Allow tabCapture API to be granted for chrome:// pages.

chrome/browser/extensions/active_tab_permission_granter.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/active_tab_permission_granter.h"
 
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/browser/extensions/extension_system.h"
 #include "chrome/browser/profiles/profile.h"
@@ skipping 19 matching lines @@
     content::WebContents* web_contents, int tab_id, Profile* profile)
     : WebContentsObserver(web_contents), tab_id_(tab_id) {
   registrar_.Add(this,
                  chrome::NOTIFICATION_EXTENSION_UNLOADED,
                  content::Source<Profile>(profile));
 }
 
 ActiveTabPermissionGranter::~ActiveTabPermissionGranter() {}
 
 void ActiveTabPermissionGranter::GrantIfRequested(const Extension* extension) {
-  if (!extension->HasAPIPermission(extensions::APIPermission::kActiveTab) &&
-      !extension->HasAPIPermission(extensions::APIPermission::kTabCapture)) {
+  if (!extension->HasAPIPermission(APIPermission::kActiveTab) &&
+      !extension->HasAPIPermission(APIPermission::kTabCapture)) {
     return;
   }
 
-  if (IsGranted(extension))
+  if (granted_extensions_.Contains(extension->id()))
     return;
 
-  URLPattern pattern(UserScript::ValidUserScriptSchemes());
-  if (pattern.Parse(web_contents()->GetURL().spec()) !=
-          URLPattern::PARSE_SUCCESS) {
+  APIPermissionSet new_apis;
+  URLPatternSet new_hosts;
+
+  if (extension->HasAPIPermission(APIPermission::kActiveTab)) {
+    URLPattern pattern(UserScript::ValidUserScriptSchemes());
     // Pattern parsing could fail if this is an unsupported URL e.g. chrome://.
-    return;
+    if (pattern.Parse(web_contents()->GetURL().spec()) ==
+            URLPattern::PARSE_SUCCESS) {
+      new_hosts.AddPattern(pattern);
+      new_apis.insert(APIPermission::kTab);

[not at google - send to devlin, 2013/09/13 22:09:45]

for consistency with tabCapture I think add this permission regardless of parse
success here. on the host permission thing matters for chrome:// URLs really.

[justinlin, 2013/09/13 22:47:15]

OK, I'll do this separately. I'm not really sure what the kTab permission
entails. Are you sure it should be set for chrome:// pages?

[not at google - send to devlin, 2013/09/13 22:48:52]

It would mean that extensions could read the title of tabs that get clicked when
previously they couldn't. This is fine.

+      granted_extensions_.Insert(extension);
+    }
   }
 
-  APIPermissionSet new_apis;
-  new_apis.insert(APIPermission::kTab);
-  URLPatternSet new_hosts;
-  new_hosts.AddPattern(pattern);
-  scoped_refptr<const PermissionSet> new_permissions =
-      new PermissionSet(new_apis, new_hosts, URLPatternSet());
+  if (extension->HasAPIPermission(APIPermission::kTabCapture))
+    new_apis.insert(APIPermission::kTabCaptureForTab);
 
-  PermissionsData::UpdateTabSpecificPermissions(extension,
-                                                tab_id_,
-                                                new_permissions);
-  granted_extensions_.Insert(extension);
-  Send(new ExtensionMsg_UpdateTabSpecificPermissions(GetPageID(),
-                                                     tab_id_,
-                                                     extension->id(),
-                                                     new_hosts));
-}
-
-bool ActiveTabPermissionGranter::IsGranted(const Extension* extension) {
-  return granted_extensions_.Contains(extension->id());
+  if (!new_apis.empty()) {
+    scoped_refptr<const PermissionSet> new_permissions =
+        new PermissionSet(new_apis, new_hosts, URLPatternSet());
+    PermissionsData::UpdateTabSpecificPermissions(extension,
+                                                  tab_id_,
+                                                  new_permissions);
+    Send(new ExtensionMsg_UpdateTabSpecificPermissions(GetPageID(),
+                                                       tab_id_,
+                                                       extension->id(),
+                                                       new_hosts));
+  }
 }
 
 void ActiveTabPermissionGranter::DidNavigateMainFrame(
     const content::LoadCommittedDetails& details,
     const content::FrameNavigateParams& params) {
   if (details.is_in_page)
     return;
   DCHECK(details.is_main_frame);  // important: sub-frames don't get granted!
   ClearActiveExtensionsAndNotify();
 }
@@ skipping 28 matching lines @@
   }
 
   Send(new ExtensionMsg_ClearTabSpecificPermissions(tab_id_, extension_ids));
   granted_extensions_.Clear();
 }
 
 int32 ActiveTabPermissionGranter::GetPageID() {
   return web_contents()->GetController().GetVisibleEntry()->GetPageID();
 }
 
+// static
+bool ActiveTabPermissionGranter::IsGrantedForTab(
+    const Extension* extension,
+    const content::WebContents* web_contents) {
+  return PermissionsData::HasAPIPermissionForTab(
+      extension,
+      SessionID::IdForTab(web_contents),
+      APIPermission::kTab);

[not at google - send to devlin, 2013/09/13 22:09:45]

can you just write this check specifically wherever it's needed? It's
effectively just a test utility now and not worth building into production code.

[justinlin, 2013/09/13 22:47:15]

Done.

+}
+
 }  // namespace extensions