Do not pass URLs in onUpdated events to extensions unless they have the

chrome/browser/extensions/extension_tab_util.cc

Index: chrome/browser/extensions/extension_tab_util.cc
diff --git a/chrome/browser/extensions/extension_tab_util.cc b/chrome/browser/extensions/extension_tab_util.cc
index 1ebe3af4a2e779be5ce682219100f6967218cd0e..d0682ba49e128322e62082d51f8bd6db41c9b180 100644
--- a/chrome/browser/extensions/extension_tab_util.cc
+++ b/chrome/browser/extensions/extension_tab_util.cc
@@ -64,14 +64,9 @@ DictionaryValue* ExtensionTabUtil::CreateTabValue(
     TabStripModel* tab_strip,
     int tab_index,
     const Extension* extension) {
-  // Only add privacy-sensitive data if the requesting extension has the tabs
-  // permission.
-  bool has_permission = extension && extension->HasAPIPermissionForTab(
-      GetTabId(contents), APIPermission::kTab);
-
-  return CreateTabValue(contents, tab_strip, tab_index,
-                        has_permission ? INCLUDE_PRIVACY_SENSITIVE_FIELDS :
-                            OMIT_PRIVACY_SENSITIVE_FIELDS);
+  DictionaryValue *result = CreateTabValue(contents, tab_strip, tab_index);
+  ScrubTabValueForExtension(contents, extension, result);
+  return result;
 }
 
 ListValue* ExtensionTabUtil::CreateTabList(
@@ -92,8 +87,7 @@ ListValue* ExtensionTabUtil::CreateTabList(
 DictionaryValue* ExtensionTabUtil::CreateTabValue(
     const WebContents* contents,
     TabStripModel* tab_strip,
-    int tab_index,
-    IncludePrivacySensitiveFields include_privacy_sensitive_fields) {
+    int tab_index) {
   if (!tab_strip)
     ExtensionTabUtil::GetTabStripModel(contents, &tab_strip, &tab_index);
 
@@ -114,14 +108,14 @@ DictionaryValue* ExtensionTabUtil::CreateTabValue(
   result->SetBoolean(keys::kIncognitoKey,
                      contents->GetBrowserContext()->IsOffTheRecord());
 
-  if (include_privacy_sensitive_fields == INCLUDE_PRIVACY_SENSITIVE_FIELDS) {
-    result->SetString(keys::kUrlKey, contents->GetURL().spec());
-    result->SetString(keys::kTitleKey, contents->GetTitle());
-    if (!is_loading) {
-      NavigationEntry* entry = contents->GetController().GetActiveEntry();
-      if (entry && entry->GetFavicon().valid)
-        result->SetString(keys::kFaviconUrlKey, entry->GetFavicon().url.spec());
-    }
+  // Privacy-sensitive fields: these should be stripped off by
+  // ScrubTabValueForExtension if the extension should not see them.
+  result->SetString(keys::kUrlKey, contents->GetURL().spec());
+  result->SetString(keys::kTitleKey, contents->GetTitle());
+  if (!is_loading) {
+    NavigationEntry* entry = contents->GetController().GetActiveEntry();
+    if (entry && entry->GetFavicon().valid)
+      result->SetString(keys::kFaviconUrlKey, entry->GetFavicon().url.spec());
   }
 
   if (tab_strip) {
@@ -133,6 +127,22 @@ DictionaryValue* ExtensionTabUtil::CreateTabValue(
   return result;
 }
 
+DictionaryValue* ExtensionTabUtil::ScrubTabValueForExtension(
+    const WebContents* contents,
+    const Extension* extension,
+    DictionaryValue* tab_info) {
+  bool has_permission = extension && extension->HasAPIPermissionForTab(
+      GetTabId(contents), APIPermission::kTab);
+
+  if (!has_permission) {
+    tab_info->Remove(keys::kUrlKey, NULL);
+    tab_info->Remove(keys::kTitleKey, NULL);
+    tab_info->Remove(keys::kFaviconUrlKey, NULL);
+  }
+
+  return tab_info;

[not at google - send to devlin, 2013/01/09 02:04:29]

returning something here is unnecessary

[mvrable, 2013/01/09 19:25:35]

Done.

+}
+
 bool ExtensionTabUtil::GetTabStripModel(const WebContents* web_contents,
                                         TabStripModel** tab_strip_model,
                                         int* tab_index) {