OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/extension_protocols.h" | 5 #include "chrome/browser/extensions/extension_protocols.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
9 #include "base/compiler_specific.h" | 9 #include "base/compiler_specific.h" |
10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 #include "base/memory/weak_ptr.h" | 12 #include "base/memory/weak_ptr.h" |
13 #include "base/message_loop.h" | 13 #include "base/message_loop.h" |
14 #include "base/path_service.h" | 14 #include "base/path_service.h" |
15 #include "base/string_util.h" | 15 #include "base/string_util.h" |
16 #include "base/stringprintf.h" | 16 #include "base/stringprintf.h" |
17 #include "base/threading/thread_restrictions.h" | 17 #include "base/threading/thread_restrictions.h" |
18 #include "base/threading/worker_pool.h" | 18 #include "base/threading/worker_pool.h" |
19 #include "build/build_config.h" | 19 #include "build/build_config.h" |
20 #include "chrome/browser/extensions/extension_info_map.h" | 20 #include "chrome/browser/extensions/extension_info_map.h" |
21 #include "chrome/browser/extensions/image_loader.h" | 21 #include "chrome/browser/extensions/image_loader.h" |
22 #include "chrome/browser/net/chrome_url_request_context.h" | 22 #include "chrome/browser/net/chrome_url_request_context.h" |
23 #include "chrome/common/chrome_paths.h" | 23 #include "chrome/common/chrome_paths.h" |
24 #include "chrome/common/extensions/extension.h" | 24 #include "chrome/common/extensions/extension.h" |
25 #include "chrome/common/extensions/extension_file_util.h" | 25 #include "chrome/common/extensions/extension_file_util.h" |
26 #include "chrome/common/extensions/extension_resource.h" | 26 #include "chrome/common/extensions/extension_resource.h" |
27 #include "chrome/common/extensions/manifest_url_handler.h" | |
27 #include "chrome/common/extensions/web_accessible_resources_handler.h" | 28 #include "chrome/common/extensions/web_accessible_resources_handler.h" |
28 #include "chrome/common/url_constants.h" | 29 #include "chrome/common/url_constants.h" |
29 #include "content/public/browser/resource_request_info.h" | 30 #include "content/public/browser/resource_request_info.h" |
30 #include "extensions/common/constants.h" | 31 #include "extensions/common/constants.h" |
31 #include "googleurl/src/url_util.h" | 32 #include "googleurl/src/url_util.h" |
32 #include "grit/component_extension_resources_map.h" | 33 #include "grit/component_extension_resources_map.h" |
33 #include "net/base/mime_util.h" | 34 #include "net/base/mime_util.h" |
34 #include "net/base/net_errors.h" | 35 #include "net/base/net_errors.h" |
35 #include "net/http/http_response_headers.h" | 36 #include "net/http/http_response_headers.h" |
36 #include "net/http/http_response_info.h" | 37 #include "net/http/http_response_info.h" |
(...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
258 } | 259 } |
259 | 260 |
260 return true; | 261 return true; |
261 } | 262 } |
262 | 263 |
263 // Returns true if an chrome-extension:// resource should be allowed to load. | 264 // Returns true if an chrome-extension:// resource should be allowed to load. |
264 // TODO(aa): This should be moved into ExtensionResourceRequestPolicy, but we | 265 // TODO(aa): This should be moved into ExtensionResourceRequestPolicy, but we |
265 // first need to find a way to get CanLoadInIncognito state into the renderers. | 266 // first need to find a way to get CanLoadInIncognito state into the renderers. |
266 bool AllowExtensionResourceLoad(net::URLRequest* request, | 267 bool AllowExtensionResourceLoad(net::URLRequest* request, |
267 bool is_incognito, | 268 bool is_incognito, |
269 const Extension* extension, | |
268 ExtensionInfoMap* extension_info_map) { | 270 ExtensionInfoMap* extension_info_map) { |
269 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request); | 271 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request); |
270 | 272 |
271 // We have seen crashes where info is NULL: crbug.com/52374. | 273 // We have seen crashes where info is NULL: crbug.com/52374. |
272 if (!info) { | 274 if (!info) { |
273 LOG(ERROR) << "Allowing load of " << request->url().spec() | 275 LOG(ERROR) << "Allowing load of " << request->url().spec() |
274 << "from unknown origin. Could not find user data for " | 276 << "from unknown origin. Could not find user data for " |
275 << "request."; | 277 << "request."; |
276 return true; | 278 return true; |
277 } | 279 } |
278 | 280 |
279 if (is_incognito && !ExtensionCanLoadInIncognito(info, request->url().host(), | 281 if (is_incognito && !ExtensionCanLoadInIncognito(info, request->url().host(), |
280 extension_info_map)) { | 282 extension_info_map)) { |
281 return false; | 283 return false; |
282 } | 284 } |
283 | 285 |
286 // The following checks are meant to replicate similar set of checks in the | |
287 // renderer process, performed by ResourceRequestPolicy::CanRequestResource. | |
Matt Perry
2013/02/21 20:24:43
Can you refactor that method to somewhere in chrom
nasko
2013/02/21 21:41:06
I actually tried to do that first, but it didn't e
Matt Perry
2013/02/21 21:50:07
Interesting.. I could have sworn we had access to
| |
288 // These are not exact equivalent, because we don't have the same bits of | |
289 // information. The two checks need to be kept in sync as much as possible, as | |
290 // an exploited renderer can bypass the checks in ResourceRequestPolicy. | |
291 | |
292 // Check if the extension for which this request is made is indeed loaded in | |
293 // the process sending the request. If not, we need to explicitly check if | |
294 // the resource is explicitly accessible or fits in a set of exception cases. | |
295 // Note: This allows a case where two extensions execute in the same renderer | |
296 // process to request each other's resources. We can't do more precise check, | |
297 // since the renderer can lie which extension has made the request. | |
298 if (extension_info_map->process_map().Contains( | |
299 request->url().host(), info->GetChildID())) { | |
300 return true; | |
301 } | |
302 | |
303 // TODO(nasko): Based on MaybeCreateJob, extension can be null, so check here. | |
304 // Should we succeed or fail here? | |
305 if (!extension) | |
306 return true; | |
307 | |
308 // Disallow loading of packaged resources for hosted apps. We don't allow | |
309 // hybrid hosted/packaged apps. The one exception is access to icons, since | |
310 // some extensions want to be able to do things like create their own | |
311 // launchers. | |
312 std::string resource_root_relative_path = | |
313 request->url().path().empty() ? "" : request->url().path().substr(1); | |
314 if (extension->is_hosted_app() && | |
315 !extension->icons().ContainsPath(resource_root_relative_path)) { | |
316 LOG(ERROR) << "Denying load of " << request->url().spec() << " from " | |
317 << "hosted app."; | |
318 return false; | |
319 } | |
320 | |
321 // If the resource is not expicitly marked as web accessible, it should only | |
322 // be allowed if it is being loaded by DevTools. A close approximation is | |
323 // checking if the extension contains DevTools page. | |
324 // IsResourceWebAccessible already does the manifest version check, so no | |
325 // need to explicitly do it. | |
326 if (!extensions::WebAccessibleResourcesInfo::IsResourceWebAccessible( | |
327 extension, request->url().path()) && | |
328 extensions::ManifestURL::GetDevToolsPage(extension).is_empty()) { | |
329 return false; | |
330 } | |
331 | |
332 if (!content::PageTransitionIsWebTriggerable(info->GetPageTransition())) | |
333 return false; | |
334 | |
284 return true; | 335 return true; |
285 } | 336 } |
286 | 337 |
287 // Returns true if the given URL references an icon in the given extension. | 338 // Returns true if the given URL references an icon in the given extension. |
288 bool URLIsForExtensionIcon(const GURL& url, const Extension* extension) { | 339 bool URLIsForExtensionIcon(const GURL& url, const Extension* extension) { |
289 DCHECK(url.SchemeIs(extensions::kExtensionScheme)); | 340 DCHECK(url.SchemeIs(extensions::kExtensionScheme)); |
290 | 341 |
291 if (!extension) | 342 if (!extension) |
292 return false; | 343 return false; |
293 | 344 |
(...skipping 21 matching lines...) Expand all Loading... | |
315 private: | 366 private: |
316 const bool is_incognito_; | 367 const bool is_incognito_; |
317 ExtensionInfoMap* const extension_info_map_; | 368 ExtensionInfoMap* const extension_info_map_; |
318 DISALLOW_COPY_AND_ASSIGN(ExtensionProtocolHandler); | 369 DISALLOW_COPY_AND_ASSIGN(ExtensionProtocolHandler); |
319 }; | 370 }; |
320 | 371 |
321 // Creates URLRequestJobs for extension:// URLs. | 372 // Creates URLRequestJobs for extension:// URLs. |
322 net::URLRequestJob* | 373 net::URLRequestJob* |
323 ExtensionProtocolHandler::MaybeCreateJob( | 374 ExtensionProtocolHandler::MaybeCreateJob( |
324 net::URLRequest* request, net::NetworkDelegate* network_delegate) const { | 375 net::URLRequest* request, net::NetworkDelegate* network_delegate) const { |
376 // chrome-extension://extension-id/resource/path.js | |
377 const std::string& extension_id = request->url().host(); | |
378 const Extension* extension = | |
379 extension_info_map_->extensions().GetByID(extension_id); | |
380 | |
325 // TODO(mpcomplete): better error code. | 381 // TODO(mpcomplete): better error code. |
326 if (!AllowExtensionResourceLoad( | 382 if (!AllowExtensionResourceLoad( |
327 request, is_incognito_, extension_info_map_)) { | 383 request, is_incognito_, extension, extension_info_map_)) { |
328 return new net::URLRequestErrorJob( | 384 return new net::URLRequestErrorJob( |
329 request, network_delegate, net::ERR_ADDRESS_UNREACHABLE); | 385 request, network_delegate, net::ERR_ADDRESS_UNREACHABLE); |
330 } | 386 } |
331 | 387 |
332 // chrome-extension://extension-id/resource/path.js | |
333 const std::string& extension_id = request->url().host(); | |
334 const Extension* extension = | |
335 extension_info_map_->extensions().GetByID(extension_id); | |
336 base::FilePath directory_path; | 388 base::FilePath directory_path; |
337 if (extension) | 389 if (extension) |
338 directory_path = extension->path(); | 390 directory_path = extension->path(); |
339 if (directory_path.value().empty()) { | 391 if (directory_path.value().empty()) { |
340 const Extension* disabled_extension = | 392 const Extension* disabled_extension = |
341 extension_info_map_->disabled_extensions().GetByID(extension_id); | 393 extension_info_map_->disabled_extensions().GetByID(extension_id); |
342 if (URLIsForExtensionIcon(request->url(), disabled_extension)) | 394 if (URLIsForExtensionIcon(request->url(), disabled_extension)) |
343 directory_path = disabled_extension->path(); | 395 directory_path = disabled_extension->path(); |
344 if (directory_path.value().empty()) { | 396 if (directory_path.value().empty()) { |
345 LOG(WARNING) << "Failed to GetPathForExtension: " << extension_id; | 397 LOG(WARNING) << "Failed to GetPathForExtension: " << extension_id; |
346 return NULL; | 398 return NULL; |
347 } | 399 } |
348 } | 400 } |
349 | 401 |
350 std::string content_security_policy; | 402 std::string content_security_policy; |
351 bool send_cors_header = false; | 403 bool send_cors_header = false; |
352 if (extension) { | 404 if (extension) { |
353 std::string resource_path = request->url().path(); | 405 std::string resource_path = request->url().path(); |
354 content_security_policy = | 406 content_security_policy = |
355 extension->GetResourceContentSecurityPolicy(resource_path); | 407 extension->GetResourceContentSecurityPolicy(resource_path); |
356 if ((extension->manifest_version() >= 2 || | 408 if (extensions::WebAccessibleResourcesInfo::IsResourceWebAccessible( |
357 extensions::WebAccessibleResourcesInfo::HasWebAccessibleResources( | 409 extension, resource_path)) { |
358 extension)) && | |
Matt Perry
2013/02/21 20:24:43
I don't understand what this was trying to do, but
nasko
2013/02/21 21:41:06
I tried to simplify the code, but it looks I've ma
| |
359 extensions::WebAccessibleResourcesInfo::IsResourceWebAccessible( | |
360 extension, resource_path)) | |
361 send_cors_header = true; | 410 send_cors_header = true; |
411 } | |
362 } | 412 } |
363 | 413 |
364 std::string path = request->url().path(); | 414 std::string path = request->url().path(); |
365 if (path.size() > 1 && | 415 if (path.size() > 1 && |
366 path.substr(1) == extension_filenames::kGeneratedBackgroundPageFilename) { | 416 path.substr(1) == extension_filenames::kGeneratedBackgroundPageFilename) { |
367 return new GeneratedBackgroundPageJob( | 417 return new GeneratedBackgroundPageJob( |
368 request, network_delegate, extension, content_security_policy); | 418 request, network_delegate, extension, content_security_policy); |
369 } | 419 } |
370 | 420 |
371 base::FilePath resources_path; | 421 base::FilePath resources_path; |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
403 send_cors_header); | 453 send_cors_header); |
404 } | 454 } |
405 | 455 |
406 } // namespace | 456 } // namespace |
407 | 457 |
408 net::URLRequestJobFactory::ProtocolHandler* CreateExtensionProtocolHandler( | 458 net::URLRequestJobFactory::ProtocolHandler* CreateExtensionProtocolHandler( |
409 bool is_incognito, | 459 bool is_incognito, |
410 ExtensionInfoMap* extension_info_map) { | 460 ExtensionInfoMap* extension_info_map) { |
411 return new ExtensionProtocolHandler(is_incognito, extension_info_map); | 461 return new ExtensionProtocolHandler(is_incognito, extension_info_map); |
412 } | 462 } |
OLD | NEW |