Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(76)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/extensions/api/web_request/web_request_permissions.cc

Issue 14651017: Move RuntimeData and related permissions out of Extension class (Closed) Base URL: http://git.chromium.org/chromium/src.git@dc_unref_permissions
Patch Set: Latest master Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/extensions/api/web_request/web_request_api.cc ('k') | chrome/browser/extensions/extension_install_prompt.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/api/web_request/web_request_permissions.h" 5 #include "chrome/browser/extensions/api/web_request/web_request_permissions.h"
6 6
7 #include "base/string_util.h" 7 #include "base/string_util.h"
8 #include "base/stringprintf.h" 8 #include "base/stringprintf.h"
9 #include "chrome/browser/extensions/extension_info_map.h" 9 #include "chrome/browser/extensions/extension_info_map.h"
10 #include "chrome/common/extensions/extension.h" 10 #include "chrome/common/extensions/extension.h"
11 #include "chrome/common/extensions/extension_constants.h" 11 #include "chrome/common/extensions/extension_constants.h"
12 #include "chrome/common/extensions/permissions/permissions_data.h"
12 #include "chrome/common/url_constants.h" 13 #include "chrome/common/url_constants.h"
13 #include "content/public/browser/resource_request_info.h" 14 #include "content/public/browser/resource_request_info.h"
14 #include "extensions/common/constants.h" 15 #include "extensions/common/constants.h"
15 #include "googleurl/src/gurl.h" 16 #include "googleurl/src/gurl.h"
16 #include "net/url_request/url_request.h" 17 #include "net/url_request/url_request.h"
17 18
18 using content::ResourceRequestInfo; 19 using content::ResourceRequestInfo;
19 20
20 namespace { 21 namespace {
21 22
22 // Returns true if the URL is sensitive and requests to this URL must not be 23 // Returns true if the URL is sensitive and requests to this URL must not be
23 // modified/canceled by extensions, e.g. because it is targeted to the webstore 24 // modified/canceled by extensions, e.g. because it is targeted to the webstore
24 // to check for updates, extension blacklisting, etc. 25 // to check for updates, extension blacklisting, etc.
25 bool IsSensitiveURL(const GURL& url) { 26 bool IsSensitiveURL(const GURL& url) {
26 // TODO(battre) Merge this, CanExtensionAccessURL and 27 // TODO(battre) Merge this, CanExtensionAccessURL and
27 // Extension::CanExecuteScriptOnPage into one function. 28 // PermissionsData::CanExecuteScriptOnPage into one function.
28 bool sensitive_chrome_url = false; 29 bool sensitive_chrome_url = false;
29 const std::string host = url.host(); 30 const std::string host = url.host();
30 const char kGoogleCom[] = ".google.com"; 31 const char kGoogleCom[] = ".google.com";
31 const char kClient[] = "clients"; 32 const char kClient[] = "clients";
32 if (EndsWith(host, kGoogleCom, true)) { 33 if (EndsWith(host, kGoogleCom, true)) {
33 // Check for "clients[0-9]*.google.com" hosts. 34 // Check for "clients[0-9]*.google.com" hosts.
34 // This protects requests to several internal services such as sync, 35 // This protects requests to several internal services such as sync,
35 // extension update pings, captive portal detection, fraudulent certificate 36 // extension update pings, captive portal detection, fraudulent certificate
36 // reporting, autofill and others. 37 // reporting, autofill and others.
37 if (StartsWithASCII(host, kClient, true)) { 38 if (StartsWithASCII(host, kClient, true)) {
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after
111 if (crosses_incognito && !extension_info_map->CanCrossIncognito(extension)) 112 if (crosses_incognito && !extension_info_map->CanCrossIncognito(extension))
112 return false; 113 return false;
113 114
114 switch (host_permissions_check) { 115 switch (host_permissions_check) {
115 case DO_NOT_CHECK_HOST: 116 case DO_NOT_CHECK_HOST:
116 break; 117 break;
117 case REQUIRE_HOST_PERMISSION: 118 case REQUIRE_HOST_PERMISSION:
118 // about: URLs are not covered in host permissions, but are allowed 119 // about: URLs are not covered in host permissions, but are allowed
119 // anyway. 120 // anyway.
120 if (!((url.SchemeIs(chrome::kAboutScheme) || 121 if (!((url.SchemeIs(chrome::kAboutScheme) ||
121 extension->HasHostPermission(url) || 122 extensions::PermissionsData::HasHostPermission(extension, url) ||
122 url.GetOrigin() == extension->url()))) 123 url.GetOrigin() == extension->url()))) {
123 return false; 124 return false;
125 }
124 break; 126 break;
125 case REQUIRE_ALL_URLS: 127 case REQUIRE_ALL_URLS:
126 if (!extension->HasEffectiveAccessToAllHosts()) 128 if (!extensions::PermissionsData::HasEffectiveAccessToAllHosts(extension))
127 return false; 129 return false;
128 break; 130 break;
129 } 131 }
130 132
131 return true; 133 return true;
132 } 134 }
OLDNEW
« no previous file with comments | « chrome/browser/extensions/api/web_request/web_request_api.cc ('k') | chrome/browser/extensions/extension_install_prompt.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698