Chromium Code Reviews Chromium Code Reviews
Issue 14358004:
Almost all actions in Declarative Web Request require all_urls host permissions (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/extensions/api/declarative_webrequest/webrequest_action.cc |
| diff --git a/chrome/browser/extensions/api/declarative_webrequest/webrequest_action.cc b/chrome/browser/extensions/api/declarative_webrequest/webrequest_action.cc |
| index 2459ee9983757ee5ef4d48ee61ae60bcba3daba2..0d67c1346146ea02f2b827f66d514ad3e6d580dd 100644 |
| --- a/chrome/browser/extensions/api/declarative_webrequest/webrequest_action.cc |
| +++ b/chrome/browser/extensions/api/declarative_webrequest/webrequest_action.cc |
| @@ -5,6 +5,7 @@ |
| #include "chrome/browser/extensions/api/declarative_webrequest/webrequest_action.h" |
| #include <limits> |
| +#include <sstream> |
| #include "base/lazy_instance.h" |
| #include "base/logging.h" |
| @@ -329,10 +330,16 @@ struct WebRequestActionFactory { |
| (* FactoryMethod)(const base::DictionaryValue* /* dict */ , |
| std::string* /* error */, |
| bool* /* bad_message */); |
| + |
| + typedef std::map<WebRequestAction::Type, const std::string> ActionNames; |
| + |
| // Maps the name of a declarativeWebRequest action type to the factory |
| // function creating it. |
| std::map<std::string, FactoryMethod> factory_methods; |
| + // Translates action types into the corresponding JavaScript names. |
| + std::map<WebRequestAction::Type, const std::string> action_names; |
|
Matt Perry
2013/04/25 19:59:21
use the typedef?
vabr (Chromium)
2013/04/26 09:58:52
Done.
|
| + |
| WebRequestActionFactory() { |
| factory_methods[keys::kAddRequestCookieType] = |
| &CreateRequestCookieAction; |
| @@ -369,6 +376,44 @@ struct WebRequestActionFactory { |
| &CreateIgnoreRulesAction; |
| factory_methods[keys::kSendMessageToExtensionType] = |
| &CreateSendMessageToExtensionAction; |
| + |
| +#define INSERT_ACTION_NAME(type, name) \ |
| + action_names.insert(ActionNames::value_type(type, name)); |
|
vabr (Chromium)
2013/04/25 19:08:03
Inserting instead of using [] because I want the s
Matt Perry
2013/04/25 19:59:21
Weird... [] prevents that?
vabr (Chromium)
2013/04/26 09:58:52
Yes, in
action_names[x] = "some string";
I would b
|
| + std::ostringstream modify_request_cookie; |
|
Matt Perry
2013/04/25 19:59:21
Don't use streams: http://google-styleguide.google
vabr (Chromium)
2013/04/26 09:58:52
Done.
Using JoinString instead of plain +=, becau
|
| + modify_request_cookie << keys::kAddRequestCookieType << ", " |
| + << keys::kEditRequestCookieType << ", " |
| + << keys::kRemoveRequestCookieType; |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_MODIFY_REQUEST_COOKIE, |
| + modify_request_cookie.str()); |
| + std::ostringstream modify_response_cookie; |
| + modify_response_cookie << keys::kAddResponseCookieType << ", " |
| + << keys::kEditResponseCookieType << ", " |
| + << keys::kRemoveResponseCookieType; |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_MODIFY_RESPONSE_COOKIE, |
| + modify_response_cookie.str()); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_ADD_RESPONSE_HEADER, |
| + keys::kAddResponseHeaderType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_CANCEL_REQUEST, |
| + keys::kCancelRequestType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_REDIRECT_BY_REGEX_DOCUMENT, |
| + keys::kRedirectByRegExType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_REDIRECT_REQUEST, |
| + keys::kRedirectRequestType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_REDIRECT_TO_TRANSPARENT_IMAGE, |
| + keys::kRedirectToTransparentImageType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_REDIRECT_TO_EMPTY_DOCUMENT, |
| + keys::kRedirectToEmptyDocumentType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_SET_REQUEST_HEADER, |
| + keys::kSetRequestHeaderType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_REMOVE_REQUEST_HEADER, |
| + keys::kRemoveRequestHeaderType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_REMOVE_RESPONSE_HEADER, |
| + keys::kRemoveResponseHeaderType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_IGNORE_RULES, |
| + keys::kIgnoreRulesType); |
| + INSERT_ACTION_NAME(WebRequestAction::ACTION_SEND_MESSAGE_TO_EXTENSION, |
| + keys::kSendMessageToExtensionType); |
| +#undef INSERT_ACTION_NAME |
| } |
| }; |
| @@ -381,17 +426,19 @@ base::LazyInstance<WebRequestActionFactory>::Leaky |
| // WebRequestAction |
| // |
| -WebRequestAction::WebRequestAction() {} |
| - |
| WebRequestAction::~WebRequestAction() {} |
| -int WebRequestAction::GetMinimumPriority() const { |
| - return std::numeric_limits<int>::min(); |
| +const std::string& WebRequestAction::GetName() const { |
| + const std::map<WebRequestAction::Type, const std::string>& names = |
|
Matt Perry
2013/04/25 19:59:21
typedef?
vabr (Chromium)
2013/04/26 09:58:52
Done.
|
| + g_web_request_action_factory.Get().action_names; |
| + std::map<WebRequestAction::Type, const std::string>::const_iterator it = |
| + names.find(GetType()); |
| + CHECK(it != names.end()); |
| + return it->second; |
| } |
| -WebRequestAction::HostPermissionsStrategy |
| -WebRequestAction::GetHostPermissionsStrategy() const { |
| - return STRATEGY_DEFAULT; |
| +int WebRequestAction::GetMinimumPriority() const { |
| + return std::numeric_limits<int>::min(); |
| } |
| bool WebRequestAction::HasPermission(const ExtensionInfoMap* extension_info_map, |
| @@ -406,31 +453,21 @@ bool WebRequestAction::HasPermission(const ExtensionInfoMap* extension_info_map, |
| if (!extension_info_map) |
| return true; |
| - HostPermissionsStrategy strategy = GetHostPermissionsStrategy(); |
| - if (strategy == STRATEGY_NONE || strategy == STRATEGY_DEFAULT) { |
| - bool check_host_permissions = strategy != STRATEGY_NONE; |
| - return WebRequestPermissions::CanExtensionAccessURL( |
| - extension_info_map, extension_id, request->url(), crosses_incognito, |
| - check_host_permissions); |
| - } |
| - return true; |
| -} |
| - |
| -bool WebRequestAction::DeltaHasPermission( |
| - const ExtensionInfoMap* extension_info_map, |
| - const std::string& extension_id, |
| - const net::URLRequest* request, |
| - bool crosses_incognito, |
| - const LinkedPtrEventResponseDelta& delta) const { |
| - if (GetHostPermissionsStrategy() == STRATEGY_ALLOW_SAME_DOMAIN) { |
| - return |
| - net::RegistryControlledDomainService::SameDomainOrHost( |
| - request->url(), delta->new_url) || |
| - WebRequestPermissions::CanExtensionAccessURL( |
| - extension_info_map, extension_id, request->url(), crosses_incognito, |
| - true); |
| + WebRequestPermissions::HostPermissionsCheck permission_check = |
| + WebRequestPermissions::REQUIRE_ALL_URLS; |
| + switch (host_permissions_strategy()) { |
| + case STRATEGY_DEFAULT: // Default value is already set. |
| + break; |
| + case STRATEGY_NONE: |
| + permission_check = WebRequestPermissions::DO_NOT_CHECK_HOST; |
| + break; |
| + case STRATEGY_HOST: |
| + permission_check = WebRequestPermissions::REQUIRE_HOST_PERMISSION; |
| + break; |
| } |
| - return true; |
| + return WebRequestPermissions::CanExtensionAccessURL( |
| + extension_info_map, extension_id, request->url(), crosses_incognito, |
| + permission_check); |
| } |
| // static |
| @@ -468,13 +505,8 @@ void WebRequestAction::Apply(const std::string& extension_id, |
| if (GetStages() & apply_info->request_data.stage) { |
| LinkedPtrEventResponseDelta delta = CreateDelta( |
| apply_info->request_data, extension_id, extension_install_time); |
| - if (delta.get()) { |
| - if (DeltaHasPermission(apply_info->extension_info_map, extension_id, |
| - apply_info->request_data.request, |
| - apply_info->crosses_incognito, |
| - delta)) |
| - apply_info->deltas->push_back(delta); |
| - } |
| + if (delta.get()) |
| + apply_info->deltas->push_back(delta); |
| if (GetType() == WebRequestAction::ACTION_IGNORE_RULES) { |
| const WebRequestIgnoreRulesAction* ignore_action = |
| static_cast<const WebRequestIgnoreRulesAction*>(this); |
| @@ -484,12 +516,15 @@ void WebRequestAction::Apply(const std::string& extension_id, |
| } |
| } |
| +WebRequestAction::WebRequestAction(HostPermissionsStrategy strategy) |
| + : host_permissions_strategy_(strategy) {} |
| // |
| // WebRequestCancelAction |
| // |
| -WebRequestCancelAction::WebRequestCancelAction() {} |
| +WebRequestCancelAction::WebRequestCancelAction() |
| + : WebRequestAction(STRATEGY_NONE) {} |
| WebRequestCancelAction::~WebRequestCancelAction() {} |
| @@ -502,11 +537,6 @@ WebRequestAction::Type WebRequestCancelAction::GetType() const { |
| return WebRequestAction::ACTION_CANCEL_REQUEST; |
| } |
| -WebRequestAction::HostPermissionsStrategy |
| -WebRequestCancelAction::GetHostPermissionsStrategy() const { |
| - return WebRequestAction::STRATEGY_NONE; |
| -} |
| - |
| LinkedPtrEventResponseDelta WebRequestCancelAction::CreateDelta( |
| const WebRequestData& request_data, |
| const std::string& extension_id, |
| @@ -523,7 +553,7 @@ LinkedPtrEventResponseDelta WebRequestCancelAction::CreateDelta( |
| // |
| WebRequestRedirectAction::WebRequestRedirectAction(const GURL& redirect_url) |
| - : redirect_url_(redirect_url) {} |
| + : WebRequestAction(STRATEGY_DEFAULT), redirect_url_(redirect_url) {} |
| WebRequestRedirectAction::~WebRequestRedirectAction() {} |
| @@ -535,11 +565,6 @@ WebRequestAction::Type WebRequestRedirectAction::GetType() const { |
| return WebRequestAction::ACTION_REDIRECT_REQUEST; |
| } |
| -WebRequestAction::HostPermissionsStrategy |
| -WebRequestRedirectAction::GetHostPermissionsStrategy() const { |
| - return WebRequestAction::STRATEGY_ALLOW_SAME_DOMAIN; |
| -} |
| - |
| LinkedPtrEventResponseDelta WebRequestRedirectAction::CreateDelta( |
| const WebRequestData& request_data, |
| const std::string& extension_id, |
| @@ -558,7 +583,8 @@ LinkedPtrEventResponseDelta WebRequestRedirectAction::CreateDelta( |
| // |
| WebRequestRedirectToTransparentImageAction:: |
| -WebRequestRedirectToTransparentImageAction() {} |
| + WebRequestRedirectToTransparentImageAction() |
| + : WebRequestAction(STRATEGY_NONE) {} |
| WebRequestRedirectToTransparentImageAction:: |
| ~WebRequestRedirectToTransparentImageAction() {} |
| @@ -572,11 +598,6 @@ WebRequestRedirectToTransparentImageAction::GetType() const { |
| return WebRequestAction::ACTION_REDIRECT_TO_TRANSPARENT_IMAGE; |
| } |
| -WebRequestAction::HostPermissionsStrategy |
| -WebRequestRedirectToTransparentImageAction::GetHostPermissionsStrategy() const { |
| - return WebRequestAction::STRATEGY_NONE; |
| -} |
| - |
| LinkedPtrEventResponseDelta |
| WebRequestRedirectToTransparentImageAction::CreateDelta( |
| const WebRequestData& request_data, |
| @@ -594,7 +615,8 @@ WebRequestRedirectToTransparentImageAction::CreateDelta( |
| // |
| WebRequestRedirectToEmptyDocumentAction:: |
| -WebRequestRedirectToEmptyDocumentAction() {} |
| + WebRequestRedirectToEmptyDocumentAction() |
| + : WebRequestAction(STRATEGY_NONE) {} |
| WebRequestRedirectToEmptyDocumentAction:: |
| ~WebRequestRedirectToEmptyDocumentAction() {} |
| @@ -608,11 +630,6 @@ WebRequestRedirectToEmptyDocumentAction::GetType() const { |
| return WebRequestAction::ACTION_REDIRECT_TO_EMPTY_DOCUMENT; |
| } |
| -WebRequestAction::HostPermissionsStrategy |
| -WebRequestRedirectToEmptyDocumentAction::GetHostPermissionsStrategy() const { |
| - return WebRequestAction::STRATEGY_NONE; |
| -} |
| - |
| LinkedPtrEventResponseDelta |
| WebRequestRedirectToEmptyDocumentAction::CreateDelta( |
| const WebRequestData& request_data, |
| @@ -632,7 +649,8 @@ WebRequestRedirectToEmptyDocumentAction::CreateDelta( |
| WebRequestRedirectByRegExAction::WebRequestRedirectByRegExAction( |
| scoped_ptr<RE2> from_pattern, |
| const std::string& to_pattern) |
| - : from_pattern_(from_pattern.Pass()), |
| + : WebRequestAction(STRATEGY_DEFAULT), |
| + from_pattern_(from_pattern.Pass()), |
| to_pattern_(to_pattern.data(), to_pattern.size()) {} |
| WebRequestRedirectByRegExAction::~WebRequestRedirectByRegExAction() {} |
| @@ -698,11 +716,6 @@ WebRequestAction::Type WebRequestRedirectByRegExAction::GetType() const { |
| return WebRequestAction::ACTION_REDIRECT_BY_REGEX_DOCUMENT; |
| } |
| -WebRequestAction::HostPermissionsStrategy |
| -WebRequestRedirectByRegExAction::GetHostPermissionsStrategy() const { |
| - return WebRequestAction::STRATEGY_ALLOW_SAME_DOMAIN; |
| -} |
| - |
| LinkedPtrEventResponseDelta WebRequestRedirectByRegExAction::CreateDelta( |
| const WebRequestData& request_data, |
| const std::string& extension_id, |
| @@ -731,9 +744,7 @@ LinkedPtrEventResponseDelta WebRequestRedirectByRegExAction::CreateDelta( |
| WebRequestSetRequestHeaderAction::WebRequestSetRequestHeaderAction( |
| const std::string& name, |
| const std::string& value) |
| - : name_(name), |
| - value_(value) { |
| -} |
| + : WebRequestAction(STRATEGY_DEFAULT), name_(name), value_(value) {} |
| WebRequestSetRequestHeaderAction::~WebRequestSetRequestHeaderAction() {} |
| @@ -764,8 +775,7 @@ WebRequestSetRequestHeaderAction::CreateDelta( |
| WebRequestRemoveRequestHeaderAction::WebRequestRemoveRequestHeaderAction( |
| const std::string& name) |
| - : name_(name) { |
| -} |
| + : WebRequestAction(STRATEGY_DEFAULT), name_(name) {} |
| WebRequestRemoveRequestHeaderAction::~WebRequestRemoveRequestHeaderAction() {} |
| @@ -797,9 +807,7 @@ WebRequestRemoveRequestHeaderAction::CreateDelta( |
| WebRequestAddResponseHeaderAction::WebRequestAddResponseHeaderAction( |
| const std::string& name, |
| const std::string& value) |
| - : name_(name), |
| - value_(value) { |
| -} |
| + : WebRequestAction(STRATEGY_DEFAULT), name_(name), value_(value) {} |
| WebRequestAddResponseHeaderAction::~WebRequestAddResponseHeaderAction() {} |
| @@ -841,10 +849,10 @@ WebRequestRemoveResponseHeaderAction::WebRequestRemoveResponseHeaderAction( |
| const std::string& name, |
| const std::string& value, |
| bool has_value) |
| - : name_(name), |
| + : WebRequestAction(STRATEGY_DEFAULT), |
| + name_(name), |
| value_(value), |
| - has_value_(has_value) { |
| -} |
| + has_value_(has_value) {} |
| WebRequestRemoveResponseHeaderAction::~WebRequestRemoveResponseHeaderAction() {} |
| @@ -892,9 +900,9 @@ WebRequestRemoveResponseHeaderAction::CreateDelta( |
| WebRequestIgnoreRulesAction::WebRequestIgnoreRulesAction( |
| int minimum_priority, |
| const std::string& ignore_tag) |
| - : minimum_priority_(minimum_priority), |
| - ignore_tag_(ignore_tag) { |
| -} |
| + : WebRequestAction(STRATEGY_NONE), |
| + minimum_priority_(minimum_priority), |
| + ignore_tag_(ignore_tag) {} |
| WebRequestIgnoreRulesAction::~WebRequestIgnoreRulesAction() {} |
| @@ -911,11 +919,6 @@ int WebRequestIgnoreRulesAction::GetMinimumPriority() const { |
| return minimum_priority_; |
| } |
| -WebRequestAction::HostPermissionsStrategy |
| -WebRequestIgnoreRulesAction::GetHostPermissionsStrategy() const { |
| - return WebRequestAction::STRATEGY_NONE; |
| -} |
| - |
| LinkedPtrEventResponseDelta WebRequestIgnoreRulesAction::CreateDelta( |
| const WebRequestData& request_data, |
| const std::string& extension_id, |
| @@ -930,7 +933,8 @@ LinkedPtrEventResponseDelta WebRequestIgnoreRulesAction::CreateDelta( |
| WebRequestRequestCookieAction::WebRequestRequestCookieAction( |
| linked_ptr<RequestCookieModification> request_cookie_modification) |
| - : request_cookie_modification_(request_cookie_modification) { |
| + : WebRequestAction(STRATEGY_DEFAULT), |
| + request_cookie_modification_(request_cookie_modification) { |
| CHECK(request_cookie_modification_.get()); |
| } |
| @@ -963,7 +967,8 @@ LinkedPtrEventResponseDelta WebRequestRequestCookieAction::CreateDelta( |
| WebRequestResponseCookieAction::WebRequestResponseCookieAction( |
| linked_ptr<ResponseCookieModification> response_cookie_modification) |
| - : response_cookie_modification_(response_cookie_modification) { |
| + : WebRequestAction(STRATEGY_DEFAULT), |
| + response_cookie_modification_(response_cookie_modification) { |
| CHECK(response_cookie_modification_.get()); |
| } |
| @@ -996,8 +1001,7 @@ LinkedPtrEventResponseDelta WebRequestResponseCookieAction::CreateDelta( |
| WebRequestSendMessageToExtensionAction::WebRequestSendMessageToExtensionAction( |
| const std::string& message) |
| - : message_(message) { |
| -} |
| + : WebRequestAction(STRATEGY_HOST), message_(message) {} |
| WebRequestSendMessageToExtensionAction:: |
| ~WebRequestSendMessageToExtensionAction() {} |
