Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(180)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/browser/url_request_util.cc

Issue 1312653003: Fix for WebView accessible resources. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Small fix. Rebased. Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/browser/renderer_startup_helper.cc ('k') | extensions/common/extension_messages.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/browser/url_request_util.h" 5 #include "extensions/browser/url_request_util.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "content/public/browser/resource_request_info.h" 9 #include "content/public/browser/resource_request_info.h"
10 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h" 10 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h"
11 #include "extensions/browser/info_map.h" 11 #include "extensions/browser/info_map.h"
12 #include "extensions/common/extension.h" 12 #include "extensions/common/extension.h"
13 #include "extensions/common/manifest_constants.h"
14 #include "extensions/common/manifest_handlers/icons_handler.h" 13 #include "extensions/common/manifest_handlers/icons_handler.h"
15 #include "extensions/common/manifest_handlers/web_accessible_resources_info.h" 14 #include "extensions/common/manifest_handlers/web_accessible_resources_info.h"
16 #include "extensions/common/manifest_handlers/webview_info.h" 15 #include "extensions/common/manifest_handlers/webview_info.h"
17 #include "net/url_request/url_request.h" 16 #include "net/url_request/url_request.h"
18 17
19 namespace extensions { 18 namespace extensions {
20 namespace url_request_util { 19 namespace url_request_util {
21 20
22 bool AllowCrossRendererResourceLoad(net::URLRequest* request, 21 bool AllowCrossRendererResourceLoad(net::URLRequest* request,
23 bool is_incognito, 22 bool is_incognito,
24 const Extension* extension, 23 const Extension* extension,
25 InfoMap* extension_info_map, 24 InfoMap* extension_info_map,
26 bool* allowed) { 25 bool* allowed) {
27 const content::ResourceRequestInfo* info = 26 const content::ResourceRequestInfo* info =
28 content::ResourceRequestInfo::ForRequest(request); 27 content::ResourceRequestInfo::ForRequest(request);
29 28
30 // Extensions with webview: allow loading certain resources by guest renderers 29 // Extensions with webview: allow loading certain resources by guest renderers
31 // with privileged partition IDs as specified in owner's extension the 30 // with privileged partition IDs as specified in owner's extension the
32 // manifest file. 31 // manifest file.
33 std::string owner_extension_id; 32 std::string owner_extension_id;
34 int owner_process_id; 33 int owner_process_id;
35 WebViewRendererState::GetInstance()->GetOwnerInfo( 34 WebViewRendererState::GetInstance()->GetOwnerInfo(
36 info->GetChildID(), &owner_process_id, &owner_extension_id); 35 info->GetChildID(), &owner_process_id, &owner_extension_id);
37 const Extension* owner_extension = 36 const Extension* owner_extension =
38 extension_info_map->extensions().GetByID(owner_extension_id); 37 extension_info_map->extensions().GetByID(owner_extension_id);
39 const WebviewInfo* webview_info =
40 owner_extension
41 ? static_cast<const WebviewInfo*>(owner_extension->GetManifestData(
42 manifest_keys::kWebviewAccessibleResources))
43 : nullptr;
44 std::string partition_id; 38 std::string partition_id;
45 bool is_guest = WebViewRendererState::GetInstance()->GetPartitionID( 39 bool is_guest = WebViewRendererState::GetInstance()->GetPartitionID(
46 info->GetChildID(), &partition_id); 40 info->GetChildID(), &partition_id);
47 std::string resource_path = request->url().path(); 41 std::string resource_path = request->url().path();
48 if (is_guest && webview_info && 42 // |owner_extension == extension| needs to be checked because extension
49 webview_info->IsResourceWebviewAccessible(extension, partition_id, 43 // resources should only be accessible to WebViews owned by that extension.
50 resource_path)) { 44 if (is_guest && owner_extension == extension &&
45 WebviewInfo::IsResourceWebviewAccessible(extension, partition_id,
46 resource_path)) {
51 *allowed = true; 47 *allowed = true;
52 return true; 48 return true;
53 } 49 }
54 50
55 // If the request is for navigations outside of webviews, then it should be 51 // If the request is for navigations outside of webviews, then it should be
56 // allowed. The navigation logic in CrossSiteResourceHandler will properly 52 // allowed. The navigation logic in CrossSiteResourceHandler will properly
57 // transfer the navigation to a privileged process before it commits. 53 // transfer the navigation to a privileged process before it commits.
58 if (content::IsResourceTypeFrame(info->GetResourceType()) && !is_guest) { 54 if (content::IsResourceTypeFrame(info->GetResourceType()) && !is_guest) {
59 *allowed = true; 55 *allowed = true;
60 return true; 56 return true;
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after
107 const content::ResourceRequestInfo* info = 103 const content::ResourceRequestInfo* info =
108 content::ResourceRequestInfo::ForRequest(request); 104 content::ResourceRequestInfo::ForRequest(request);
109 // |info| can be NULL sometimes: http://crbug.com/370070. 105 // |info| can be NULL sometimes: http://crbug.com/370070.
110 if (!info) 106 if (!info)
111 return false; 107 return false;
112 return WebViewRendererState::GetInstance()->IsGuest(info->GetChildID()); 108 return WebViewRendererState::GetInstance()->IsGuest(info->GetChildID());
113 } 109 }
114 110
115 } // namespace url_request_util 111 } // namespace url_request_util
116 } // namespace extensions 112 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/browser/renderer_startup_helper.cc ('k') | extensions/common/extension_messages.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698