin origin = frame->document().securityOrigin();
-  if (origin.isUnique())
-    return false;  // Uninitialized document?
-
-  if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme))
-    return true;  // Browser UI elements should still work.
-
-  if (EqualsASCII(origin.protocol(), chrome::kChromeDevToolsScheme))
-    return true;  // DevTools UI elements should still work.
-
-  // If the scheme is ftp: or file:, an empty file name indicates a directory
-  // listing, which requires JavaScript to function properly.
-  GURL document_url = frame->document().url();
-  const char* kDirProtocols[] = { chrome::kFtpScheme, chrome::kFileScheme };
-  for (size_t i = 0; i < arraysize(kDirProtocols); ++i) {
-    if (EqualsASCII(origin.protocol(), kDirProtocols[i])) {
-      return document_url.SchemeIs(kDirProtocols[i]) &&
-             document_url.ExtractFileName().empty();
-    }
-  }
-
-  return false;
-}
-
 GURL GetOriginOrURL(const WebFrame* frame) {
   WebString top_origin = frame->top()->document().securityOrigin().toString();
   // The the |top_origin| is unique ("null") e.g., for file:// URLs. Use the
   // document URL as the primary URL in those cases.
   if (top_origin == "null")
     return frame->top()->document().url();
   return GURL(top_origin);
 }
 
 ContentSetting GetContentSettingFromRules(
@@ skipping 233 matching lines @@
 void ContentSettingsObserver::OnLoadBlockedPlugins() {
   plugins_temporarily_allowed_ = true;
 }
 
 void ContentSettingsObserver::ClearBlockedContentSettings() {
   for (size_t i = 0; i < arraysize(content_blocked_); ++i)
     content_blocked_[i] = false;
   cached_storage_permissions_.clear();
   cached_script_permissions_.clear();
 }
+
+bool ContentSettingsObserver::IsWhitelistedForContentSettings(WebFrame* frame) {
+  return IsWhitelistedForContentSettings(frame->document().securityOrigin(),
+                                         frame->document().url());
+}
+
+bool ContentSettingsObserver::IsWhitelistedForContentSettings(
+    const WebSecurityOrigin& origin,
+    const GURL& document_url) {
+  if (origin.isUnique())
+    return false;  // Uninitialized document?
+
+  if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme))
+    return true;  // Browser UI elements should still work.
+
+  if (EqualsASCII(origin.protocol(), chrome::kChromeDevToolsScheme))
+    return true;  // DevTools UI elements should still work.
+
+  if (EqualsASCII(origin.protocol(), chrome::kExtensionScheme))
+    return true;
+
+  if (EqualsASCII(origin.protocol(), chrome::kChromeInternalScheme))
+    return true;
+
+  // If the scheme is ftp: or file:, an empty file name indicates a directory
+  // listing, which requires JavaScript to function properly.
+  const char* kDirProtocols[] = { chrome::kFtpScheme, chrome::kFileScheme };
+  for (size_t i = 0; i < arraysize(kDirProtocols); ++i) {
+    if (EqualsASCII(origin.protocol(), kDirProtocols[i])) {
+      return document_url.SchemeIs(kDirProtocols[i]) &&
+             document_url.ExtractFileName().empty();
+    }
+  }
+
+  return false;
+}