OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "extensions/renderer/dispatcher.h" | 5 #include "extensions/renderer/dispatcher.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/callback.h" | 8 #include "base/callback.h" |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/containers/scoped_ptr_map.h" | 10 #include "base/containers/scoped_ptr_map.h" |
(...skipping 858 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
869 // requests. At the Extensions layer, requests will actually be blocked | 869 // requests. At the Extensions layer, requests will actually be blocked |
870 // unless overridden by the web_accessible_resources manifest key. | 870 // unless overridden by the web_accessible_resources manifest key. |
871 // TODO(kalman): See what happens with a service worker. | 871 // TODO(kalman): See what happens with a service worker. |
872 WebSecurityPolicy::registerURLSchemeAsCORSEnabled, | 872 WebSecurityPolicy::registerURLSchemeAsCORSEnabled, |
873 // Resources should bypass Content Security Policy checks when included in | 873 // Resources should bypass Content Security Policy checks when included in |
874 // protected resources. TODO(kalman): What are "protected resources"? | 874 // protected resources. TODO(kalman): What are "protected resources"? |
875 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy, | 875 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy, |
876 // Extension resources are HTTP-like and safe to expose to the fetch API. | 876 // Extension resources are HTTP-like and safe to expose to the fetch API. |
877 // The rules for the fetch API are consistent with XHR. | 877 // The rules for the fetch API are consistent with XHR. |
878 WebSecurityPolicy::registerURLSchemeAsSupportingFetchAPI, | 878 WebSecurityPolicy::registerURLSchemeAsSupportingFetchAPI, |
| 879 // Extension resources, when loaded as the top-level document, should |
| 880 // bypass Blink's strict first-party origin checks. |
| 881 WebSecurityPolicy::registerURLSchemeAsFirstPartyWhenTopLevel, |
879 }; | 882 }; |
880 | 883 |
881 WebString extension_scheme(base::ASCIIToUTF16(kExtensionScheme)); | 884 WebString extension_scheme(base::ASCIIToUTF16(kExtensionScheme)); |
882 WebString extension_resource_scheme(base::ASCIIToUTF16( | 885 WebString extension_resource_scheme(base::ASCIIToUTF16( |
883 kExtensionResourceScheme)); | 886 kExtensionResourceScheme)); |
884 for (RegisterFunction func : register_functions) { | 887 for (RegisterFunction func : register_functions) { |
885 func(extension_scheme); | 888 func(extension_scheme); |
886 func(extension_resource_scheme); | 889 func(extension_resource_scheme); |
887 } | 890 } |
888 | 891 |
(...skipping 704 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1593 void Dispatcher::AddChannelSpecificFeatures() { | 1596 void Dispatcher::AddChannelSpecificFeatures() { |
1594 // chrome-extension: resources should be allowed to register a Service Worker. | 1597 // chrome-extension: resources should be allowed to register a Service Worker. |
1595 if (FeatureProvider::GetBehaviorFeature(BehaviorFeature::kServiceWorker) | 1598 if (FeatureProvider::GetBehaviorFeature(BehaviorFeature::kServiceWorker) |
1596 ->IsAvailableToEnvironment() | 1599 ->IsAvailableToEnvironment() |
1597 .is_available()) | 1600 .is_available()) |
1598 WebSecurityPolicy::registerURLSchemeAsAllowingServiceWorkers( | 1601 WebSecurityPolicy::registerURLSchemeAsAllowingServiceWorkers( |
1599 WebString::fromUTF8(kExtensionScheme)); | 1602 WebString::fromUTF8(kExtensionScheme)); |
1600 } | 1603 } |
1601 | 1604 |
1602 } // namespace extensions | 1605 } // namespace extensions |
OLD | NEW |