Chromium Code Reviews Chromium Code Reviews
Issue 1843803002:
[Extensions] Add an access check before executing native code in the renderer (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/renderer/script_context.h" | 5 #include "extensions/renderer/script_context.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | |
| 7 #include "base/logging.h" | 8 #include "base/logging.h" |
| 8 #include "base/macros.h" | 9 #include "base/macros.h" |
| 9 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/strings/string_split.h" | 11 #include "base/strings/string_split.h" |
| 11 #include "base/strings/string_util.h" | 12 #include "base/strings/string_util.h" |
| 12 #include "base/strings/stringprintf.h" | 13 #include "base/strings/stringprintf.h" |
| 13 #include "base/values.h" | 14 #include "base/values.h" |
| 14 #include "content/public/child/v8_value_converter.h" | 15 #include "content/public/child/v8_value_converter.h" |
| 16 #include "content/public/common/content_switches.h" | |
| 15 #include "content/public/common/url_constants.h" | 17 #include "content/public/common/url_constants.h" |
| 16 #include "content/public/renderer/render_frame.h" | 18 #include "content/public/renderer/render_frame.h" |
| 17 #include "extensions/common/constants.h" | 19 #include "extensions/common/constants.h" |
| 18 #include "extensions/common/extension.h" | 20 #include "extensions/common/extension.h" |
| 19 #include "extensions/common/extension_api.h" | 21 #include "extensions/common/extension_api.h" |
| 20 #include "extensions/common/extension_urls.h" | 22 #include "extensions/common/extension_urls.h" |
| 21 #include "extensions/common/features/base_feature_provider.h" | 23 #include "extensions/common/features/base_feature_provider.h" |
| 22 #include "extensions/common/manifest_handlers/sandboxed_page_info.h" | 24 #include "extensions/common/manifest_handlers/sandboxed_page_info.h" |
| 23 #include "extensions/common/permissions/permissions_data.h" | 25 #include "extensions/common/permissions/permissions_data.h" |
| 24 #include "extensions/renderer/renderer_extension_registry.h" | 26 #include "extensions/renderer/renderer_extension_registry.h" |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 201 | 203 |
| 202 v8::Local<v8::Value> ScriptContext::CallFunction( | 204 v8::Local<v8::Value> ScriptContext::CallFunction( |
| 203 const v8::Local<v8::Function>& function) const { | 205 const v8::Local<v8::Function>& function) const { |
| 204 DCHECK(thread_checker_.CalledOnValidThread()); | 206 DCHECK(thread_checker_.CalledOnValidThread()); |
| 205 return CallFunction(function, 0, nullptr); | 207 return CallFunction(function, 0, nullptr); |
| 206 } | 208 } |
| 207 | 209 |
| 208 Feature::Availability ScriptContext::GetAvailability( | 210 Feature::Availability ScriptContext::GetAvailability( |
| 209 const std::string& api_name) { | 211 const std::string& api_name) { |
| 210 DCHECK(thread_checker_.CalledOnValidThread()); | 212 DCHECK(thread_checker_.CalledOnValidThread()); |
| 213 if (api_name == "test") { | |
|
Devlin
2016/03/30 22:02:28
test api is special; the rest of them should prett
| |
| 214 bool allowed = base::CommandLine::ForCurrentProcess()-> | |
| 215 HasSwitch(::switches::kTestType); | |
| 216 Feature::AvailabilityResult result = | |
| 217 allowed ? Feature::IS_AVAILABLE : Feature::MISSING_COMMAND_LINE_SWITCH; | |
| 218 return Feature::Availability(result, | |
| 219 allowed ? "" : "Only allowed in tests"); | |
| 220 } | |
| 211 // Hack: Hosted apps should have the availability of messaging APIs based on | 221 // Hack: Hosted apps should have the availability of messaging APIs based on |
| 212 // the URL of the page (which might have access depending on some extension | 222 // the URL of the page (which might have access depending on some extension |
| 213 // with externally_connectable), not whether the app has access to messaging | 223 // with externally_connectable), not whether the app has access to messaging |
| 214 // (which it won't). | 224 // (which it won't). |
| 215 const Extension* extension = extension_.get(); | 225 const Extension* extension = extension_.get(); |
| 216 if (extension && extension->is_hosted_app() && | 226 if (extension && extension->is_hosted_app() && |
| 217 (api_name == "runtime.connect" || api_name == "runtime.sendMessage")) { | 227 (api_name == "runtime.connect" || api_name == "runtime.sendMessage")) { |
| 218 extension = NULL; | 228 extension = NULL; |
| 219 } | 229 } |
| 220 return ExtensionAPI::GetSharedInstance()->IsAvailable(api_name, extension, | 230 return ExtensionAPI::GetSharedInstance()->IsAvailable(api_name, extension, |
| (...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 470 v8::Local<v8::Value> argv[]) { | 480 v8::Local<v8::Value> argv[]) { |
| 471 return context_->CallFunction(function, argc, argv); | 481 return context_->CallFunction(function, argc, argv); |
| 472 } | 482 } |
| 473 | 483 |
| 474 gin::ContextHolder* ScriptContext::Runner::GetContextHolder() { | 484 gin::ContextHolder* ScriptContext::Runner::GetContextHolder() { |
| 475 v8::HandleScope handle_scope(context_->isolate()); | 485 v8::HandleScope handle_scope(context_->isolate()); |
| 476 return gin::PerContextData::From(context_->v8_context())->context_holder(); | 486 return gin::PerContextData::From(context_->v8_context())->context_holder(); |
| 477 } | 487 } |
| 478 | 488 |
| 479 } // namespace extensions | 489 } // namespace extensions |
| OLD | NEW |
