Avoid using ContentBrowserClient::IsIllegalOrigin in ResourceDispatcherHost.

chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/chrome_content_browser_client_extensions_part.h"
 
 #include <stddef.h>
 
 #include <set>
 
 #include "base/command_line.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/browser/extensions/extension_web_ui.h"
 #include "chrome/browser/extensions/extension_webkit_preferences.h"
 #include "chrome/browser/media_galleries/fileapi/media_file_system_backend.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/profiles/profile_io_data.h"
 #include "chrome/browser/profiles/profile_manager.h"
 #include "chrome/browser/renderer_host/chrome_extension_message_filter.h"
 #include "chrome/browser/sync_file_system/local/sync_file_system_backend.h"
 #include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/extensions/extension_process_policy.h"
 #include "components/guest_view/browser/guest_view_message_filter.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/browser_url_handler.h"
 #include "content/public/browser/render_process_host.h"
 #include "content/public/browser/render_view_host.h"
+#include "content/public/browser/resource_dispatcher_host.h"
 #include "content/public/browser/site_instance.h"
 #include "content/public/browser/vpn_service_proxy.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/content_switches.h"
 #include "extensions/browser/api/web_request/web_request_api.h"
 #include "extensions/browser/api/web_request/web_request_api_helpers.h"
 #include "extensions/browser/extension_host.h"
 #include "extensions/browser/extension_message_filter.h"
 #include "extensions/browser/extension_registry.h"
 #include "extensions/browser/extension_service_worker_message_filter.h"
@@ skipping 78 matching lines @@
         registry->enabled_extensions().GetByID(extension_id);
     if (extension && AppIsolationInfo::HasIsolatedStorage(extension))
       return PRIV_ISOLATED;
     if (extension && extension->is_hosted_app())
       return PRIV_HOSTED;
   }
 
   return PRIV_EXTENSION;
 }
 
+// Helper functions to register and unregister an extension process. Invoked
+// on the IO thread.
+void RegisterExtensionProcessHelper(InfoMap* info_map,
+                                    const Extension* extension,
+                                    int process_id,
+                                    int site_instance_id,
+                                    const content::ResourceContext* context) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  info_map->RegisterExtensionProcess(extension->id(), process_id,
+      site_instance_id);
+
+  // Please refer to the ResourceDispatcherHostImpl::IsIllegalOrigin() function
+  // for more information on how we decide whether an extension URL being
+  // committed is allowed or not.
+  // In general we want to achieve this.
+  // 1. If there is no extension installed for the URL, it should not be
+  //    committed
+  // 2. Extension owner processes are always allowed.
+  // 3. Guest processes are allowed only for platform apps which have resources
+  //    accessible to WebViews.
+  if (content::ResourceDispatcherHost::Get()) {
+    content::ResourceDispatcherHost::Get()->AddProcessForOrigin(
+        context,
+        Extension::GetBaseURLFromExtensionId(extension->id()).spec(),
+        process_id,
+        true);
+  }
+}
+
+void UnregisterExtensionProcessHelper(InfoMap* info_map,
+                                      const Extension* extension,
+                                      int process_id,
+                                      int site_instance_id,
+                                      const content::ResourceContext* context) {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+
+  info_map->UnregisterExtensionProcess(extension->id(), process_id,
+      site_instance_id);
+
+  if (content::ResourceDispatcherHost::Get()) {
+    content::ResourceDispatcherHost::Get()->RemoveProcessForOrigin(
+        context,
+        Extension::GetBaseURLFromExtensionId(extension->id()).spec(),
+        process_id,
+        true);
+  }
+}
+
 }  // namespace
 
 ChromeContentBrowserClientExtensionsPart::
     ChromeContentBrowserClientExtensionsPart() {
 }
 
 ChromeContentBrowserClientExtensionsPart::
     ~ChromeContentBrowserClientExtensionsPart() {
 }
 
@@ skipping 127 matching lines @@
       registry->enabled_extensions().GetExtensionOrAppByURL(url);
   if (new_extension && new_extension->is_hosted_app() &&
       new_extension->id() == kWebStoreAppId &&
       !ProcessMap::Get(process_host->GetBrowserContext())
            ->Contains(new_extension->id(), process_host->GetID())) {
     return false;
   }
   return true;
 }
 
-bool ChromeContentBrowserClientExtensionsPart::IsIllegalOrigin(
-    content::ResourceContext* resource_context,
-    int child_process_id,
-    const GURL& origin) {
-  DCHECK_CURRENTLY_ON(BrowserThread::IO);
-
-  // Consider non-extension URLs safe; they will be checked elsewhere.
-  if (!origin.SchemeIs(kExtensionScheme))
-    return false;
-
-  // If there is no extension installed for the URL, it couldn't have committed.
-  // (If the extension was recently uninstalled, the tab would have closed.)
-  ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context);
-  InfoMap* extension_info_map = io_data->GetExtensionInfoMap();
-  const Extension* extension =
-      extension_info_map->extensions().GetExtensionOrAppByURL(origin);
-  if (!extension)
-    return true;
-
-  // Check for platform app origins.  These can only be committed by the app
-  // itself, or by one if its guests if there are accessible_resources.
-  const ProcessMap& process_map = extension_info_map->process_map();
-  if (extension->is_platform_app() &&
-      !process_map.Contains(extension->id(), child_process_id)) {
-    // This is a platform app origin not in the app's own process.  If there are
-    // no accessible resources, this is illegal.
-    if (!extension->GetManifestData(manifest_keys::kWebviewAccessibleResources))
-      return true;
-
-    // If there are accessible resources, the origin is only legal if the given
-    // process is a guest of the app.
-    std::string owner_extension_id;
-    int owner_process_id;
-    WebViewRendererState::GetInstance()->GetOwnerInfo(
-        child_process_id, &owner_process_id, &owner_extension_id);
-    const Extension* owner_extension =
-        extension_info_map->extensions().GetByID(owner_extension_id);
-    return !owner_extension || owner_extension != extension;
-  }
-
-  // With only the origin and not the full URL, we don't have enough information
-  // to validate hosted apps or web_accessible_resources in normal extensions.
-  // Assume they're legal.
-  return false;
-}
-
 // static
 bool ChromeContentBrowserClientExtensionsPart::IsSuitableHost(
     Profile* profile,
     content::RenderProcessHost* process_host,
     const GURL& site_url) {
   DCHECK(profile);
 
   ExtensionRegistry* registry = ExtensionRegistry::Get(profile);
   ProcessMap* process_map = ProcessMap::Get(profile);
 
@@ skipping 215 matching lines @@
           site_instance->GetSiteURL());
   if (!extension)
     return;
 
   ProcessMap::Get(context)->Insert(extension->id(),
                                    site_instance->GetProcess()->GetID(),
                                    site_instance->GetId());
 
   BrowserThread::PostTask(
       BrowserThread::IO, FROM_HERE,
-      base::Bind(&InfoMap::RegisterExtensionProcess,
-                 ExtensionSystem::Get(context)->info_map(), extension->id(),
-                 site_instance->GetProcess()->GetID(), site_instance->GetId()));
+      base::Bind(&RegisterExtensionProcessHelper,
+                 base::RetainedRef(ExtensionSystem::Get(context)->info_map()),
+                 base::RetainedRef(extension),
+                 site_instance->GetProcess()->GetID(), site_instance->GetId(),
+                 context->GetResourceContext()));
 }
 
 void ChromeContentBrowserClientExtensionsPart::SiteInstanceDeleting(
     SiteInstance* site_instance) {
   BrowserContext* context = site_instance->GetBrowserContext();
   ExtensionRegistry* registry = ExtensionRegistry::Get(context);
   if (!registry)
     return;
 
   const Extension* extension =
       registry->enabled_extensions().GetExtensionOrAppByURL(
           site_instance->GetSiteURL());
   if (!extension)
     return;
 
   ProcessMap::Get(context)->Remove(extension->id(),
                                    site_instance->GetProcess()->GetID(),
                                    site_instance->GetId());
 
   BrowserThread::PostTask(
       BrowserThread::IO, FROM_HERE,
-      base::Bind(&InfoMap::UnregisterExtensionProcess,
-                 ExtensionSystem::Get(context)->info_map(), extension->id(),
-                 site_instance->GetProcess()->GetID(), site_instance->GetId()));
+      base::Bind(&UnregisterExtensionProcessHelper,
+                 base::RetainedRef(ExtensionSystem::Get(context)->info_map()),
+                 base::RetainedRef(extension),
+                 site_instance->GetProcess()->GetID(), site_instance->GetId(),
+                 context->GetResourceContext()));
 }
 
 void ChromeContentBrowserClientExtensionsPart::OverrideWebkitPrefs(
     RenderViewHost* rvh,
     WebPreferences* web_prefs) {
   const ExtensionRegistry* registry =
       ExtensionRegistry::Get(rvh->GetProcess()->GetBrowserContext());
   if (!registry)
     return;
 
@@ skipping 63 matching lines @@
     command_line->AppendSwitch(::switches::kEnableWebRtcHWH264Encoding);
 #endif
     if (base::CommandLine::ForCurrentProcess()->HasSwitch(
             switches::kEnableMojoSerialService)) {
       command_line->AppendSwitch(switches::kEnableMojoSerialService);
     }
   }
 }
 
 }  // namespace extensions