| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/extensions/extension.h" | 5 #include "chrome/common/extensions/extension.h" |
| 6 | 6 |
| 7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/basictypes.h" | 8 #include "base/basictypes.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| (...skipping 15 matching lines...) Expand all Loading... |
| 26 #include "chrome/common/chrome_version_info.h" | 26 #include "chrome/common/chrome_version_info.h" |
| 27 // TODO(rdevlin.cronin): Remove these once all references have been removed as | 27 // TODO(rdevlin.cronin): Remove these once all references have been removed as |
| 28 // part of crbug.com/159265. | 28 // part of crbug.com/159265. |
| 29 #include "chrome/common/extensions/api/extension_action/action_info.h" | 29 #include "chrome/common/extensions/api/extension_action/action_info.h" |
| 30 #include "chrome/common/extensions/api/extension_action/page_action_handler.h" | 30 #include "chrome/common/extensions/api/extension_action/page_action_handler.h" |
| 31 #include "chrome/common/extensions/api/icons/icons_handler.h" | 31 #include "chrome/common/extensions/api/icons/icons_handler.h" |
| 32 #include "chrome/common/extensions/api/plugins/plugins_handler.h" | 32 #include "chrome/common/extensions/api/plugins/plugins_handler.h" |
| 33 #include "chrome/common/extensions/api/themes/theme_handler.h" | 33 #include "chrome/common/extensions/api/themes/theme_handler.h" |
| 34 #include "chrome/common/extensions/background_info.h" | 34 #include "chrome/common/extensions/background_info.h" |
| 35 #include "chrome/common/extensions/csp_handler.h" | 35 #include "chrome/common/extensions/csp_handler.h" |
| 36 #include "chrome/common/extensions/csp_validator.h" | |
| 37 #include "chrome/common/extensions/extension_manifest_constants.h" | 36 #include "chrome/common/extensions/extension_manifest_constants.h" |
| 38 #include "chrome/common/extensions/feature_switch.h" | 37 #include "chrome/common/extensions/feature_switch.h" |
| 39 #include "chrome/common/extensions/features/base_feature_provider.h" | 38 #include "chrome/common/extensions/features/base_feature_provider.h" |
| 40 #include "chrome/common/extensions/features/feature.h" | 39 #include "chrome/common/extensions/features/feature.h" |
| 41 #include "chrome/common/extensions/manifest.h" | 40 #include "chrome/common/extensions/manifest.h" |
| 42 #include "chrome/common/extensions/manifest_handler.h" | 41 #include "chrome/common/extensions/manifest_handler.h" |
| 43 #include "chrome/common/extensions/manifest_handler_helpers.h" | 42 #include "chrome/common/extensions/manifest_handler_helpers.h" |
| 44 #include "chrome/common/extensions/manifest_url_handler.h" | 43 #include "chrome/common/extensions/manifest_url_handler.h" |
| 45 #include "chrome/common/extensions/permissions/api_permission_set.h" | 44 #include "chrome/common/extensions/permissions/api_permission_set.h" |
| 46 #include "chrome/common/extensions/permissions/permission_set.h" | 45 #include "chrome/common/extensions/permissions/permission_set.h" |
| 47 #include "chrome/common/extensions/permissions/permissions_info.h" | 46 #include "chrome/common/extensions/permissions/permissions_info.h" |
| 47 #include "chrome/common/extensions/sandboxed_handler.h" |
| 48 #include "chrome/common/extensions/user_script.h" | 48 #include "chrome/common/extensions/user_script.h" |
| 49 #include "chrome/common/url_constants.h" | 49 #include "chrome/common/url_constants.h" |
| 50 #include "crypto/sha2.h" | 50 #include "crypto/sha2.h" |
| 51 #include "extensions/common/constants.h" | 51 #include "extensions/common/constants.h" |
| 52 #include "extensions/common/error_utils.h" | 52 #include "extensions/common/error_utils.h" |
| 53 #include "extensions/common/url_pattern_set.h" | 53 #include "extensions/common/url_pattern_set.h" |
| 54 #include "googleurl/src/url_util.h" | 54 #include "googleurl/src/url_util.h" |
| 55 #include "grit/chromium_strings.h" | 55 #include "grit/chromium_strings.h" |
| 56 #include "grit/theme_resources.h" | 56 #include "grit/theme_resources.h" |
| 57 #include "third_party/skia/include/core/SkBitmap.h" | 57 #include "third_party/skia/include/core/SkBitmap.h" |
| 58 #include "ui/base/l10n/l10n_util.h" | 58 #include "ui/base/l10n/l10n_util.h" |
| 59 | 59 |
| 60 #if defined(OS_WIN) | 60 #if defined(OS_WIN) |
| 61 #include "grit/generated_resources.h" | 61 #include "grit/generated_resources.h" |
| 62 #endif | 62 #endif |
| 63 | 63 |
| 64 namespace keys = extension_manifest_keys; | 64 namespace keys = extension_manifest_keys; |
| 65 namespace values = extension_manifest_values; | 65 namespace values = extension_manifest_values; |
| 66 namespace errors = extension_manifest_errors; | 66 namespace errors = extension_manifest_errors; |
| 67 namespace info_keys = extension_info_keys; | 67 namespace info_keys = extension_info_keys; |
| 68 | 68 |
| 69 using extensions::csp_validator::ContentSecurityPolicyIsLegal; | |
| 70 using extensions::csp_validator::ContentSecurityPolicyIsSandboxed; | |
| 71 | |
| 72 namespace extensions { | 69 namespace extensions { |
| 73 | 70 |
| 74 namespace { | 71 namespace { |
| 75 | 72 |
| 76 const int kModernManifestVersion = 2; | 73 const int kModernManifestVersion = 2; |
| 77 const int kPEMOutputColumns = 65; | 74 const int kPEMOutputColumns = 65; |
| 78 | 75 |
| 79 // The maximum number of commands (including page action/browser actions) an | 76 // The maximum number of commands (including page action/browser actions) an |
| 80 // extension can have. | 77 // extension can have. |
| 81 const size_t kMaxCommandsPerExtension = 4; | 78 const size_t kMaxCommandsPerExtension = 4; |
| 82 | 79 |
| 83 // KEY MARKERS | 80 // KEY MARKERS |
| 84 const char kKeyBeginHeaderMarker[] = "-----BEGIN"; | 81 const char kKeyBeginHeaderMarker[] = "-----BEGIN"; |
| 85 const char kKeyBeginFooterMarker[] = "-----END"; | 82 const char kKeyBeginFooterMarker[] = "-----END"; |
| 86 const char kKeyInfoEndMarker[] = "KEY-----"; | 83 const char kKeyInfoEndMarker[] = "KEY-----"; |
| 87 const char kPublic[] = "PUBLIC"; | 84 const char kPublic[] = "PUBLIC"; |
| 88 const char kPrivate[] = "PRIVATE"; | 85 const char kPrivate[] = "PRIVATE"; |
| 89 | 86 |
| 90 const int kRSAKeySize = 1024; | 87 const int kRSAKeySize = 1024; |
| 91 | 88 |
| 92 const char kDefaultSandboxedPageContentSecurityPolicy[] = | |
| 93 "sandbox allow-scripts allow-forms allow-popups"; | |
| 94 | |
| 95 // Converts a normal hexadecimal string into the alphabet used by extensions. | 89 // Converts a normal hexadecimal string into the alphabet used by extensions. |
| 96 // We use the characters 'a'-'p' instead of '0'-'f' to avoid ever having a | 90 // We use the characters 'a'-'p' instead of '0'-'f' to avoid ever having a |
| 97 // completely numeric host, since some software interprets that as an IP | 91 // completely numeric host, since some software interprets that as an IP |
| 98 // address. | 92 // address. |
| 99 static void ConvertHexadecimalToIDAlphabet(std::string* id) { | 93 static void ConvertHexadecimalToIDAlphabet(std::string* id) { |
| 100 for (size_t i = 0; i < id->size(); ++i) { | 94 for (size_t i = 0; i < id->size(); ++i) { |
| 101 int val; | 95 int val; |
| 102 if (base::HexStringToInt(base::StringPiece(id->begin() + i, | 96 if (base::HexStringToInt(base::StringPiece(id->begin() + i, |
| 103 id->begin() + i + 1), | 97 id->begin() + i + 1), |
| 104 &val)) { | 98 &val)) { |
| (...skipping 253 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 358 DCHECK(StartsWithASCII(ret_val.spec(), extension_url.spec(), false)); | 352 DCHECK(StartsWithASCII(ret_val.spec(), extension_url.spec(), false)); |
| 359 | 353 |
| 360 return ret_val; | 354 return ret_val; |
| 361 } | 355 } |
| 362 | 356 |
| 363 bool Extension::ResourceMatches(const URLPatternSet& pattern_set, | 357 bool Extension::ResourceMatches(const URLPatternSet& pattern_set, |
| 364 const std::string& resource) const { | 358 const std::string& resource) const { |
| 365 return pattern_set.MatchesURL(extension_url_.Resolve(resource)); | 359 return pattern_set.MatchesURL(extension_url_.Resolve(resource)); |
| 366 } | 360 } |
| 367 | 361 |
| 368 bool Extension::IsSandboxedPage(const std::string& relative_path) const { | |
| 369 return ResourceMatches(sandboxed_pages_, relative_path); | |
| 370 } | |
| 371 | |
| 372 std::string Extension::GetResourceContentSecurityPolicy( | 362 std::string Extension::GetResourceContentSecurityPolicy( |
| 373 const std::string& relative_path) const { | 363 const std::string& relative_path) const { |
| 374 return IsSandboxedPage(relative_path) ? | 364 return SandboxedInfo::IsSandboxedPage(this, relative_path) ? |
| 375 sandboxed_pages_content_security_policy_ : | 365 SandboxedInfo::GetContentSecurityPolicy(this) : |
| 376 CSPInfo::GetContentSecurityPolicy(this); | 366 CSPInfo::GetContentSecurityPolicy(this); |
| 377 } | 367 } |
| 378 | 368 |
| 379 ExtensionResource Extension::GetResource( | 369 ExtensionResource Extension::GetResource( |
| 380 const std::string& relative_path) const { | 370 const std::string& relative_path) const { |
| 381 std::string new_path = relative_path; | 371 std::string new_path = relative_path; |
| 382 // We have some legacy data where resources have leading slashes. | 372 // We have some legacy data where resources have leading slashes. |
| 383 // See: http://crbug.com/121164 | 373 // See: http://crbug.com/121164 |
| 384 if (!new_path.empty() && new_path.at(0) == '/') | 374 if (!new_path.empty() && new_path.at(0) == '/') |
| 385 new_path.erase(0, 1); | 375 new_path.erase(0, 1); |
| (...skipping 1329 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1715 extent_.ClearPatterns(); | 1705 extent_.ClearPatterns(); |
| 1716 } | 1706 } |
| 1717 | 1707 |
| 1718 return true; | 1708 return true; |
| 1719 } | 1709 } |
| 1720 | 1710 |
| 1721 bool Extension::LoadSharedFeatures(string16* error) { | 1711 bool Extension::LoadSharedFeatures(string16* error) { |
| 1722 if (!LoadDescription(error) || | 1712 if (!LoadDescription(error) || |
| 1723 !ManifestHandler::ParseExtension(this, error) || | 1713 !ManifestHandler::ParseExtension(this, error) || |
| 1724 !LoadNaClModules(error) || | 1714 !LoadNaClModules(error) || |
| 1725 !LoadSandboxedPages(error) || | |
| 1726 !LoadRequirements(error) || | 1715 !LoadRequirements(error) || |
| 1727 !LoadOfflineEnabled(error)) | 1716 !LoadOfflineEnabled(error)) |
| 1728 return false; | 1717 return false; |
| 1729 | 1718 |
| 1730 return true; | 1719 return true; |
| 1731 } | 1720 } |
| 1732 | 1721 |
| 1733 bool Extension::LoadDescription(string16* error) { | 1722 bool Extension::LoadDescription(string16* error) { |
| 1734 if (manifest_->HasKey(keys::kDescription) && | 1723 if (manifest_->HasKey(keys::kDescription) && |
| 1735 !manifest_->GetString(keys::kDescription, &description_)) { | 1724 !manifest_->GetString(keys::kDescription, &description_)) { |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1798 } | 1787 } |
| 1799 | 1788 |
| 1800 nacl_modules_.push_back(NaClModuleInfo()); | 1789 nacl_modules_.push_back(NaClModuleInfo()); |
| 1801 nacl_modules_.back().url = GetResourceURL(path_str); | 1790 nacl_modules_.back().url = GetResourceURL(path_str); |
| 1802 nacl_modules_.back().mime_type = mime_type; | 1791 nacl_modules_.back().mime_type = mime_type; |
| 1803 } | 1792 } |
| 1804 | 1793 |
| 1805 return true; | 1794 return true; |
| 1806 } | 1795 } |
| 1807 | 1796 |
| 1808 bool Extension::LoadSandboxedPages(string16* error) { | |
| 1809 if (!manifest_->HasPath(keys::kSandboxedPages)) | |
| 1810 return true; | |
| 1811 | |
| 1812 const ListValue* list_value = NULL; | |
| 1813 if (!manifest_->GetList(keys::kSandboxedPages, &list_value)) { | |
| 1814 *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesList); | |
| 1815 return false; | |
| 1816 } | |
| 1817 for (size_t i = 0; i < list_value->GetSize(); ++i) { | |
| 1818 std::string relative_path; | |
| 1819 if (!list_value->GetString(i, &relative_path)) { | |
| 1820 *error = ErrorUtils::FormatErrorMessageUTF16( | |
| 1821 errors::kInvalidSandboxedPage, base::IntToString(i)); | |
| 1822 return false; | |
| 1823 } | |
| 1824 URLPattern pattern(URLPattern::SCHEME_EXTENSION); | |
| 1825 if (pattern.Parse(extension_url_.spec()) != URLPattern::PARSE_SUCCESS) { | |
| 1826 *error = ErrorUtils::FormatErrorMessageUTF16( | |
| 1827 errors::kInvalidURLPatternError, extension_url_.spec()); | |
| 1828 return false; | |
| 1829 } | |
| 1830 while (relative_path[0] == '/') | |
| 1831 relative_path = relative_path.substr(1, relative_path.length() - 1); | |
| 1832 pattern.SetPath(pattern.path() + relative_path); | |
| 1833 sandboxed_pages_.AddPattern(pattern); | |
| 1834 } | |
| 1835 | |
| 1836 if (manifest_->HasPath(keys::kSandboxedPagesCSP)) { | |
| 1837 if (!manifest_->GetString( | |
| 1838 keys::kSandboxedPagesCSP, &sandboxed_pages_content_security_policy_)) { | |
| 1839 *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); | |
| 1840 return false; | |
| 1841 } | |
| 1842 | |
| 1843 if (!ContentSecurityPolicyIsLegal( | |
| 1844 sandboxed_pages_content_security_policy_) || | |
| 1845 !ContentSecurityPolicyIsSandboxed( | |
| 1846 sandboxed_pages_content_security_policy_, GetType())) { | |
| 1847 *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); | |
| 1848 return false; | |
| 1849 } | |
| 1850 } else { | |
| 1851 sandboxed_pages_content_security_policy_ = | |
| 1852 kDefaultSandboxedPageContentSecurityPolicy; | |
| 1853 CHECK(ContentSecurityPolicyIsSandboxed( | |
| 1854 sandboxed_pages_content_security_policy_, GetType())); | |
| 1855 } | |
| 1856 | |
| 1857 return true; | |
| 1858 } | |
| 1859 | |
| 1860 bool Extension::LoadRequirements(string16* error) { | 1797 bool Extension::LoadRequirements(string16* error) { |
| 1861 // Before parsing requirements from the manifest, automatically default the | 1798 // Before parsing requirements from the manifest, automatically default the |
| 1862 // NPAPI plugin requirement based on whether it includes NPAPI plugins. | 1799 // NPAPI plugin requirement based on whether it includes NPAPI plugins. |
| 1863 const ListValue* list_value = NULL; | 1800 const ListValue* list_value = NULL; |
| 1864 requirements_.npapi = | 1801 requirements_.npapi = |
| 1865 manifest_->GetList(keys::kPlugins, &list_value) && !list_value->empty(); | 1802 manifest_->GetList(keys::kPlugins, &list_value) && !list_value->empty(); |
| 1866 | 1803 |
| 1867 if (!manifest_->HasKey(keys::kRequirements)) | 1804 if (!manifest_->HasKey(keys::kRequirements)) |
| 1868 return true; | 1805 return true; |
| 1869 | 1806 |
| (...skipping 581 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2451 | 2388 |
| 2452 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo( | 2389 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo( |
| 2453 const Extension* extension, | 2390 const Extension* extension, |
| 2454 const PermissionSet* permissions, | 2391 const PermissionSet* permissions, |
| 2455 Reason reason) | 2392 Reason reason) |
| 2456 : reason(reason), | 2393 : reason(reason), |
| 2457 extension(extension), | 2394 extension(extension), |
| 2458 permissions(permissions) {} | 2395 permissions(permissions) {} |
| 2459 | 2396 |
| 2460 } // namespace extensions | 2397 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12886023:
Remove SandboxedPages and SandboxedCSP from Extension Class (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master