Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(85)

Side by Side Diff: extensions/renderer/dispatcher.cc

Issue 1332563006: Allow 'chrome-extension:' URLs to bypass content settings (2/2) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/renderer/dispatcher.h" 5 #include "extensions/renderer/dispatcher.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/callback.h" 8 #include "base/callback.h"
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/containers/scoped_ptr_map.h" 10 #include "base/containers/scoped_ptr_map.h"
(...skipping 858 matching lines...) Expand 10 before | Expand all | Expand 10 after
869 // requests. At the Extensions layer, requests will actually be blocked 869 // requests. At the Extensions layer, requests will actually be blocked
870 // unless overridden by the web_accessible_resources manifest key. 870 // unless overridden by the web_accessible_resources manifest key.
871 // TODO(kalman): See what happens with a service worker. 871 // TODO(kalman): See what happens with a service worker.
872 WebSecurityPolicy::registerURLSchemeAsCORSEnabled, 872 WebSecurityPolicy::registerURLSchemeAsCORSEnabled,
873 // Resources should bypass Content Security Policy checks when included in 873 // Resources should bypass Content Security Policy checks when included in
874 // protected resources. TODO(kalman): What are "protected resources"? 874 // protected resources. TODO(kalman): What are "protected resources"?
875 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy, 875 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy,
876 // Extension resources are HTTP-like and safe to expose to the fetch API. 876 // Extension resources are HTTP-like and safe to expose to the fetch API.
877 // The rules for the fetch API are consistent with XHR. 877 // The rules for the fetch API are consistent with XHR.
878 WebSecurityPolicy::registerURLSchemeAsSupportingFetchAPI, 878 WebSecurityPolicy::registerURLSchemeAsSupportingFetchAPI,
879 // Extension resources, when loaded as the top-level document, should
880 // bypass Blink's strict first-party origin checks.
881 WebSecurityPolicy::registerURLSchemeAsFirstPartyWhenTopLevel,
879 }; 882 };
880 883
881 WebString extension_scheme(base::ASCIIToUTF16(kExtensionScheme)); 884 WebString extension_scheme(base::ASCIIToUTF16(kExtensionScheme));
882 WebString extension_resource_scheme(base::ASCIIToUTF16( 885 WebString extension_resource_scheme(base::ASCIIToUTF16(
883 kExtensionResourceScheme)); 886 kExtensionResourceScheme));
884 for (RegisterFunction func : register_functions) { 887 for (RegisterFunction func : register_functions) {
885 func(extension_scheme); 888 func(extension_scheme);
886 func(extension_resource_scheme); 889 func(extension_resource_scheme);
887 } 890 }
888 891
(...skipping 704 matching lines...) Expand 10 before | Expand all | Expand 10 after
1593 void Dispatcher::AddChannelSpecificFeatures() { 1596 void Dispatcher::AddChannelSpecificFeatures() {
1594 // chrome-extension: resources should be allowed to register a Service Worker. 1597 // chrome-extension: resources should be allowed to register a Service Worker.
1595 if (FeatureProvider::GetBehaviorFeature(BehaviorFeature::kServiceWorker) 1598 if (FeatureProvider::GetBehaviorFeature(BehaviorFeature::kServiceWorker)
1596 ->IsAvailableToEnvironment() 1599 ->IsAvailableToEnvironment()
1597 .is_available()) 1600 .is_available())
1598 WebSecurityPolicy::registerURLSchemeAsAllowingServiceWorkers( 1601 WebSecurityPolicy::registerURLSchemeAsAllowingServiceWorkers(
1599 WebString::fromUTF8(kExtensionScheme)); 1602 WebString::fromUTF8(kExtensionScheme));
1600 } 1603 }
1601 1604
1602 } // namespace extensions 1605 } // namespace extensions
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698