Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(89)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/renderer/extensions/resource_request_policy.cc

Issue 1293673002: Create thread-safe RendererExtensionRegistry from ExtensionSet (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/renderer/chrome_content_renderer_client.cc ('K') | « chrome/renderer/extensions/resource_request_policy.h ('k') | extensions/extensions.gypi » ('j') | extensions/renderer/renderer_extension_registry.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/renderer/extensions/resource_request_policy.h" 5 #include "chrome/renderer/extensions/resource_request_policy.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/strings/stringprintf.h" 8 #include "base/strings/stringprintf.h"
9 #include "chrome/common/extensions/chrome_manifest_url_handlers.h" 9 #include "chrome/common/extensions/chrome_manifest_url_handlers.h"
10 #include "chrome/common/url_constants.h" 10 #include "chrome/common/url_constants.h"
11 #include "extensions/common/constants.h" 11 #include "extensions/common/constants.h"
12 #include "extensions/common/extension.h" 12 #include "extensions/common/extension.h"
13 #include "extensions/common/extension_set.h"
14 #include "extensions/common/manifest_handlers/icons_handler.h" 13 #include "extensions/common/manifest_handlers/icons_handler.h"
15 #include "extensions/common/manifest_handlers/web_accessible_resources_info.h" 14 #include "extensions/common/manifest_handlers/web_accessible_resources_info.h"
15 #include "extensions/renderer/renderer_extension_registry.h"
16 #include "third_party/WebKit/public/platform/WebString.h" 16 #include "third_party/WebKit/public/platform/WebString.h"
17 #include "third_party/WebKit/public/web/WebConsoleMessage.h" 17 #include "third_party/WebKit/public/web/WebConsoleMessage.h"
18 #include "third_party/WebKit/public/web/WebDocument.h" 18 #include "third_party/WebKit/public/web/WebDocument.h"
19 #include "third_party/WebKit/public/web/WebFrame.h" 19 #include "third_party/WebKit/public/web/WebFrame.h"
20 #include "ui/base/page_transition_types.h" 20 #include "ui/base/page_transition_types.h"
21 #include "url/gurl.h" 21 #include "url/gurl.h"
22 22
23 namespace extensions { 23 namespace extensions {
24 24
25 // This method does a security check whether chrome-extension:// URLs can be 25 // This method does a security check whether chrome-extension:// URLs can be
26 // requested by the renderer. Since this is in an untrusted process, the browser 26 // requested by the renderer. Since this is in an untrusted process, the browser
27 // has a similar check to enforce the policy, in case this process is exploited. 27 // has a similar check to enforce the policy, in case this process is exploited.
28 // If you are changing this function, ensure equivalent checks are added to 28 // If you are changing this function, ensure equivalent checks are added to
29 // extension_protocols.cc's AllowExtensionResourceLoad. 29 // extension_protocols.cc's AllowExtensionResourceLoad.
30 30
31 // static 31 // static
32 bool ResourceRequestPolicy::CanRequestResource( 32 bool ResourceRequestPolicy::CanRequestResource(
33 const GURL& resource_url, 33 const GURL& resource_url,
34 blink::WebFrame* frame, 34 blink::WebFrame* frame,
35 ui::PageTransition transition_type, 35 ui::PageTransition transition_type) {
36 const ExtensionSet* loaded_extensions) {
37 CHECK(resource_url.SchemeIs(extensions::kExtensionScheme)); 36 CHECK(resource_url.SchemeIs(extensions::kExtensionScheme));
38 37
39 const Extension* extension = 38 const Extension* extension =
40 loaded_extensions->GetExtensionOrAppByURL(resource_url); 39 RendererExtensionRegistry::Get()->GetExtensionOrAppByURL(resource_url);
41 if (!extension) { 40 if (!extension) {
42 // Allow the load in the case of a non-existent extension. We'll just get a 41 // Allow the load in the case of a non-existent extension. We'll just get a
43 // 404 from the browser process. 42 // 404 from the browser process.
44 return true; 43 return true;
45 } 44 }
46 45
47 // Disallow loading of packaged resources for hosted apps. We don't allow 46 // Disallow loading of packaged resources for hosted apps. We don't allow
48 // hybrid hosted/packaged apps. The one exception is access to icons, since 47 // hybrid hosted/packaged apps. The one exception is access to icons, since
49 // some extensions want to be able to do things like create their own 48 // some extensions want to be able to do things like create their own
50 // launchers. 49 // launchers.
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after
124 return false; 123 return false;
125 } 124 }
126 125
127 return true; 126 return true;
128 } 127 }
129 128
130 ResourceRequestPolicy::ResourceRequestPolicy() { 129 ResourceRequestPolicy::ResourceRequestPolicy() {
131 } 130 }
132 131
133 } // namespace extensions 132 } // namespace extensions
OLDNEW
« chrome/renderer/chrome_content_renderer_client.cc ('K') | « chrome/renderer/extensions/resource_request_policy.h ('k') | extensions/extensions.gypi » ('j') | extensions/renderer/renderer_extension_registry.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698