Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(21)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/renderer/extension_injection_host.cc

Issue 1285263006: Revert of [Script Injection] Allow whitelisted extensions to inject scripts everywhere (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/test/data/extensions/api_test/all_urls/bystander/page.html ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/renderer/extension_injection_host.h" 5 #include "extensions/renderer/extension_injection_host.h"
6 6
7 #include "content/public/renderer/render_frame.h" 7 #include "content/public/renderer/render_frame.h"
8 #include "extensions/common/constants.h" 8 #include "extensions/common/constants.h"
9 #include "extensions/common/extension_set.h" 9 #include "extensions/common/extension_set.h"
10 #include "extensions/common/manifest_handlers/csp_info.h" 10 #include "extensions/common/manifest_handlers/csp_info.h"
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
50 content::RenderFrame* render_frame, 50 content::RenderFrame* render_frame,
51 int tab_id, 51 int tab_id,
52 bool is_declarative) const { 52 bool is_declarative) const {
53 // If we don't have a tab id, we have no UI surface to ask for user consent. 53 // If we don't have a tab id, we have no UI surface to ask for user consent.
54 // For now, we treat this as an automatic allow. 54 // For now, we treat this as an automatic allow.
55 if (tab_id == -1) 55 if (tab_id == -1)
56 return PermissionsData::ACCESS_ALLOWED; 56 return PermissionsData::ACCESS_ALLOWED;
57 57
58 blink::WebSecurityOrigin top_frame_security_origin = 58 blink::WebSecurityOrigin top_frame_security_origin =
59 render_frame->GetWebFrame()->top()->securityOrigin(); 59 render_frame->GetWebFrame()->top()->securityOrigin();
60 // Only whitelisted extensions may run scripts on another extension's page.
61 if (top_frame_security_origin.protocol().utf8() == kExtensionScheme && 60 if (top_frame_security_origin.protocol().utf8() == kExtensionScheme &&
62 top_frame_security_origin.host().utf8() != extension_->id() && 61 top_frame_security_origin.host().utf8() != extension_->id())
63 !PermissionsData::CanExecuteScriptEverywhere(extension_))
64 return PermissionsData::ACCESS_DENIED; 62 return PermissionsData::ACCESS_DENIED;
65 63
66 // Declarative user scripts use "page access" (from "permissions" section in 64 // Declarative user scripts use "page access" (from "permissions" section in
67 // manifest) whereas non-declarative user scripts use custom 65 // manifest) whereas non-declarative user scripts use custom
68 // "content script access" logic. 66 // "content script access" logic.
69 if (is_declarative) { 67 if (is_declarative) {
70 return extension_->permissions_data()->GetPageAccess( 68 return extension_->permissions_data()->GetPageAccess(
71 extension_, 69 extension_,
72 document_url, 70 document_url,
73 tab_id, 71 tab_id,
(...skipping 13 matching lines...) Expand all
87 // We notify the browser of any injection if the extension has no withheld 85 // We notify the browser of any injection if the extension has no withheld
88 // permissions (i.e., the permissions weren't restricted), but would have 86 // permissions (i.e., the permissions weren't restricted), but would have
89 // otherwise been affected by the scripts-require-action feature. 87 // otherwise been affected by the scripts-require-action feature.
90 return extension_->permissions_data()->withheld_permissions()->IsEmpty() && 88 return extension_->permissions_data()->withheld_permissions()->IsEmpty() &&
91 PermissionsData::ScriptsMayRequireActionForExtension( 89 PermissionsData::ScriptsMayRequireActionForExtension(
92 extension_, 90 extension_,
93 extension_->permissions_data()->active_permissions().get()); 91 extension_->permissions_data()->active_permissions().get());
94 } 92 }
95 93
96 } // namespace extensions 94 } // namespace extensions
OLDNEW
« no previous file with comments | « chrome/test/data/extensions/api_test/all_urls/bystander/page.html ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698