| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/renderer/extension_injection_host.h" |
| 6 |
| 7 #include "content/public/renderer/render_frame.h" |
| 5 #include "extensions/common/extension_set.h" | 8 #include "extensions/common/extension_set.h" |
| 6 #include "extensions/common/manifest_handlers/csp_info.h" | 9 #include "extensions/common/manifest_handlers/csp_info.h" |
| 7 #include "extensions/renderer/extension_injection_host.h" | 10 #include "extensions/renderer/extension_frame_helper.h" |
| 8 | 11 |
| 9 namespace extensions { | 12 namespace extensions { |
| 10 | 13 |
| 11 ExtensionInjectionHost::ExtensionInjectionHost( | 14 ExtensionInjectionHost::ExtensionInjectionHost( |
| 12 const Extension* extension) | 15 const Extension* extension) |
| 13 : InjectionHost(HostID(HostID::EXTENSIONS, extension->id())), | 16 : InjectionHost(HostID(HostID::EXTENSIONS, extension->id())), |
| 14 extension_(extension) { | 17 extension_(extension) { |
| 15 } | 18 } |
| 16 | 19 |
| 17 ExtensionInjectionHost::~ExtensionInjectionHost() { | 20 ExtensionInjectionHost::~ExtensionInjectionHost() { |
| (...skipping 17 matching lines...) Expand all Loading... |
| 35 const GURL& ExtensionInjectionHost::url() const { | 38 const GURL& ExtensionInjectionHost::url() const { |
| 36 return extension_->url(); | 39 return extension_->url(); |
| 37 } | 40 } |
| 38 | 41 |
| 39 const std::string& ExtensionInjectionHost::name() const { | 42 const std::string& ExtensionInjectionHost::name() const { |
| 40 return extension_->name(); | 43 return extension_->name(); |
| 41 } | 44 } |
| 42 | 45 |
| 43 PermissionsData::AccessType ExtensionInjectionHost::CanExecuteOnFrame( | 46 PermissionsData::AccessType ExtensionInjectionHost::CanExecuteOnFrame( |
| 44 const GURL& document_url, | 47 const GURL& document_url, |
| 45 const GURL& top_frame_url, | 48 content::RenderFrame* render_frame, |
| 46 int tab_id, | 49 int tab_id, |
| 47 bool is_declarative) const { | 50 bool is_declarative) const { |
| 48 // If we don't have a tab id, we have no UI surface to ask for user consent. | 51 // If we don't have a tab id, we have no UI surface to ask for user consent. |
| 49 // For now, we treat this as an automatic allow. | 52 // For now, we treat this as an automatic allow. |
| 50 if (tab_id == -1) | 53 if (tab_id == -1) |
| 51 return PermissionsData::ACCESS_ALLOWED; | 54 return PermissionsData::ACCESS_ALLOWED; |
| 52 | 55 |
| 56 const std::string& extension_id = |
| 57 ExtensionFrameHelper::Get(render_frame)->tab_extension_owner_id(); |
| 58 // We don't allow injections in any frame of an extension page (unless it's by |
| 59 // the owning extension). |
| 60 if (!extension_id.empty() && extension_id != extension_->id()) |
| 61 return PermissionsData::ACCESS_DENIED; |
| 62 |
| 53 // Declarative user scripts use "page access" (from "permissions" section in | 63 // Declarative user scripts use "page access" (from "permissions" section in |
| 54 // manifest) whereas non-declarative user scripts use custom | 64 // manifest) whereas non-declarative user scripts use custom |
| 55 // "content script access" logic. | 65 // "content script access" logic. |
| 56 if (is_declarative) { | 66 if (is_declarative) { |
| 57 return extension_->permissions_data()->GetPageAccess( | 67 return extension_->permissions_data()->GetPageAccess( |
| 58 extension_, | 68 extension_, |
| 59 document_url, | 69 document_url, |
| 60 top_frame_url, | |
| 61 tab_id, | 70 tab_id, |
| 62 -1, // no process id | 71 -1, // no process id |
| 63 nullptr /* ignore error */); | 72 nullptr /* ignore error */); |
| 64 } else { | 73 } else { |
| 65 return extension_->permissions_data()->GetContentScriptAccess( | 74 return extension_->permissions_data()->GetContentScriptAccess( |
| 66 extension_, | 75 extension_, |
| 67 document_url, | 76 document_url, |
| 68 top_frame_url, | |
| 69 tab_id, | 77 tab_id, |
| 70 -1, // no process id | 78 -1, // no process id |
| 71 nullptr /* ignore error */); | 79 nullptr /* ignore error */); |
| 72 } | 80 } |
| 73 } | 81 } |
| 74 | 82 |
| 75 bool ExtensionInjectionHost::ShouldNotifyBrowserOfInjection() const { | 83 bool ExtensionInjectionHost::ShouldNotifyBrowserOfInjection() const { |
| 76 // We notify the browser of any injection if the extension has no withheld | 84 // We notify the browser of any injection if the extension has no withheld |
| 77 // permissions (i.e., the permissions weren't restricted), but would have | 85 // permissions (i.e., the permissions weren't restricted), but would have |
| 78 // otherwise been affected by the scripts-require-action feature. | 86 // otherwise been affected by the scripts-require-action feature. |
| 79 return extension_->permissions_data()->withheld_permissions()->IsEmpty() && | 87 return extension_->permissions_data()->withheld_permissions()->IsEmpty() && |
| 80 PermissionsData::ScriptsMayRequireActionForExtension( | 88 PermissionsData::ScriptsMayRequireActionForExtension( |
| 81 extension_, | 89 extension_, |
| 82 extension_->permissions_data()->active_permissions().get()); | 90 extension_->permissions_data()->active_permissions().get()); |
| 83 } | 91 } |
| 84 | 92 |
| 85 } // namespace extensions | 93 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1150683007:
[Extensions] Use document url (not top url) for tab-specific permissions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master