Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7330)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/common/extensions/permissions/permission_set.cc

Issue 18399007: Don't count host permission changes for v2 apps as a permission increase. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: refactor Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/common/extensions/permissions/permission_set.h ('K') | « chrome/common/extensions/permissions/permission_set.h ('k') | chrome/common/extensions/permissions/permission_set_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/common/extensions/permissions/permission_set.cc
diff --git a/chrome/common/extensions/permissions/permission_set.cc b/chrome/common/extensions/permissions/permission_set.cc
index a2980c503d02f7c276b3c19fbd30f77a9d02003a..b711c7f17986ef755fe70183166cb50d4597b03f 100644
--- a/chrome/common/extensions/permissions/permission_set.cc
+++ b/chrome/common/extensions/permissions/permission_set.cc
@@ -94,6 +94,8 @@ std::string GetPermissionName(const std::string& function_name) {
return function_name;
}
+
+
} // namespace
namespace extensions {
@@ -263,36 +265,11 @@ PermissionMessages PermissionSet::GetPermissionMessages(
return messages;
}
- // Since platform apps always use isolated storage, they can't (silently)
- // access user data on other domains, so there's no need to prompt.
- if (extension_type != Manifest::TYPE_PLATFORM_APP) {
- if (HasEffectiveAccessToAllHosts()) {
- messages.push_back(PermissionMessage(
- PermissionMessage::kHostsAll,
- l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS)));
- } else {
- for (URLPatternSet::const_iterator i = effective_hosts_.begin();
- i != effective_hosts_.end(); ++i) {
- if (i->scheme() != chrome::kChromeUIScheme)
- continue;
- // chrome://favicon is the only URL for chrome:// scheme that we
- // want to support. We want to deprecate the "chrome" scheme.
- // We should not add any additional "host" here.
- if (GURL(chrome::kChromeUIFaviconURL).host() != i->host())
- continue;
- messages.push_back(PermissionMessage(
- PermissionMessage::kFavicon,
- l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FAVICON)));
- }
- std::set<std::string> hosts = GetDistinctHostsForDisplay();
- if (!hosts.empty())
- messages.push_back(PermissionMessage::CreateFromHostList(hosts));
- }
- }
-
- std::set<PermissionMessage> simple_msgs =
- GetSimplePermissionMessages();
- messages.insert(messages.end(), simple_msgs.begin(), simple_msgs.end());
+ std::set<PermissionMessage> host_msgs =
+ GetHostPermissionMessages(extension_type);
+ std::set<PermissionMessage> api_msgs = GetAPIPermissionMessages();
+ messages.insert(messages.end(), host_msgs.begin(), host_msgs.end());
+ messages.insert(messages.end(), api_msgs.begin(), api_msgs.end());
return messages;
}
@@ -444,7 +421,8 @@ bool PermissionSet::HasEffectiveFullAccess() const {
}
bool PermissionSet::HasLessPrivilegesThan(
- const PermissionSet* permissions) const {
+ const PermissionSet* permissions,
+ Manifest::Type extension_type) const {
// Things can't get worse than native code access.
if (HasEffectiveFullAccess())
return false;
@@ -453,7 +431,7 @@ bool PermissionSet::HasLessPrivilegesThan(
if (permissions->HasEffectiveFullAccess())
return true;
- if (HasLessHostPrivilegesThan(permissions))
+ if (HasLessHostPrivilegesThan(permissions, extension_type))
return true;
if (HasLessAPIPrivilegesThan(permissions))
@@ -546,8 +524,7 @@ void PermissionSet::InitEffectiveHosts() {
explicit_hosts(), scriptable_hosts(), &effective_hosts_);
}
-std::set<PermissionMessage>
- PermissionSet::GetSimplePermissionMessages() const {
+std::set<PermissionMessage> PermissionSet::GetAPIPermissionMessages() const {
std::set<PermissionMessage> messages;
for (APIPermissionSet::const_iterator permission_it = apis_.begin();
permission_it != apis_.end(); ++permission_it) {
@@ -561,15 +538,50 @@ std::set<PermissionMessage>
return messages;
}
+std::set<PermissionMessage> PermissionSet::GetHostPermissionMessages(
+ Manifest::Type extension_type) const {
+ // Since platform apps always use isolated storage, they can't (silently)
+ // access user data on other domains, so there's no need to prompt.
+ // Note: this must remain consistent with HasLessHostPrivilegesThan.
+ // See crbug.com/255229.
+ std::set<PermissionMessage> messages;
+ if (extension_type == Manifest::TYPE_PLATFORM_APP)
+ return messages;
+
+ if (HasEffectiveAccessToAllHosts()) {
+ messages.insert(PermissionMessage(
+ PermissionMessage::kHostsAll,
+ l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS)));
+ } else {
+ for (URLPatternSet::const_iterator i = effective_hosts_.begin();
+ i != effective_hosts_.end(); ++i) {
+ if (i->scheme() != chrome::kChromeUIScheme)
+ continue;
+ // chrome://favicon is the only URL for chrome:// scheme that we
+ // want to support. We want to deprecate the "chrome" scheme.
+ // We should not add any additional "host" here.
+ if (GURL(chrome::kChromeUIFaviconURL).host() != i->host())
+ continue;
+ messages.insert(PermissionMessage(
+ PermissionMessage::kFavicon,
+ l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FAVICON)));
+ }
+ std::set<std::string> hosts = GetDistinctHostsForDisplay();
+ if (!hosts.empty())
+ messages.insert(PermissionMessage::CreateFromHostList(hosts));
+ }
+ return messages;
+}
+
bool PermissionSet::HasLessAPIPrivilegesThan(
const PermissionSet* permissions) const {
if (permissions == NULL)
return false;
std::set<PermissionMessage> current_warnings =
- GetSimplePermissionMessages();
+ GetAPIPermissionMessages();
std::set<PermissionMessage> new_warnings =
- permissions->GetSimplePermissionMessages();
+ permissions->GetAPIPermissionMessages();
std::set<PermissionMessage> delta_warnings;
std::set_difference(new_warnings.begin(), new_warnings.end(),
current_warnings.begin(), current_warnings.end(),
@@ -580,7 +592,13 @@ bool PermissionSet::HasLessAPIPrivilegesThan(
}
bool PermissionSet::HasLessHostPrivilegesThan(
- const PermissionSet* permissions) const {
+ const PermissionSet* permissions,
+ Manifest::Type extension_type) const {
+ // Platform apps host permission changes do not count as privilege increases.
+ // Note: this must remain consistent with GetHostPermissionMessages.
+ if (extension_type == Manifest::TYPE_PLATFORM_APP)
+ return false;
+
// If this permission set can access any host, then it can't be elevated.
if (HasEffectiveAccessToAllHosts())
return false;
« chrome/common/extensions/permissions/permission_set.h ('K') | « chrome/common/extensions/permissions/permission_set.h ('k') | chrome/common/extensions/permissions/permission_set_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698