Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(130)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/renderer/dispatcher.cc

Issue 2028833002: [Extensions] Expand capabilities to about:blank iframes within a page (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@2743
Patch Set: Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/test/data/extensions/content_capabilities/foo.example.com.html ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/renderer/dispatcher.h" 5 #include "extensions/renderer/dispatcher.h"
6 6
7 #include <stddef.h> 7 #include <stddef.h>
8 8
9 #include <memory> 9 #include <memory>
10 #include <utility> 10 #include <utility>
(...skipping 1431 matching lines...) Expand 10 before | Expand all | Expand 10 after
1442 if (info && info->matches.MatchesURL(context->url())) 1442 if (info && info->matches.MatchesURL(context->url()))
1443 return true; 1443 return true;
1444 } 1444 }
1445 return false; 1445 return false;
1446 } 1446 }
1447 1447
1448 void Dispatcher::UpdateContentCapabilities(ScriptContext* context) { 1448 void Dispatcher::UpdateContentCapabilities(ScriptContext* context) {
1449 APIPermissionSet permissions; 1449 APIPermissionSet permissions;
1450 for (const auto& extension : 1450 for (const auto& extension :
1451 *RendererExtensionRegistry::Get()->GetMainThreadExtensionSet()) { 1451 *RendererExtensionRegistry::Get()->GetMainThreadExtensionSet()) {
1452 blink::WebLocalFrame* web_frame = context->web_frame();
1453 GURL url = context->url();
1454 // We allow about:blank pages to take on the privileges of their parents if
1455 // they aren't sandboxed.
1456 if (web_frame && !web_frame->getSecurityOrigin().isUnique())
1457 url = ScriptContext::GetEffectiveDocumentURL(web_frame, url, true);
1452 const ContentCapabilitiesInfo& info = 1458 const ContentCapabilitiesInfo& info =
1453 ContentCapabilitiesInfo::Get(extension.get()); 1459 ContentCapabilitiesInfo::Get(extension.get());
1454 if (info.url_patterns.MatchesURL(context->url())) { 1460 if (info.url_patterns.MatchesURL(url)) {
1455 APIPermissionSet new_permissions; 1461 APIPermissionSet new_permissions;
1456 APIPermissionSet::Union(permissions, info.permissions, &new_permissions); 1462 APIPermissionSet::Union(permissions, info.permissions, &new_permissions);
1457 permissions = new_permissions; 1463 permissions = new_permissions;
1458 } 1464 }
1459 } 1465 }
1460 context->set_content_capabilities(permissions); 1466 context->set_content_capabilities(permissions);
1461 } 1467 }
1462 1468
1463 void Dispatcher::PopulateSourceMap() { 1469 void Dispatcher::PopulateSourceMap() {
1464 const std::vector<std::pair<std::string, int> > resources = GetJsResources(); 1470 const std::vector<std::pair<std::string, int> > resources = GetJsResources();
(...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after
1602 // The "guestViewDeny" module must always be loaded last. It registers 1608 // The "guestViewDeny" module must always be loaded last. It registers
1603 // error-providing custom elements for the GuestView types that are not 1609 // error-providing custom elements for the GuestView types that are not
1604 // available, and thus all of those types must have been checked and loaded 1610 // available, and thus all of those types must have been checked and loaded
1605 // (or not loaded) beforehand. 1611 // (or not loaded) beforehand.
1606 if (context_type == Feature::BLESSED_EXTENSION_CONTEXT) { 1612 if (context_type == Feature::BLESSED_EXTENSION_CONTEXT) {
1607 module_system->Require("guestViewDeny"); 1613 module_system->Require("guestViewDeny");
1608 } 1614 }
1609 } 1615 }
1610 1616
1611 } // namespace extensions 1617 } // namespace extensions
OLDNEW
« no previous file with comments | « chrome/test/data/extensions/content_capabilities/foo.example.com.html ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698