Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2422)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/renderer/extensions/dispatcher.cc

Issue 16625012: Remove ExtensionURLInfo, make security decisions in render process (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/extensions/extension_function_dispatcher.cc ('K') | « chrome/renderer/extensions/dispatcher.h ('k') | chrome/renderer/extensions/resource_request_policy.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/renderer/extensions/dispatcher.cc
diff --git a/chrome/renderer/extensions/dispatcher.cc b/chrome/renderer/extensions/dispatcher.cc
index 39a7c26873787c4300c90401f5fa8928157c1868..abb5f5f97423d32642659c1aa8382b7b5475b33e 100644
--- a/chrome/renderer/extensions/dispatcher.cc
+++ b/chrome/renderer/extensions/dispatcher.cc
@@ -934,11 +934,13 @@ void Dispatcher::DidCreateScriptContext(
extension_id = "";
}
- ExtensionURLInfo url_info(frame->document().securityOrigin(),
- UserScriptSlave::GetDataSourceURLForFrame(frame));
+ // Frames loaded on a unique security origin are not accessible to extensions.
+ GURL effective_frame_url;
+ if (!frame->document().securityOrigin().isUnique())
+ effective_frame_url = UserScriptSlave::GetDataSourceURLForFrame(frame);
- Feature::Context context_type =
- ClassifyJavaScriptContext(extension_id, extension_group, url_info);
+ Feature::Context context_type = ClassifyJavaScriptContext(
+ extension_id, extension_group, effective_frame_url);
ChromeV8Context* context =
new ChromeV8Context(v8_context, frame, extension, context_type);
@@ -1056,18 +1058,17 @@ std::string Dispatcher::GetExtensionID(const WebFrame* frame, int world_id) {
return user_script_slave_->GetExtensionIdForIsolatedWorld(world_id);
}
+ if (frame->document().securityOrigin().isUnique())
+ return std::string();
+
// Extension pages (chrome-extension:// URLs).
GURL frame_url = UserScriptSlave::GetDataSourceURLForFrame(frame);
- return extensions_.GetExtensionOrAppIDByURL(
- ExtensionURLInfo(frame->document().securityOrigin(), frame_url));
+ return extensions_.GetExtensionOrAppIDByURL(frame_url);
}
bool Dispatcher::IsWithinPlatformApp(const WebFrame* frame) {
- // We intentionally don't use the origin parameter for ExtensionURLInfo since
- // it would be empty (i.e. unique) for sandboxed resources and thus not match.
- ExtensionURLInfo url_info(
- UserScriptSlave::GetDataSourceURLForFrame(frame->top()));
- const Extension* extension = extensions_.GetExtensionOrAppByURL(url_info);
+ GURL url(UserScriptSlave::GetDataSourceURLForFrame(frame->top()));
+ const Extension* extension = extensions_.GetExtensionOrAppByURL(url);
return extension && extension->is_platform_app();
}
@@ -1297,7 +1298,7 @@ void Dispatcher::OnCancelSuspend(const std::string& extension_id) {
Feature::Context Dispatcher::ClassifyJavaScriptContext(
const std::string& extension_id,
int extension_group,
- const ExtensionURLInfo& url_info) {
+ const GURL& url) {
if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS) {
return extensions_.Contains(extension_id) ?
Feature::CONTENT_SCRIPT_CONTEXT : Feature::UNSPECIFIED_CONTEXT;
@@ -1309,20 +1310,20 @@ Feature::Context Dispatcher::ClassifyJavaScriptContext(
// the extension is considered active.
// 2. ScriptContext creation (which triggers bindings injection) happens
// before the SecurityContext is updated with the sandbox flags (after
- // reading the CSP header), so url_info.url().securityOrigin() is not
- // unique yet.
- if (extensions_.IsSandboxedPage(url_info))
+ // reading the CSP header), so the caller can't check if the context's
+ // security origin is unique yet.
+ if (extensions_.IsSandboxedPage(url))
return Feature::WEB_PAGE_CONTEXT;
if (IsExtensionActive(extension_id))
return Feature::BLESSED_EXTENSION_CONTEXT;
- if (extensions_.ExtensionBindingsAllowed(url_info)) {
+ if (extensions_.ExtensionBindingsAllowed(url)) {
return extensions_.Contains(extension_id) ?
Feature::UNBLESSED_EXTENSION_CONTEXT : Feature::UNSPECIFIED_CONTEXT;
}
- if (url_info.url().is_valid())
+ if (url.is_valid())
return Feature::WEB_PAGE_CONTEXT;
return Feature::UNSPECIFIED_CONTEXT;
@@ -1373,9 +1374,9 @@ bool Dispatcher::CheckContextAccessToExtensionAPI(
// Theoretically we could end up with bindings being injected into sandboxed
// frames, for example content scripts. Don't let them execute API functions.
WebKit::WebFrame* frame = context->web_frame();
- ExtensionURLInfo url_info(frame->document().securityOrigin(),
- UserScriptSlave::GetDataSourceURLForFrame(frame));
- if (extensions_.IsSandboxedPage(url_info)) {
+ if (frame->document().securityOrigin().isUnique() ||
+ extensions_.IsSandboxedPage(
+ UserScriptSlave::GetDataSourceURLForFrame(frame))) {
static const char kMessage[] =
"%s cannot be used within a sandboxed frame.";
std::string error_msg = base::StringPrintf(kMessage, function_name.c_str());
« chrome/browser/extensions/extension_function_dispatcher.cc ('K') | « chrome/renderer/extensions/dispatcher.h ('k') | chrome/renderer/extensions/resource_request_policy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698