Index: chrome/browser/extensions/chrome_extension_web_contents_observer.cc |
diff --git a/chrome/browser/extensions/chrome_extension_web_contents_observer.cc b/chrome/browser/extensions/chrome_extension_web_contents_observer.cc |
index b692dfbb0e01fcb1cc9de515061cfef4a3cda176..51c72031e80438451b2a363728a909c16385f06a 100644 |
--- a/chrome/browser/extensions/chrome_extension_web_contents_observer.cc |
+++ b/chrome/browser/extensions/chrome_extension_web_contents_observer.cc |
@@ -8,7 +8,9 @@ |
#include "chrome/browser/extensions/extension_service.h" |
#include "chrome/browser/extensions/window_controller.h" |
#include "chrome/common/extensions/chrome_extension_messages.h" |
+#include "chrome/common/url_constants.h" |
#include "content/public/browser/browser_context.h" |
+#include "content/public/browser/child_process_security_policy.h" |
#include "content/public/browser/render_frame_host.h" |
#include "content/public/browser/render_process_host.h" |
#include "content/public/browser/render_view_host.h" |
@@ -33,6 +35,38 @@ ChromeExtensionWebContentsObserver::~ChromeExtensionWebContentsObserver() {} |
void ChromeExtensionWebContentsObserver::RenderViewCreated( |
content::RenderViewHost* render_view_host) { |
ReloadIfTerminated(render_view_host); |
+ |
+ const Extension* extension = GetExtension(render_view_host); |
+ if (!extension) |
+ return; |
+ |
+ Manifest::Type type = extension->GetType(); |
Devlin
2015/09/23 23:14:17
won't need this.
paulmeyer
2015/09/29 17:24:55
Done.
|
+ int process_id = render_view_host->GetProcess()->GetID(); |
+ |
+ // Components of chrome that are implemented as extensions are allowed to use |
+ // chrome://resources/ URLs. |
+ if (type == Manifest::TYPE_EXTENSION && |
Devlin
2015/09/23 23:14:17
extension->is_extension()
paulmeyer
2015/09/29 17:24:56
Done.
|
+ extension->location() == Manifest::COMPONENT) { |
Devlin
2015/09/23 23:14:17
Manifest::IsComponentLocation(extension->location(
paulmeyer
2015/09/29 17:24:55
Done.
|
+ url::Origin origin = url::Origin::UnsafelyCreateOriginWithoutNormalization( |
Charlie Reis
2015/09/23 22:57:14
Sounds like that's not a preferred way to create O
|
+ content::kChromeUIScheme, content::kChromeUIResourcesHost, 0); |
+ content::ChildProcessSecurityPolicy::GetInstance()->GrantOrigin( |
Devlin
2015/09/23 23:14:17
This would be less verbose if we cached it.
paulmeyer
2015/09/29 17:24:56
Done.
|
+ process_id, origin); |
+ } |
+ |
+ // Extensions, legacy packaged apps, and platform apps are allowed to use |
Charlie Reis
2015/09/23 22:57:14
nit: component platform apps
paulmeyer
2015/09/29 17:24:56
Done.
|
+ // chrome://favicon/ and chrome://extension-icon/ URLs. Hosted apps are not |
+ // allowed because they are served via web servers (and are generally never |
+ // given access to Chrome APIs). |
+ if (type == Manifest::TYPE_EXTENSION || |
Devlin
2015/09/23 23:14:17
is_extension(), analogous for below
paulmeyer
2015/09/29 17:24:55
Done.
|
+ type == Manifest::TYPE_LEGACY_PACKAGED_APP || |
+ (type == Manifest::TYPE_PLATFORM_APP && |
+ extension->location() == Manifest::COMPONENT)) { |
+ content::ChildProcessSecurityPolicy::GetInstance()->GrantOrigin( |
+ process_id, url::Origin(GURL(chrome::kChromeUIFaviconURL))); |
+ content::ChildProcessSecurityPolicy::GetInstance()->GrantOrigin( |
+ process_id, url::Origin(GURL(chrome::kChromeUIExtensionIconURL))); |
+ } |
+ |
ExtensionWebContentsObserver::RenderViewCreated(render_view_host); |
Devlin
2015/09/23 23:14:17
I think I'd prefer to do this initialization first
paulmeyer
2015/09/29 17:24:56
Done.
|
} |