| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/renderer/user_script_set.h" | 5 #include "extensions/renderer/user_script_set.h" |
| 6 | 6 |
| 7 #include "base/memory/ref_counted.h" | 7 #include "base/memory/ref_counted.h" |
| 8 #include "content/public/common/url_constants.h" | 8 #include "content/public/common/url_constants.h" |
| 9 #include "content/public/renderer/render_thread.h" | 9 #include "content/public/renderer/render_thread.h" |
| 10 #include "extensions/common/extension.h" | 10 #include "extensions/common/extension.h" |
| (...skipping 204 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 215 is_declarative)); | 215 is_declarative)); |
| 216 | 216 |
| 217 blink::WebFrame* top_frame = web_frame->top(); | 217 blink::WebFrame* top_frame = web_frame->top(); |
| 218 // It doesn't make sense to do script injection for remote frames, since they | 218 // It doesn't make sense to do script injection for remote frames, since they |
| 219 // cannot host any documents or content. | 219 // cannot host any documents or content. |
| 220 // TODO(kalman): Fix this properly by moving all security checks into the | 220 // TODO(kalman): Fix this properly by moving all security checks into the |
| 221 // browser. See http://crbug.com/466373 for ongoing work here. | 221 // browser. See http://crbug.com/466373 for ongoing work here. |
| 222 if (top_frame->isWebRemoteFrame()) | 222 if (top_frame->isWebRemoteFrame()) |
| 223 return injection.Pass(); | 223 return injection.Pass(); |
| 224 | 224 |
| 225 if (injector->CanExecuteOnFrame(injection_host.get(), web_frame, | 225 if (injector->CanExecuteOnFrame( |
| 226 -1, // Content scripts are not tab-specific. | 226 injection_host.get(), |
| 227 top_frame->document().url()) == | 227 web_frame, |
| 228 -1 /* Content scripts are not tab-specific. */) == |
| 228 PermissionsData::ACCESS_DENIED) { | 229 PermissionsData::ACCESS_DENIED) { |
| 229 return injection.Pass(); | 230 return injection.Pass(); |
| 230 } | 231 } |
| 231 | 232 |
| 232 bool inject_css = !script->css_scripts().empty() && | 233 bool inject_css = !script->css_scripts().empty() && |
| 233 run_location == UserScript::DOCUMENT_START; | 234 run_location == UserScript::DOCUMENT_START; |
| 234 bool inject_js = | 235 bool inject_js = |
| 235 !script->js_scripts().empty() && script->run_location() == run_location; | 236 !script->js_scripts().empty() && script->run_location() == run_location; |
| 236 if (inject_css || inject_js) { | 237 if (inject_css || inject_js) { |
| 237 injection.reset(new ScriptInjection( | 238 injection.reset(new ScriptInjection( |
| 238 injector.Pass(), | 239 injector.Pass(), |
| 239 web_frame->toWebLocalFrame(), | 240 web_frame->toWebLocalFrame(), |
| 240 injection_host.Pass(), | 241 injection_host.Pass(), |
| 241 run_location, | 242 run_location, |
| 242 tab_id)); | 243 tab_id)); |
| 243 } | 244 } |
| 244 return injection.Pass(); | 245 return injection.Pass(); |
| 245 } | 246 } |
| 246 | 247 |
| 247 } // namespace extensions | 248 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1150683007:
[Extensions] Use document url (not top url) for tab-specific permissions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master