chrome/renderer/extensions/resource_request_policy.cc - Issue 12218064: Non-web-accessible extension URLs should not load in non-extension processes

Side by Side Diff: chrome/renderer/extensions/resource_request_policy.cc

Issue 12218064: Non-web-accessible extension URLs should not load in non-extension processes (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix for a failing unit test Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/renderer/extensions/resource_request_policy.h"	5 #include "chrome/renderer/extensions/resource_request_policy.h"

6	6

7 #include "base/command_line.h"	7 #include "base/command_line.h"

8 #include "base/logging.h"	8 #include "base/logging.h"

9 #include "base/stringprintf.h"	9 #include "base/stringprintf.h"

10 #include "chrome/common/chrome_switches.h"	10 #include "chrome/common/chrome_switches.h"

11 #include "chrome/common/extensions/extension.h"	11 #include "chrome/common/extensions/extension.h"

12 #include "chrome/common/extensions/extension_set.h"	12 #include "chrome/common/extensions/extension_set.h"

13 #include "chrome/common/extensions/manifest_url_handler.h"	13 #include "chrome/common/extensions/manifest_url_handler.h"

14 #include "chrome/common/extensions/web_accessible_resources_handler.h"	14 #include "chrome/common/extensions/web_accessible_resources_handler.h"

15 #include "chrome/common/url_constants.h"	15 #include "chrome/common/url_constants.h"

16 #include "content/public/common/page_transition_types.h"	16 #include "content/public/common/page_transition_types.h"

17 #include "extensions/common/constants.h"	17 #include "extensions/common/constants.h"

18 #include "googleurl/src/gurl.h"	18 #include "googleurl/src/gurl.h"

19 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h"	19 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h"

20 #include "third_party/WebKit/Source/WebKit/chromium/public/WebConsoleMessage.h"	20 #include "third_party/WebKit/Source/WebKit/chromium/public/WebConsoleMessage.h"

21 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h"	21 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h"

22 #include "third_party/WebKit/Source/WebKit/chromium/public/WebFrame.h"	22 #include "third_party/WebKit/Source/WebKit/chromium/public/WebFrame.h"

23	23

24 namespace extensions {	24 namespace extensions {

25	25

	26 // This method does a security check whether chrome-extension:// URLs can be

	27 // requested by the renderer. Since this is in an untrusted process, the browser

	28 // has a similar check to enforce the policy, in case this process is exploited.

	29 // If you are changing this function, ensure equivalent checks are added to

	30 // extension_protocols.cc AllowExtensionResourceLoad.

	31

26 // static	32 // static

27 bool ResourceRequestPolicy::CanRequestResource(	33 bool ResourceRequestPolicy::CanRequestResource(

28 const GURL& resource_url,	34 const GURL& resource_url,

29 WebKit::WebFrame* frame,	35 WebKit::WebFrame* frame,

30 content::PageTransition transition_type,	36 content::PageTransition transition_type,

31 const ExtensionSet* loaded_extensions) {	37 const ExtensionSet* loaded_extensions) {

32 CHECK(resource_url.SchemeIs(extensions::kExtensionScheme));	38 CHECK(resource_url.SchemeIs(extensions::kExtensionScheme));

33	39

34 const Extension* extension =	40 const Extension* extension =

35 loaded_extensions->GetExtensionOrAppByURL(ExtensionURLInfo(resource_url));	41 loaded_extensions->GetExtensionOrAppByURL(ExtensionURLInfo(resource_url));

(...skipping 78 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
114 return false;	120 return false;

115 }	121 }

116	122

117 return true;	123 return true;

118 }	124 }

119	125

120 ResourceRequestPolicy::ResourceRequestPolicy() {	126 ResourceRequestPolicy::ResourceRequestPolicy() {

121 }	127 }

122	128

123 } // namespace extensions	129 } // namespace extensions

OLD	NEW

« no previous file with comments | « chrome/common/extensions/extension.h ('k') | chrome/test/data/chrome_extension_resource.html » ('j') | no next file with comments »