Revert of Move Extension ScriptContext creation into ScriptContextSet.

extensions/renderer/dispatcher.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/renderer/dispatcher.h"
 
 #include "base/bind.h"
 #include "base/callback.h"
 #include "base/command_line.h"
 #include "base/debug/alias.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/metrics/user_metrics_action.h"
 #include "base/strings/string_piece.h"
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "base/time/time.h"
 #include "base/values.h"
 #include "content/grit/content_resources.h"
 #include "content/public/child/v8_value_converter.h"
 #include "content/public/common/content_switches.h"
 #include "content/public/common/url_constants.h"
 #include "content/public/renderer/render_thread.h"
 #include "content/public/renderer/render_view.h"
 #include "extensions/common/api/messaging/message.h"
 #include "extensions/common/constants.h"
+#include "extensions/common/extension.h"
 #include "extensions/common/extension_api.h"
 #include "extensions/common/extension_messages.h"
 #include "extensions/common/extension_urls.h"
 #include "extensions/common/feature_switch.h"
 #include "extensions/common/features/feature.h"
 #include "extensions/common/features/feature_provider.h"
 #include "extensions/common/manifest.h"
 #include "extensions/common/manifest_constants.h"
 #include "extensions/common/manifest_handlers/background_info.h"
 #include "extensions/common/manifest_handlers/content_capabilities_handler.h"
 #include "extensions/common/manifest_handlers/externally_connectable.h"
 #include "extensions/common/manifest_handlers/options_page_info.h"
+#include "extensions/common/manifest_handlers/sandboxed_page_info.h"
 #include "extensions/common/message_bundle.h"
 #include "extensions/common/permissions/permission_set.h"
 #include "extensions/common/permissions/permissions_data.h"
 #include "extensions/common/switches.h"
 #include "extensions/common/view_type.h"
 #include "extensions/renderer/api_activity_logger.h"
 #include "extensions/renderer/api_definitions_natives.h"
 #include "extensions/renderer/app_runtime_custom_bindings.h"
 #include "extensions/renderer/app_window_custom_bindings.h"
 #include "extensions/renderer/binding_generating_native_handler.h"
 #include "extensions/renderer/blob_native_handler.h"
 #include "extensions/renderer/content_watcher.h"
 #include "extensions/renderer/context_menus_custom_bindings.h"
 #include "extensions/renderer/css_native_handler.h"
 #include "extensions/renderer/dispatcher_delegate.h"
 #include "extensions/renderer/document_custom_bindings.h"
 #include "extensions/renderer/dom_activity_logger.h"
 #include "extensions/renderer/event_bindings.h"
+#include "extensions/renderer/extension_groups.h"
 #include "extensions/renderer/extension_helper.h"
 #include "extensions/renderer/extensions_renderer_client.h"
 #include "extensions/renderer/file_system_natives.h"
 #include "extensions/renderer/guest_view/guest_view_internal_custom_bindings.h"
 #include "extensions/renderer/i18n_custom_bindings.h"
 #include "extensions/renderer/id_generator_custom_bindings.h"
 #include "extensions/renderer/lazy_background_page_native_handler.h"
 #include "extensions/renderer/logging_native_handler.h"
 #include "extensions/renderer/messaging_bindings.h"
 #include "extensions/renderer/module_system.h"
@@ skipping 128 matching lines @@
       command_line.HasSwitch(switches::kExtensionProcess) ||
       command_line.HasSwitch(::switches::kSingleProcess);
 
   if (set_idle_notifications_) {
     RenderThread::Get()->SetIdleNotificationDelayInMs(
         kInitialExtensionIdleHandlerDelayMs);
   }
 
   RenderThread::Get()->RegisterExtension(SafeBuiltins::CreateV8Extension());
 
-  script_context_set_.reset(
-      new ScriptContextSet(&extensions_, &active_extension_ids_));
   user_script_set_manager_.reset(new UserScriptSetManager(&extensions_));
   script_injection_manager_.reset(
       new ScriptInjectionManager(&extensions_, user_script_set_manager_.get()));
   user_script_set_manager_observer_.Add(user_script_set_manager_.get());
   request_sender_.reset(new RequestSender(this));
   PopulateSourceMap();
 }
 
 Dispatcher::~Dispatcher() {
 }
 
 void Dispatcher::OnRenderViewCreated(content::RenderView* render_view) {
   script_injection_manager_->OnRenderViewCreated(render_view);
 }
 
 bool Dispatcher::IsExtensionActive(const std::string& extension_id) const {
   bool is_active =
       active_extension_ids_.find(extension_id) != active_extension_ids_.end();
   if (is_active)
     CHECK(extensions_.Contains(extension_id));
   return is_active;
 }
 
+const Extension* Dispatcher::GetExtensionFromFrameAndWorld(
+    const blink::WebFrame* frame,
+    int world_id,
+    bool use_effective_url) {
+  std::string extension_id;
+  if (world_id != 0) {
+    // Isolated worlds (content script).
+    extension_id = ScriptInjection::GetHostIdForIsolatedWorld(world_id);
+  } else if (!frame->document().securityOrigin().isUnique()) {
+    // TODO(kalman): Delete the above check.
+
+    // Extension pages (chrome-extension:// URLs).
+    GURL frame_url = ScriptContext::GetDataSourceURLForFrame(frame);
+    frame_url = ScriptContext::GetEffectiveDocumentURL(
+        frame, frame_url, use_effective_url);
+    extension_id = extensions_.GetExtensionOrAppIDByURL(frame_url);
+  }
+
+  const Extension* extension = extensions_.GetByID(extension_id);
+  if (!extension && !extension_id.empty()) {
+    // There are conditions where despite a context being associated with an
+    // extension, no extension actually gets found.  Ignore "invalid" because
+    // CSP blocks extension page loading by switching the extension ID to
+    // "invalid". This isn't interesting.
+    if (extension_id != "invalid") {
+      LOG(ERROR) << "Extension \"" << extension_id << "\" not found";
+      RenderThread::Get()->RecordAction(
+          UserMetricsAction("ExtensionNotFound_ED"));
+    }
+  }
+  return extension;
+}
+
 void Dispatcher::DidCreateScriptContext(
     blink::WebLocalFrame* frame,
     const v8::Handle<v8::Context>& v8_context,
     int extension_group,
     int world_id) {
   const base::TimeTicks start_time = base::TimeTicks::Now();
 
-  ScriptContext* context = script_context_set_->Register(
-      frame, v8_context, extension_group, world_id);
+  const Extension* extension =
+      GetExtensionFromFrameAndWorld(frame, world_id, false);
+  const Extension* effective_extension =
+      GetExtensionFromFrameAndWorld(frame, world_id, true);
+
+  GURL frame_url = ScriptContext::GetDataSourceURLForFrame(frame);
+  Feature::Context context_type =
+      ClassifyJavaScriptContext(extension,
+                                extension_group,
+                                frame_url,
+                                frame->document().securityOrigin());
+  Feature::Context effective_context_type = ClassifyJavaScriptContext(
+      effective_extension,
+      extension_group,
+      ScriptContext::GetEffectiveDocumentURL(frame, frame_url, true),
+      frame->document().securityOrigin());
+
+  ScriptContext* context =
+      new ScriptContext(v8_context, frame, extension, context_type,
+                        effective_extension, effective_context_type);
+  script_context_set_.Add(context);
 
   // Initialize origin permissions for content scripts, which can't be
   // initialized in |OnActivateExtension|.
-  if (context->context_type() == Feature::CONTENT_SCRIPT_CONTEXT)
-    InitOriginPermissions(context->extension());
+  if (context_type == Feature::CONTENT_SCRIPT_CONTEXT)
+    InitOriginPermissions(extension);
 
   {
     scoped_ptr<ModuleSystem> module_system(
         new ModuleSystem(context, &source_map_));
     context->set_module_system(module_system.Pass());
   }
   ModuleSystem* module_system = context->module_system();
 
   // Enable natives in startup.
   ModuleSystem::NativesEnabledScope natives_enabled_scope(module_system);
@@ skipping 14 matching lines @@
   bool is_within_platform_app = IsWithinPlatformApp();
   // Inject custom JS into the platform app context.
   if (is_within_platform_app) {
     module_system->Require("platformApp");
   }
 
   RequireGuestViewModules(context);
   delegate_->RequireAdditionalModules(context, is_within_platform_app);
 
   const base::TimeDelta elapsed = base::TimeTicks::Now() - start_time;
-  switch (context->context_type()) {
+  switch (context_type) {
     case Feature::UNSPECIFIED_CONTEXT:
       UMA_HISTOGRAM_TIMES("Extensions.DidCreateScriptContext_Unspecified",
                           elapsed);
       break;
     case Feature::BLESSED_EXTENSION_CONTEXT:
       UMA_HISTOGRAM_TIMES("Extensions.DidCreateScriptContext_Blessed", elapsed);
       break;
     case Feature::UNBLESSED_EXTENSION_CONTEXT:
       UMA_HISTOGRAM_TIMES("Extensions.DidCreateScriptContext_Unblessed",
                           elapsed);
       break;
     case Feature::CONTENT_SCRIPT_CONTEXT:
       UMA_HISTOGRAM_TIMES("Extensions.DidCreateScriptContext_ContentScript",
                           elapsed);
       break;
     case Feature::WEB_PAGE_CONTEXT:
       UMA_HISTOGRAM_TIMES("Extensions.DidCreateScriptContext_WebPage", elapsed);
       break;
     case Feature::BLESSED_WEB_PAGE_CONTEXT:
       UMA_HISTOGRAM_TIMES("Extensions.DidCreateScriptContext_BlessedWebPage",
                           elapsed);
       break;
     case Feature::WEBUI_CONTEXT:
       UMA_HISTOGRAM_TIMES("Extensions.DidCreateScriptContext_WebUI", elapsed);
       break;
   }
 
-  VLOG(1) << "Num tracked contexts: " << script_context_set_->size();
+  VLOG(1) << "Num tracked contexts: " << script_context_set_.size();
 }
 
 void Dispatcher::WillReleaseScriptContext(
     blink::WebLocalFrame* frame,
     const v8::Handle<v8::Context>& v8_context,
     int world_id) {
-  ScriptContext* context = script_context_set_->GetByV8Context(v8_context);
+  ScriptContext* context = script_context_set_.GetByV8Context(v8_context);
   if (!context)
     return;
 
   context->DispatchOnUnloadEvent();
   // TODO(kalman): add an invalidation observer interface to ScriptContext.
   request_sender_->InvalidateSource(context);
 
-  script_context_set_->Remove(context);
-  VLOG(1) << "Num tracked contexts: " << script_context_set_->size();
+  script_context_set_.Remove(context);
+  VLOG(1) << "Num tracked contexts: " << script_context_set_.size();
 }
 
 void Dispatcher::DidCreateDocumentElement(blink::WebFrame* frame) {
   // Note: use GetEffectiveDocumentURL not just frame->document()->url()
   // so that this also injects the stylesheet on about:blank frames that
   // are hosted in the extension process.
   GURL effective_document_url = ScriptContext::GetEffectiveDocumentURL(
       frame, frame->document().url(), true /* match_about_blank */);
 
   const Extension* extension =
@@ skipping 50 matching lines @@
     const std::string& function_name,
     ScriptContext* context) const {
   if (!context) {
     DLOG(ERROR) << "Not in a v8::Context";
     return false;
   }
 
   // Theoretically we could end up with bindings being injected into sandboxed
   // frames, for example content scripts. Don't let them execute API functions.
   blink::WebFrame* frame = context->web_frame();
-  if (ScriptContext::IsSandboxedPage(
-          extensions_, ScriptContext::GetDataSourceURLForFrame(frame))) {
+  if (IsSandboxedPage(ScriptContext::GetDataSourceURLForFrame(frame))) {
     static const char kMessage[] =
         "%s cannot be used within a sandboxed frame.";
     std::string error_msg = base::StringPrintf(kMessage, function_name.c_str());
     context->isolate()->ThrowException(v8::Exception::Error(
         v8::String::NewFromUtf8(context->isolate(), error_msg.c_str())));
     return false;
   }
 
   Feature::Availability availability = context->GetAvailability(function_name);
   if (!availability.is_available()) {
     context->isolate()->ThrowException(
         v8::Exception::Error(v8::String::NewFromUtf8(
             context->isolate(), availability.message().c_str())));
   }
 
   return availability.is_available();
 }
 
 void Dispatcher::DispatchEvent(const std::string& extension_id,
                                const std::string& event_name) const {
   base::ListValue args;
   args.Set(0, new base::StringValue(event_name));
   args.Set(1, new base::ListValue());
 
   // Needed for Windows compilation, since kEventBindings is declared extern.
   const char* local_event_bindings = kEventBindings;
-  script_context_set_->ForEach(
-      extension_id, base::Bind(&CallModuleMethod, local_event_bindings,
-                               kEventDispatchFunction, &args));
+  script_context_set_.ForEach(extension_id,
+                              base::Bind(&CallModuleMethod,
+                                         local_event_bindings,
+                                         kEventDispatchFunction,
+                                         &args));
 }
 
 void Dispatcher::InvokeModuleSystemMethod(content::RenderView* render_view,
                                           const std::string& extension_id,
                                           const std::string& module_name,
                                           const std::string& function_name,
                                           const base::ListValue& args,
                                           bool user_gesture) {
   scoped_ptr<WebScopedUserGesture> web_user_gesture;
   if (user_gesture)
     web_user_gesture.reset(new WebScopedUserGesture);
 
-  script_context_set_->ForEach(
-      extension_id, render_view,
+  script_context_set_.ForEach(
+      extension_id,
+      render_view,
       base::Bind(&CallModuleMethod, module_name, function_name, &args));
 
   // Reset the idle handler each time there's any activity like event or message
   // dispatch, for which Invoke is the chokepoint.
   if (set_idle_notifications_) {
     RenderThread::Get()->ScheduleIdleHandler(
         kInitialExtensionIdleHandlerDelayMs);
   }
 
   // Tell the browser process when an event has been dispatched with a lazy
@@ skipping 384 matching lines @@
 
 void Dispatcher::OnDeliverMessage(int target_port_id, const Message& message) {
   scoped_ptr<RequestSender::ScopedTabID> scoped_tab_id;
   std::map<int, int>::const_iterator it =
       port_to_tab_id_map_.find(target_port_id);
   if (it != port_to_tab_id_map_.end()) {
     scoped_tab_id.reset(
         new RequestSender::ScopedTabID(request_sender(), it->second));
   }
 
-  MessagingBindings::DeliverMessage(*script_context_set_, target_port_id,
+  MessagingBindings::DeliverMessage(script_context_set_,
+                                    target_port_id,
                                     message,
                                     NULL);  // All render frames.
 }
 
 void Dispatcher::OnDispatchOnConnect(
     int target_port_id,
     const std::string& channel_name,
     const ExtensionMsg_TabConnectionInfo& source,
     const ExtensionMsg_ExternalConnectionInfo& info,
     const std::string& tls_channel_id) {
   DCHECK(!ContainsKey(port_to_tab_id_map_, target_port_id));
   DCHECK_EQ(1, target_port_id % 2);  // target renderer ports have odd IDs.
   int sender_tab_id = -1;
   source.tab.GetInteger("id", &sender_tab_id);
   port_to_tab_id_map_[target_port_id] = sender_tab_id;
 
-  MessagingBindings::DispatchOnConnect(*script_context_set_, target_port_id,
-                                       channel_name, source, info,
+  MessagingBindings::DispatchOnConnect(script_context_set_,
+                                       target_port_id,
+                                       channel_name,
+                                       source,
+                                       info,
                                        tls_channel_id,
                                        NULL);  // All render frames.
 }
 
 void Dispatcher::OnDispatchOnDisconnect(int port_id,
                                         const std::string& error_message) {
-  MessagingBindings::DispatchOnDisconnect(*script_context_set_, port_id,
+  MessagingBindings::DispatchOnDisconnect(script_context_set_,
+                                          port_id,
                                           error_message,
                                           NULL);  // All render frames.
 }
 
 void Dispatcher::OnLoaded(
     const std::vector<ExtensionMsg_Loaded_Params>& loaded_extensions) {
   std::vector<ExtensionMsg_Loaded_Params>::const_iterator i;
   for (i = loaded_extensions.begin(); i != loaded_extensions.end(); ++i) {
     std::string error;
     scoped_refptr<const Extension> extension = i->ConvertToExtension(&error);
@@ skipping 69 matching lines @@
 
   script_injection_manager_->OnExtensionUnloaded(id);
 
   // If the extension is later reloaded with a different set of permissions,
   // we'd like it to get a new isolated world ID, so that it can pick up the
   // changed origin whitelist.
   ScriptInjection::RemoveIsolatedWorld(id);
 
   // Invalidate all of the contexts that were removed.
   // TODO(kalman): add an invalidation observer interface to ScriptContext.
-  std::set<ScriptContext*> removed_contexts =
-      script_context_set_->OnExtensionUnloaded(id);
-  for (ScriptContext* context : removed_contexts) {
-    request_sender_->InvalidateSource(context);
+  ScriptContextSet::ContextSet removed_contexts =
+      script_context_set_.OnExtensionUnloaded(id);
+  for (ScriptContextSet::ContextSet::iterator it = removed_contexts.begin();
+       it != removed_contexts.end();
+       ++it) {
+    request_sender_->InvalidateSource(*it);
   }
 
   // Update the available bindings for the remaining contexts. These may have
   // changed if an externally_connectable extension is unloaded and a webpage
   // is no longer accessible.
   UpdateBindings("");
 
   // Invalidates the messages map for the extension in case the extension is
   // reloaded with a new messages map.
   EraseL10nMessagesMap(id);
@@ skipping 344 matching lines @@
   for (std::set<std::string>::iterator iter = active_extension_ids_.begin();
        iter != active_extension_ids_.end();
        ++iter) {
     const Extension* extension = extensions_.GetByID(*iter);
     if (extension && extension->is_platform_app())
       return true;
   }
   return false;
 }
 
+// TODO(kalman): This is checking for the wrong thing, it should be checking if
+// the frame's security origin is unique. The extension sandbox directive is
+// checked for in extensions/common/manifest_handlers/csp_info.cc.
+bool Dispatcher::IsSandboxedPage(const GURL& url) const {
+  if (url.SchemeIs(kExtensionScheme)) {
+    const Extension* extension = extensions_.GetByID(url.host());
+    if (extension) {
+      return SandboxedPageInfo::IsSandboxedPage(extension, url.path());
+    }
+  }
+  return false;
+}
+
+Feature::Context Dispatcher::ClassifyJavaScriptContext(
+    const Extension* extension,
+    int extension_group,
+    const GURL& url,
+    const blink::WebSecurityOrigin& origin) {
+  // WARNING: This logic must match ProcessMap::GetContextType, as much as
+  // possible.
+
+  DCHECK_GE(extension_group, 0);
+  if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS) {
+    return extension ?  // TODO(kalman): when does this happen?
+               Feature::CONTENT_SCRIPT_CONTEXT
+                     : Feature::UNSPECIFIED_CONTEXT;
+  }
+
+  // We have an explicit check for sandboxed pages before checking whether the
+  // extension is active in this process because:
+  // 1. Sandboxed pages run in the same process as regular extension pages, so
+  //    the extension is considered active.
+  // 2. ScriptContext creation (which triggers bindings injection) happens
+  //    before the SecurityContext is updated with the sandbox flags (after
+  //    reading the CSP header), so the caller can't check if the context's
+  //    security origin is unique yet.
+  if (IsSandboxedPage(url))
+    return Feature::WEB_PAGE_CONTEXT;
+
+  if (extension && IsExtensionActive(extension->id())) {
+    // |extension| is active in this process, but it could be either a true
+    // extension process or within the extent of a hosted app. In the latter
+    // case this would usually be considered a (blessed) web page context,
+    // unless the extension in question is a component extension, in which case
+    // we cheat and call it blessed.
+    return (extension->is_hosted_app() &&
+            extension->location() != Manifest::COMPONENT)
+               ? Feature::BLESSED_WEB_PAGE_CONTEXT
+               : Feature::BLESSED_EXTENSION_CONTEXT;
+  }
+
+  // TODO(kalman): This isUnique() check is wrong, it should be performed as
+  // part of IsSandboxedPage().
+  if (!origin.isUnique() && extensions_.ExtensionBindingsAllowed(url)) {
+    if (!extension)  // TODO(kalman): when does this happen?
+      return Feature::UNSPECIFIED_CONTEXT;
+    return extension->is_hosted_app() ? Feature::BLESSED_WEB_PAGE_CONTEXT
+                                      : Feature::UNBLESSED_EXTENSION_CONTEXT;
+  }
+
+  if (!url.is_valid())
+    return Feature::UNSPECIFIED_CONTEXT;
+
+  if (url.SchemeIs(content::kChromeUIScheme))
+    return Feature::WEBUI_CONTEXT;
+
+  return Feature::WEB_PAGE_CONTEXT;
+}
+
 v8::Handle<v8::Object> Dispatcher::GetOrCreateObject(
     const v8::Handle<v8::Object>& object,
     const std::string& field,
     v8::Isolate* isolate) {
   v8::Handle<v8::String> key = v8::String::NewFromUtf8(isolate, field.c_str());
   // If the object has a callback property, it is assumed it is an unavailable
   // API, so it is safe to delete. This is checked before GetOrCreateObject is
   // called.
   if (object->HasRealNamedCallbackProperty(key)) {
     object->Delete(key);
@@ skipping 96 matching lines @@
   // The "guestViewDeny" module must always be loaded last. It registers
   // error-providing custom elements for the GuestView types that are not
   // available, and thus all of those types must have been checked and loaded
   // (or not loaded) beforehand.
   if (context_type == Feature::BLESSED_EXTENSION_CONTEXT) {
     module_system->Require("guestViewDeny");
   }
 }
 
 }  // namespace extensions