Chromium Code Reviews Chromium Code Reviews
Issue 12886023:
Remove SandboxedPages and SandboxedCSP from Extension Class (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/common/extensions/sandboxed_handler.h" | |
| 6 | |
| 7 #include "base/lazy_instance.h" | |
| 8 #include "base/memory/scoped_ptr.h" | |
| 9 #include "base/string_number_conversions.h" | |
| 10 #include "base/utf_string_conversions.h" | |
| 11 #include "base/values.h" | |
| 12 #include "chrome/common/extensions/csp_validator.h" | |
| 13 #include "chrome/common/extensions/extension_manifest_constants.h" | |
| 14 #include "extensions/common/error_utils.h" | |
| 15 #include "extensions/common/url_pattern.h" | |
| 16 | |
| 17 namespace extensions { | |
| 18 | |
| 19 namespace { | |
| 20 | |
| 21 namespace keys = extension_manifest_keys; | |
| 22 namespace errors = extension_manifest_errors; | |
| 23 | |
| 24 const char kDefaultSandboxedPageContentSecurityPolicy[] = | |
| 25 "sandbox allow-scripts allow-forms allow-popups"; | |
| 26 | |
| 27 static base::LazyInstance<SandboxedInfo> g_empty_sandboxed_info = | |
| 28 LAZY_INSTANCE_INITIALIZER; | |
| 29 | |
| 30 const SandboxedInfo& GetSandboxedInfo(const Extension* extension) { | |
| 31 SandboxedInfo* info = static_cast<SandboxedInfo*>( | |
| 32 extension->GetManifestData(keys::kSandboxedPages)); | |
| 33 return info ? *info : g_empty_sandboxed_info.Get(); | |
| 34 } | |
| 35 | |
| 36 } // namespace | |
| 37 | |
| 38 SandboxedInfo::SandboxedInfo() { | |
| 39 } | |
| 40 | |
| 41 SandboxedInfo::~SandboxedInfo() { | |
| 42 } | |
| 43 | |
| 44 const std::string& SandboxedInfo::GetContentSecurityPolicy( | |
| 45 const Extension* extension) { | |
| 46 return GetSandboxedInfo(extension).content_security_policy; | |
| 47 } | |
| 48 | |
| 49 const URLPatternSet& SandboxedInfo::GetPages(const Extension* extension) { | |
| 50 return GetSandboxedInfo(extension).pages; | |
| 51 } | |
| 52 | |
| 53 bool SandboxedInfo::IsSandboxedPage(const Extension* extension, | |
| 54 const std::string& relative_path) { | |
| 55 return extension->ResourceMatches(GetPages(extension), relative_path); | |
| 56 } | |
| 57 | |
| 58 SandboxedHandler::SandboxedHandler() { | |
| 59 } | |
| 60 | |
| 61 SandboxedHandler::~SandboxedHandler() { | |
| 62 } | |
| 63 | |
| 64 const std::vector<std::string> SandboxedHandler::Keys() const { | |
|
Yoyo Zhou
2013/03/20 22:53:53
Define these in the same order as the header file.
Devlin
2013/03/23 22:26:25
Done.
| |
| 65 return SingleKey(keys::kSandboxedPages); | |
| 66 } | |
| 67 | |
| 68 bool SandboxedHandler::Parse(Extension* extension, string16* error) { | |
| 69 scoped_ptr<SandboxedInfo> sandboxed_info(new SandboxedInfo); | |
| 70 | |
| 71 const base::ListValue* list_value = NULL; | |
| 72 if (!extension->manifest()->GetList(keys::kSandboxedPages, &list_value)) { | |
| 73 *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesList); | |
| 74 return false; | |
| 75 } | |
| 76 | |
| 77 for (size_t i = 0; i < list_value->GetSize(); ++i) { | |
| 78 std::string relative_path; | |
| 79 if (!list_value->GetString(i, &relative_path)) { | |
| 80 *error = ErrorUtils::FormatErrorMessageUTF16( | |
| 81 errors::kInvalidSandboxedPage, base::IntToString(i)); | |
| 82 return false; | |
| 83 } | |
| 84 URLPattern pattern(URLPattern::SCHEME_EXTENSION); | |
| 85 if (pattern.Parse(extension->url().spec()) != URLPattern::PARSE_SUCCESS) { | |
| 86 *error = ErrorUtils::FormatErrorMessageUTF16( | |
| 87 errors::kInvalidURLPatternError, extension->url().spec()); | |
| 88 return false; | |
| 89 } | |
| 90 while (relative_path[0] == '/') | |
| 91 relative_path = relative_path.substr(1, relative_path.length() - 1); | |
| 92 pattern.SetPath(pattern.path() + relative_path); | |
| 93 sandboxed_info->pages.AddPattern(pattern); | |
| 94 } | |
| 95 | |
| 96 if (extension->manifest()->HasPath(keys::kSandboxedPagesCSP)) { | |
| 97 if (!extension->manifest()->GetString( | |
| 98 keys::kSandboxedPagesCSP, | |
| 99 &sandboxed_info->content_security_policy)) { | |
| 100 *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); | |
| 101 return false; | |
| 102 } | |
| 103 | |
| 104 if (!csp_validator::ContentSecurityPolicyIsLegal( | |
| 105 sandboxed_info->content_security_policy) || | |
| 106 !csp_validator::ContentSecurityPolicyIsSandboxed( | |
| 107 sandboxed_info->content_security_policy, extension->GetType())) { | |
| 108 *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); | |
| 109 return false; | |
| 110 } | |
| 111 } else { | |
| 112 sandboxed_info->content_security_policy = | |
| 113 kDefaultSandboxedPageContentSecurityPolicy; | |
| 114 CHECK(csp_validator::ContentSecurityPolicyIsSandboxed( | |
| 115 sandboxed_info->content_security_policy, extension->GetType())); | |
| 116 } | |
| 117 | |
| 118 extension->SetManifestData(keys::kSandboxedPages, sandboxed_info.release()); | |
| 119 return true; | |
| 120 } | |
| 121 | |
| 122 } // namespace extensions | |
| OLD | NEW |
