OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/extension_function_dispatcher.h" | 5 #include "chrome/browser/extensions/extension_function_dispatcher.h" |
6 | 6 |
7 #include <map> | 7 #include <map> |
8 | 8 |
9 #include "base/json/json_string_value_serializer.h" | 9 #include "base/json/json_string_value_serializer.h" |
10 #include "base/lazy_instance.h" | 10 #include "base/lazy_instance.h" |
11 #include "base/memory/ref_counted.h" | 11 #include "base/memory/ref_counted.h" |
12 #include "base/process_util.h" | 12 #include "base/process_util.h" |
13 #include "base/values.h" | 13 #include "base/values.h" |
14 #include "build/build_config.h" | 14 #include "build/build_config.h" |
15 #include "chrome/browser/extensions/extension_activity_log.h" | 15 #include "chrome/browser/extensions/extension_activity_log.h" |
16 #include "chrome/browser/extensions/extension_function.h" | 16 #include "chrome/browser/extensions/extension_function.h" |
17 #include "chrome/browser/extensions/extension_function_registry.h" | 17 #include "chrome/browser/extensions/extension_function_registry.h" |
18 #include "chrome/browser/extensions/extension_service.h" | 18 #include "chrome/browser/extensions/extension_service.h" |
19 #include "chrome/browser/extensions/extension_web_ui.h" | 19 #include "chrome/browser/extensions/extension_web_ui.h" |
20 #include "chrome/browser/extensions/extensions_quota_service.h" | 20 #include "chrome/browser/extensions/extensions_quota_service.h" |
21 #include "chrome/browser/extensions/process_map.h" | 21 #include "chrome/browser/extensions/process_map.h" |
22 #include "chrome/browser/external_protocol/external_protocol_handler.h" | 22 #include "chrome/browser/external_protocol/external_protocol_handler.h" |
23 #include "chrome/browser/profiles/profile.h" | 23 #include "chrome/browser/profiles/profile.h" |
24 #include "chrome/browser/renderer_host/chrome_render_message_filter.h" | 24 #include "chrome/browser/renderer_host/chrome_render_message_filter.h" |
25 #include "chrome/browser/ui/browser_list.h" | 25 #include "chrome/browser/ui/browser_list.h" |
26 #include "chrome/browser/ui/browser_window.h" | 26 #include "chrome/browser/ui/browser_window.h" |
27 #include "chrome/common/extensions/api/extension_api.h" | 27 #include "chrome/common/extensions/api/extension_api.h" |
28 #include "chrome/common/extensions/extension_messages.h" | 28 #include "chrome/common/extensions/extension_messages.h" |
29 #include "chrome/common/extensions/extension_set.h" | 29 #include "chrome/common/extensions/extension_set.h" |
| 30 #include "chrome/common/extensions/feature.h" |
30 #include "chrome/common/url_constants.h" | 31 #include "chrome/common/url_constants.h" |
31 #include "content/public/browser/render_process_host.h" | 32 #include "content/public/browser/render_process_host.h" |
32 #include "content/public/browser/render_view_host.h" | 33 #include "content/public/browser/render_view_host.h" |
33 #include "ipc/ipc_message.h" | 34 #include "ipc/ipc_message.h" |
34 #include "ipc/ipc_message_macros.h" | 35 #include "ipc/ipc_message_macros.h" |
35 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" | 36 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityOrigin.h" |
36 #include "third_party/skia/include/core/SkBitmap.h" | 37 #include "third_party/skia/include/core/SkBitmap.h" |
37 #include "webkit/glue/resource_type.h" | 38 #include "webkit/glue/resource_type.h" |
38 | 39 |
39 using extensions::ExtensionAPI; | 40 using extensions::ExtensionAPI; |
| 41 using extensions::Feature; |
40 using content::RenderViewHost; | 42 using content::RenderViewHost; |
41 using WebKit::WebSecurityOrigin; | 43 using WebKit::WebSecurityOrigin; |
42 | 44 |
43 namespace { | 45 namespace { |
44 | 46 |
45 const char kAccessDenied[] = "access denied"; | 47 const char kAccessDenied[] = "access denied"; |
46 const char kQuotaExceeded[] = "quota exceeded"; | 48 const char kQuotaExceeded[] = "quota exceeded"; |
47 | 49 |
48 void LogSuccess(const Extension* extension, | 50 void LogSuccess(const Extension* extension, |
49 const ExtensionHostMsg_Request_Params& params) { | 51 const ExtensionHostMsg_Request_Params& params) { |
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
265 extensions::ExtensionAPI* api, | 267 extensions::ExtensionAPI* api, |
266 void* profile, | 268 void* profile, |
267 IPC::Message::Sender* ipc_sender, | 269 IPC::Message::Sender* ipc_sender, |
268 int routing_id) { | 270 int routing_id) { |
269 if (!extension) { | 271 if (!extension) { |
270 LOG(ERROR) << "Specified extension does not exist."; | 272 LOG(ERROR) << "Specified extension does not exist."; |
271 SendAccessDenied(ipc_sender, routing_id, params.request_id); | 273 SendAccessDenied(ipc_sender, routing_id, params.request_id); |
272 return NULL; | 274 return NULL; |
273 } | 275 } |
274 | 276 |
| 277 // If the API has been ported to the feature system, use that. |
| 278 if (api->GetFeature(params.name)) { |
| 279 if (!api->IsAvailable( |
| 280 params.name, |
| 281 extension, |
| 282 static_cast<Feature::Context>(params.source_context_type))) { |
| 283 LOG(ERROR) << "Access to extension API '" << params.name << "' denied."; |
| 284 SendAccessDenied(ipc_sender, routing_id, params.request_id); |
| 285 return NULL; |
| 286 } |
| 287 } else { |
| 288 // Otherwise, fall back to the older system. |
| 289 if (!extension->HasAPIPermission(params.name)) { |
| 290 LOG(ERROR) << "Extension " << extension->id() << " does not have " |
| 291 << "permission to function: " << params.name; |
| 292 SendAccessDenied(ipc_sender, routing_id, params.request_id); |
| 293 return NULL; |
| 294 } |
| 295 } |
| 296 |
| 297 // If the API requires a privileged process, ensure it is in one. |
275 if (api->IsPrivileged(params.name) && | 298 if (api->IsPrivileged(params.name) && |
276 !process_map.Contains(extension->id(), requesting_process_id)) { | 299 !process_map.Contains(extension->id(), requesting_process_id)) { |
277 LOG(ERROR) << "Extension API called from incorrect process " | 300 LOG(ERROR) << "Extension API called from incorrect process " |
278 << requesting_process_id | 301 << requesting_process_id |
279 << " from URL " << params.source_url.spec(); | 302 << " from URL " << params.source_url.spec(); |
280 SendAccessDenied(ipc_sender, routing_id, params.request_id); | 303 SendAccessDenied(ipc_sender, routing_id, params.request_id); |
281 return NULL; | 304 return NULL; |
282 } | 305 } |
283 | 306 |
284 if (!extension->HasAPIPermission(params.name)) { | |
285 LOG(ERROR) << "Extension " << extension->id() << " does not have " | |
286 << "permission to function: " << params.name; | |
287 SendAccessDenied(ipc_sender, routing_id, params.request_id); | |
288 return NULL; | |
289 } | |
290 | |
291 ExtensionFunction* function = | 307 ExtensionFunction* function = |
292 ExtensionFunctionRegistry::GetInstance()->NewFunction(params.name); | 308 ExtensionFunctionRegistry::GetInstance()->NewFunction(params.name); |
293 function->SetArgs(¶ms.arguments); | 309 function->SetArgs(¶ms.arguments); |
294 function->set_source_url(params.source_url); | 310 function->set_source_url(params.source_url); |
295 function->set_request_id(params.request_id); | 311 function->set_request_id(params.request_id); |
296 function->set_has_callback(params.has_callback); | 312 function->set_has_callback(params.has_callback); |
297 function->set_user_gesture(params.user_gesture); | 313 function->set_user_gesture(params.user_gesture); |
298 function->set_extension(extension); | 314 function->set_extension(extension); |
299 function->set_profile_id(profile); | 315 function->set_profile_id(profile); |
300 return function; | 316 return function; |
301 } | 317 } |
302 | 318 |
303 // static | 319 // static |
304 void ExtensionFunctionDispatcher::SendAccessDenied( | 320 void ExtensionFunctionDispatcher::SendAccessDenied( |
305 IPC::Message::Sender* ipc_sender, int routing_id, int request_id) { | 321 IPC::Message::Sender* ipc_sender, int routing_id, int request_id) { |
306 ipc_sender->Send(new ExtensionMsg_Response( | 322 ipc_sender->Send(new ExtensionMsg_Response( |
307 routing_id, request_id, false, std::string(), | 323 routing_id, request_id, false, std::string(), |
308 "Access to extension API denied.")); | 324 "Access to extension API denied.")); |
309 } | 325 } |
OLD | NEW |