| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ | 5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ |
| 6 #define EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ | 6 #define EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 // Delegate class to allow different contexts (e.g. browser vs renderer) to | 42 // Delegate class to allow different contexts (e.g. browser vs renderer) to |
| 43 // have control over policy decisions. | 43 // have control over policy decisions. |
| 44 class PolicyDelegate { | 44 class PolicyDelegate { |
| 45 public: | 45 public: |
| 46 virtual ~PolicyDelegate() {} | 46 virtual ~PolicyDelegate() {} |
| 47 | 47 |
| 48 // Returns false if script access should be blocked on this page. | 48 // Returns false if script access should be blocked on this page. |
| 49 // Otherwise, default policy should decide. | 49 // Otherwise, default policy should decide. |
| 50 virtual bool CanExecuteScriptOnPage(const Extension* extension, | 50 virtual bool CanExecuteScriptOnPage(const Extension* extension, |
| 51 const GURL& document_url, | 51 const GURL& document_url, |
| 52 const GURL& top_document_url, | |
| 53 int tab_id, | 52 int tab_id, |
| 54 int process_id, | 53 int process_id, |
| 55 std::string* error) = 0; | 54 std::string* error) = 0; |
| 56 }; | 55 }; |
| 57 | 56 |
| 58 static void SetPolicyDelegate(PolicyDelegate* delegate); | 57 static void SetPolicyDelegate(PolicyDelegate* delegate); |
| 59 | 58 |
| 60 PermissionsData(const Extension* extension); | 59 PermissionsData(const Extension* extension); |
| 61 virtual ~PermissionsData(); | 60 virtual ~PermissionsData(); |
| 62 | 61 |
| (...skipping 10 matching lines...) Expand all Loading... |
| 73 const PermissionSet* permissions); | 72 const PermissionSet* permissions); |
| 74 | 73 |
| 75 // Returns true if we should skip the permissions warning for the extension | 74 // Returns true if we should skip the permissions warning for the extension |
| 76 // with the given |extension_id|. | 75 // with the given |extension_id|. |
| 77 static bool ShouldSkipPermissionWarnings(const std::string& extension_id); | 76 static bool ShouldSkipPermissionWarnings(const std::string& extension_id); |
| 78 | 77 |
| 79 // Returns true if the given |url| is restricted for the given |extension|, | 78 // Returns true if the given |url| is restricted for the given |extension|, |
| 80 // as is commonly the case for chrome:// urls. | 79 // as is commonly the case for chrome:// urls. |
| 81 // NOTE: You probably want to use CanAccessPage(). | 80 // NOTE: You probably want to use CanAccessPage(). |
| 82 static bool IsRestrictedUrl(const GURL& document_url, | 81 static bool IsRestrictedUrl(const GURL& document_url, |
| 83 const GURL& top_frame_url, | |
| 84 const Extension* extension, | 82 const Extension* extension, |
| 85 std::string* error); | 83 std::string* error); |
| 86 | 84 |
| 87 // Sets the runtime permissions of the given |extension| to |active| and | 85 // Sets the runtime permissions of the given |extension| to |active| and |
| 88 // |withheld|. | 86 // |withheld|. |
| 89 void SetPermissions(const scoped_refptr<const PermissionSet>& active, | 87 void SetPermissions(const scoped_refptr<const PermissionSet>& active, |
| 90 const scoped_refptr<const PermissionSet>& withheld) const; | 88 const scoped_refptr<const PermissionSet>& withheld) const; |
| 91 | 89 |
| 92 // Updates the tab-specific permissions of |tab_id| to include those from | 90 // Updates the tab-specific permissions of |tab_id| to include those from |
| 93 // |permissions|. | 91 // |permissions|. |
| (...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 151 // something close to it), but has had it withheld. | 149 // something close to it), but has had it withheld. |
| 152 bool HasWithheldImpliedAllHosts() const; | 150 bool HasWithheldImpliedAllHosts() const; |
| 153 | 151 |
| 154 // Returns true if the |extension| has permission to access and interact with | 152 // Returns true if the |extension| has permission to access and interact with |
| 155 // the specified page, in order to do things like inject scripts or modify | 153 // the specified page, in order to do things like inject scripts or modify |
| 156 // the content. | 154 // the content. |
| 157 // If this returns false and |error| is non-NULL, |error| will be popualted | 155 // If this returns false and |error| is non-NULL, |error| will be popualted |
| 158 // with the reason the extension cannot access the page. | 156 // with the reason the extension cannot access the page. |
| 159 bool CanAccessPage(const Extension* extension, | 157 bool CanAccessPage(const Extension* extension, |
| 160 const GURL& document_url, | 158 const GURL& document_url, |
| 161 const GURL& top_document_url, | |
| 162 int tab_id, | 159 int tab_id, |
| 163 int process_id, | 160 int process_id, |
| 164 std::string* error) const; | 161 std::string* error) const; |
| 165 // Like CanAccessPage, but also takes withheld permissions into account. | 162 // Like CanAccessPage, but also takes withheld permissions into account. |
| 166 // TODO(rdevlin.cronin) We shouldn't have two functions, but not all callers | 163 // TODO(rdevlin.cronin) We shouldn't have two functions, but not all callers |
| 167 // know how to wait for permission. | 164 // know how to wait for permission. |
| 168 AccessType GetPageAccess(const Extension* extension, | 165 AccessType GetPageAccess(const Extension* extension, |
| 169 const GURL& document_url, | 166 const GURL& document_url, |
| 170 const GURL& top_document_url, | |
| 171 int tab_id, | 167 int tab_id, |
| 172 int process_id, | 168 int process_id, |
| 173 std::string* error) const; | 169 std::string* error) const; |
| 174 | 170 |
| 175 // Returns true if the |extension| has permission to inject a content script | 171 // Returns true if the |extension| has permission to inject a content script |
| 176 // on the page. | 172 // on the page. |
| 177 // If this returns false and |error| is non-NULL, |error| will be popualted | 173 // If this returns false and |error| is non-NULL, |error| will be popualted |
| 178 // with the reason the extension cannot script the page. | 174 // with the reason the extension cannot script the page. |
| 179 // NOTE: You almost certainly want to use CanAccessPage() instead of this | 175 // NOTE: You almost certainly want to use CanAccessPage() instead of this |
| 180 // method. | 176 // method. |
| 181 bool CanRunContentScriptOnPage(const Extension* extension, | 177 bool CanRunContentScriptOnPage(const Extension* extension, |
| 182 const GURL& document_url, | 178 const GURL& document_url, |
| 183 const GURL& top_document_url, | |
| 184 int tab_id, | 179 int tab_id, |
| 185 int process_id, | 180 int process_id, |
| 186 std::string* error) const; | 181 std::string* error) const; |
| 187 // Like CanRunContentScriptOnPage, but also takes withheld permissions into | 182 // Like CanRunContentScriptOnPage, but also takes withheld permissions into |
| 188 // account. | 183 // account. |
| 189 // TODO(rdevlin.cronin) We shouldn't have two functions, but not all callers | 184 // TODO(rdevlin.cronin) We shouldn't have two functions, but not all callers |
| 190 // know how to wait for permission. | 185 // know how to wait for permission. |
| 191 AccessType GetContentScriptAccess(const Extension* extension, | 186 AccessType GetContentScriptAccess(const Extension* extension, |
| 192 const GURL& document_url, | 187 const GURL& document_url, |
| 193 const GURL& top_document_url, | |
| 194 int tab_id, | 188 int tab_id, |
| 195 int process_id, | 189 int process_id, |
| 196 std::string* error) const; | 190 std::string* error) const; |
| 197 | 191 |
| 198 // Returns true if extension is allowed to obtain the contents of a page as | 192 // Returns true if extension is allowed to obtain the contents of a page as |
| 199 // an image. Since a page may contain sensitive information, this is | 193 // an image. Since a page may contain sensitive information, this is |
| 200 // restricted to the extension's host permissions as well as the extension | 194 // restricted to the extension's host permissions as well as the extension |
| 201 // page itself. | 195 // page itself. |
| 202 bool CanCaptureVisiblePage(int tab_id, std::string* error) const; | 196 bool CanCaptureVisiblePage(int tab_id, std::string* error) const; |
| 203 | 197 |
| (...skipping 30 matching lines...) Expand all Loading... |
| 234 // Note that if this returns false, it doesn't mean the extension can't run on | 228 // Note that if this returns false, it doesn't mean the extension can't run on |
| 235 // the given tab, only that it does not have tab-specific permission to do so. | 229 // the given tab, only that it does not have tab-specific permission to do so. |
| 236 bool HasTabSpecificPermissionToExecuteScript(int tab_id, | 230 bool HasTabSpecificPermissionToExecuteScript(int tab_id, |
| 237 const GURL& url) const; | 231 const GURL& url) const; |
| 238 | 232 |
| 239 // Returns whether or not the extension is permitted to run on the given page, | 233 // Returns whether or not the extension is permitted to run on the given page, |
| 240 // checking against |permitted_url_patterns| in addition to blocking special | 234 // checking against |permitted_url_patterns| in addition to blocking special |
| 241 // sites (like the webstore or chrome:// urls). | 235 // sites (like the webstore or chrome:// urls). |
| 242 AccessType CanRunOnPage(const Extension* extension, | 236 AccessType CanRunOnPage(const Extension* extension, |
| 243 const GURL& document_url, | 237 const GURL& document_url, |
| 244 const GURL& top_document_url, | |
| 245 int tab_id, | 238 int tab_id, |
| 246 int process_id, | 239 int process_id, |
| 247 const URLPatternSet& permitted_url_patterns, | 240 const URLPatternSet& permitted_url_patterns, |
| 248 const URLPatternSet& withheld_url_patterns, | 241 const URLPatternSet& withheld_url_patterns, |
| 249 std::string* error) const; | 242 std::string* error) const; |
| 250 | 243 |
| 251 // The associated extension's id. | 244 // The associated extension's id. |
| 252 std::string extension_id_; | 245 std::string extension_id_; |
| 253 | 246 |
| 254 // The associated extension's manifest type. | 247 // The associated extension's manifest type. |
| (...skipping 16 matching lines...) Expand all Loading... |
| 271 mutable scoped_refptr<const PermissionSet> withheld_permissions_unsafe_; | 264 mutable scoped_refptr<const PermissionSet> withheld_permissions_unsafe_; |
| 272 | 265 |
| 273 mutable TabPermissionsMap tab_specific_permissions_; | 266 mutable TabPermissionsMap tab_specific_permissions_; |
| 274 | 267 |
| 275 DISALLOW_COPY_AND_ASSIGN(PermissionsData); | 268 DISALLOW_COPY_AND_ASSIGN(PermissionsData); |
| 276 }; | 269 }; |
| 277 | 270 |
| 278 } // namespace extensions | 271 } // namespace extensions |
| 279 | 272 |
| 280 #endif // EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ | 273 #endif // EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1150683007:
[Extensions] Use document url (not top url) for tab-specific permissions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master