OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/renderer/extensions/resource_request_policy.h" | 5 #include "chrome/renderer/extensions/resource_request_policy.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "base/stringprintf.h" | 9 #include "base/stringprintf.h" |
10 #include "chrome/common/chrome_switches.h" | 10 #include "chrome/common/chrome_switches.h" |
11 #include "chrome/common/extensions/extension.h" | 11 #include "chrome/common/extensions/extension.h" |
12 #include "chrome/common/extensions/extension_set.h" | 12 #include "chrome/common/extensions/extension_set.h" |
13 #include "chrome/common/extensions/manifest_url_handler.h" | 13 #include "chrome/common/extensions/manifest_url_handler.h" |
14 #include "chrome/common/extensions/web_accessible_resources_handler.h" | 14 #include "chrome/common/extensions/web_accessible_resources_handler.h" |
15 #include "chrome/common/url_constants.h" | 15 #include "chrome/common/url_constants.h" |
16 #include "content/public/common/page_transition_types.h" | 16 #include "content/public/common/page_transition_types.h" |
17 #include "extensions/common/constants.h" | 17 #include "extensions/common/constants.h" |
18 #include "googleurl/src/gurl.h" | 18 #include "googleurl/src/gurl.h" |
19 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h" | 19 #include "third_party/WebKit/Source/Platform/chromium/public/WebString.h" |
20 #include "third_party/WebKit/Source/WebKit/chromium/public/WebConsoleMessage.h" | 20 #include "third_party/WebKit/Source/WebKit/chromium/public/WebConsoleMessage.h" |
21 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h" | 21 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h" |
22 #include "third_party/WebKit/Source/WebKit/chromium/public/WebFrame.h" | 22 #include "third_party/WebKit/Source/WebKit/chromium/public/WebFrame.h" |
23 | 23 |
24 namespace extensions { | 24 namespace extensions { |
25 | 25 |
| 26 // This method does a security check whether chrome-extension:// URLs can be |
| 27 // requested by the renderer. Since this is in an untrusted process, the browser |
| 28 // has a similar check to enforce the policy, in case this process is exploited. |
| 29 // If you are changing this function, ensure equivalent checks are added to |
| 30 // extension_protocols.cc AllowExtensionResourceLoad. |
| 31 |
26 // static | 32 // static |
27 bool ResourceRequestPolicy::CanRequestResource( | 33 bool ResourceRequestPolicy::CanRequestResource( |
28 const GURL& resource_url, | 34 const GURL& resource_url, |
29 WebKit::WebFrame* frame, | 35 WebKit::WebFrame* frame, |
30 content::PageTransition transition_type, | 36 content::PageTransition transition_type, |
31 const ExtensionSet* loaded_extensions) { | 37 const ExtensionSet* loaded_extensions) { |
32 CHECK(resource_url.SchemeIs(extensions::kExtensionScheme)); | 38 CHECK(resource_url.SchemeIs(extensions::kExtensionScheme)); |
33 | 39 |
34 const Extension* extension = | 40 const Extension* extension = |
35 loaded_extensions->GetExtensionOrAppByURL(ExtensionURLInfo(resource_url)); | 41 loaded_extensions->GetExtensionOrAppByURL(ExtensionURLInfo(resource_url)); |
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
114 return false; | 120 return false; |
115 } | 121 } |
116 | 122 |
117 return true; | 123 return true; |
118 } | 124 } |
119 | 125 |
120 ResourceRequestPolicy::ResourceRequestPolicy() { | 126 ResourceRequestPolicy::ResourceRequestPolicy() { |
121 } | 127 } |
122 | 128 |
123 } // namespace extensions | 129 } // namespace extensions |
OLD | NEW |