Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2475)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: extensions/browser/url_request_util.cc

Issue 1312653003: Fix for WebView accessible resources. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Small fix. Rebased. Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « extensions/browser/renderer_startup_helper.cc ('k') | extensions/common/extension_messages.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: extensions/browser/url_request_util.cc
diff --git a/extensions/browser/url_request_util.cc b/extensions/browser/url_request_util.cc
index 467e637c274da32ccc96babd3d6311c632e9e858..c7321eb5f08de5e9ede91c4de06eb7dd316a97b8 100644
--- a/extensions/browser/url_request_util.cc
+++ b/extensions/browser/url_request_util.cc
@@ -10,7 +10,6 @@
#include "extensions/browser/guest_view/web_view/web_view_renderer_state.h"
#include "extensions/browser/info_map.h"
#include "extensions/common/extension.h"
-#include "extensions/common/manifest_constants.h"
#include "extensions/common/manifest_handlers/icons_handler.h"
#include "extensions/common/manifest_handlers/web_accessible_resources_info.h"
#include "extensions/common/manifest_handlers/webview_info.h"
@@ -36,18 +35,15 @@ bool AllowCrossRendererResourceLoad(net::URLRequest* request,
info->GetChildID(), &owner_process_id, &owner_extension_id);
const Extension* owner_extension =
extension_info_map->extensions().GetByID(owner_extension_id);
- const WebviewInfo* webview_info =
- owner_extension
- ? static_cast<const WebviewInfo*>(owner_extension->GetManifestData(
- manifest_keys::kWebviewAccessibleResources))
- : nullptr;
std::string partition_id;
bool is_guest = WebViewRendererState::GetInstance()->GetPartitionID(
info->GetChildID(), &partition_id);
std::string resource_path = request->url().path();
- if (is_guest && webview_info &&
- webview_info->IsResourceWebviewAccessible(extension, partition_id,
- resource_path)) {
+ // |owner_extension == extension| needs to be checked because extension
+ // resources should only be accessible to WebViews owned by that extension.
+ if (is_guest && owner_extension == extension &&
+ WebviewInfo::IsResourceWebviewAccessible(extension, partition_id,
+ resource_path)) {
*allowed = true;
return true;
}
« no previous file with comments | « extensions/browser/renderer_startup_helper.cc ('k') | extensions/common/extension_messages.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698