Chromium Code Reviews Chromium Code Reviews
Issue 12886023:
Remove SandboxedPages and SandboxedCSP from Extension Class (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| Index: chrome/common/extensions/sandboxed_handler.cc |
| diff --git a/chrome/common/extensions/sandboxed_handler.cc b/chrome/common/extensions/sandboxed_handler.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..47b933a53142060519931ce7dfa856e04bb3d030 |
| --- /dev/null |
| +++ b/chrome/common/extensions/sandboxed_handler.cc |
| @@ -0,0 +1,122 @@ |
| +// Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/common/extensions/sandboxed_handler.h" |
| + |
| +#include "base/lazy_instance.h" |
| +#include "base/memory/scoped_ptr.h" |
| +#include "base/string_number_conversions.h" |
| +#include "base/utf_string_conversions.h" |
| +#include "base/values.h" |
| +#include "chrome/common/extensions/csp_validator.h" |
| +#include "chrome/common/extensions/extension_manifest_constants.h" |
| +#include "extensions/common/error_utils.h" |
| +#include "extensions/common/url_pattern.h" |
| + |
| +namespace extensions { |
| + |
| +namespace { |
| + |
| +namespace keys = extension_manifest_keys; |
| +namespace errors = extension_manifest_errors; |
| + |
| +const char kDefaultSandboxedPageContentSecurityPolicy[] = |
| + "sandbox allow-scripts allow-forms allow-popups"; |
| + |
| +static base::LazyInstance<SandboxedInfo> g_empty_sandboxed_info = |
| + LAZY_INSTANCE_INITIALIZER; |
| + |
| +const SandboxedInfo& GetSandboxedInfo(const Extension* extension) { |
| + SandboxedInfo* info = static_cast<SandboxedInfo*>( |
| + extension->GetManifestData(keys::kSandboxedPages)); |
| + return info ? *info : g_empty_sandboxed_info.Get(); |
| +} |
| + |
| +} // namespace |
| + |
| +SandboxedInfo::SandboxedInfo() { |
| +} |
| + |
| +SandboxedInfo::~SandboxedInfo() { |
| +} |
| + |
| +const std::string& SandboxedInfo::GetContentSecurityPolicy( |
| + const Extension* extension) { |
| + return GetSandboxedInfo(extension).content_security_policy; |
| +} |
| + |
| +const URLPatternSet& SandboxedInfo::GetPages(const Extension* extension) { |
| + return GetSandboxedInfo(extension).pages; |
| +} |
| + |
| +bool SandboxedInfo::IsSandboxedPage(const Extension* extension, |
| + const std::string& relative_path) { |
| + return extension->ResourceMatches(GetPages(extension), relative_path); |
| +} |
| + |
| +SandboxedHandler::SandboxedHandler() { |
| +} |
| + |
| +SandboxedHandler::~SandboxedHandler() { |
| +} |
| + |
| +const std::vector<std::string> SandboxedHandler::Keys() const { |
|
Yoyo Zhou
2013/03/20 22:53:53
Define these in the same order as the header file.
Devlin
2013/03/23 22:26:25
Done.
|
| + return SingleKey(keys::kSandboxedPages); |
| +} |
| + |
| +bool SandboxedHandler::Parse(Extension* extension, string16* error) { |
| + scoped_ptr<SandboxedInfo> sandboxed_info(new SandboxedInfo); |
| + |
| + const base::ListValue* list_value = NULL; |
| + if (!extension->manifest()->GetList(keys::kSandboxedPages, &list_value)) { |
| + *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesList); |
| + return false; |
| + } |
| + |
| + for (size_t i = 0; i < list_value->GetSize(); ++i) { |
| + std::string relative_path; |
| + if (!list_value->GetString(i, &relative_path)) { |
| + *error = ErrorUtils::FormatErrorMessageUTF16( |
| + errors::kInvalidSandboxedPage, base::IntToString(i)); |
| + return false; |
| + } |
| + URLPattern pattern(URLPattern::SCHEME_EXTENSION); |
| + if (pattern.Parse(extension->url().spec()) != URLPattern::PARSE_SUCCESS) { |
| + *error = ErrorUtils::FormatErrorMessageUTF16( |
| + errors::kInvalidURLPatternError, extension->url().spec()); |
| + return false; |
| + } |
| + while (relative_path[0] == '/') |
| + relative_path = relative_path.substr(1, relative_path.length() - 1); |
| + pattern.SetPath(pattern.path() + relative_path); |
| + sandboxed_info->pages.AddPattern(pattern); |
| + } |
| + |
| + if (extension->manifest()->HasPath(keys::kSandboxedPagesCSP)) { |
| + if (!extension->manifest()->GetString( |
| + keys::kSandboxedPagesCSP, |
| + &sandboxed_info->content_security_policy)) { |
| + *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); |
| + return false; |
| + } |
| + |
| + if (!csp_validator::ContentSecurityPolicyIsLegal( |
| + sandboxed_info->content_security_policy) || |
| + !csp_validator::ContentSecurityPolicyIsSandboxed( |
| + sandboxed_info->content_security_policy, extension->GetType())) { |
| + *error = ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); |
| + return false; |
| + } |
| + } else { |
| + sandboxed_info->content_security_policy = |
| + kDefaultSandboxedPageContentSecurityPolicy; |
| + CHECK(csp_validator::ContentSecurityPolicyIsSandboxed( |
| + sandboxed_info->content_security_policy, extension->GetType())); |
| + } |
| + |
| + extension->SetManifestData(keys::kSandboxedPages, sandboxed_info.release()); |
| + return true; |
| +} |
| + |
| +} // namespace extensions |
