Index: chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
diff --git a/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc b/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
index 8adeb96f87829a4b0395e697e12325fb4b7ac245..296bb99ef533e2e30411972ecd1e80038cc7271e 100644 |
--- a/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
+++ b/chrome/browser/extensions/chrome_content_browser_client_extensions_part.cc |
@@ -27,12 +27,15 @@ |
#include "content/public/browser/browser_url_handler.h" |
#include "content/public/browser/render_process_host.h" |
#include "content/public/browser/render_view_host.h" |
+#include "content/public/browser/resource_dispatcher_host.h" |
+#include "content/public/browser/resource_dispatcher_host_interceptor.h" |
#include "content/public/browser/site_instance.h" |
#include "content/public/browser/vpn_service_proxy.h" |
#include "content/public/browser/web_contents.h" |
#include "content/public/common/content_switches.h" |
#include "extensions/browser/api/web_request/web_request_api.h" |
#include "extensions/browser/api/web_request/web_request_api_helpers.h" |
+#include "extensions/browser/bad_message.h" |
#include "extensions/browser/extension_host.h" |
#include "extensions/browser/extension_message_filter.h" |
#include "extensions/browser/extension_registry.h" |
@@ -127,6 +130,44 @@ RenderProcessHostPrivilege GetProcessPrivilege( |
} // namespace |
+// Registers a HTTP origin header interceptor on the ResourceDispatcherHost |
+// for the chrome extension scheme. On getting invoked it invokes the |
+// |callback in the OnHttpHeaderReceived function with success or failure |
+// based on whether the extension origin is valid. For more information on |
+// how we determine whether the origins are valid, please see the |
+// ChromeContentBrowserClientExtensionsPart::IsIllegalOrigin() function. |
+class ChromeExtensionOriginInterceptor |
+ : public content::ResourceDispatcherHostInterceptor { |
+ public: |
+ ChromeExtensionOriginInterceptor() { |
+ content::ResourceDispatcherHost::Get()->RegisterInterceptor( |
+ "Origin", kExtensionScheme, this); |
+ } |
+ |
+ ~ChromeExtensionOriginInterceptor() override { |
+ content::ResourceDispatcherHost::Get()->UnregisterInterceptor( |
+ "Origin", this); |
+ } |
+ |
+ void OnHttpHeaderReceived(const std::string& header, |
+ const std::string& value, |
+ int child_id, |
+ content::ResourceContext* resource_context, |
+ OnHeaderProcessedCallback callback) override { |
+ DCHECK_CURRENTLY_ON(BrowserThread::IO); |
+ |
+ GURL origin(value); |
+ DCHECK(origin.SchemeIs(extensions::kExtensionScheme)); |
+ |
+ if (ChromeContentBrowserClientExtensionsPart::IsIllegalOrigin( |
+ resource_context, child_id, origin)) { |
+ callback.Run(false, bad_message::INVALID_ORIGIN); |
+ } else { |
+ callback.Run(true, 0); |
+ } |
+ } |
+}; |
+ |
ChromeContentBrowserClientExtensionsPart:: |
ChromeContentBrowserClientExtensionsPart() { |
} |
@@ -662,4 +703,9 @@ void ChromeContentBrowserClientExtensionsPart:: |
} |
} |
+void ChromeContentBrowserClientExtensionsPart:: |
+ ResourceDispatcherHostCreated() { |
+ extension_origin_interceptor_.reset(new ChromeExtensionOriginInterceptor); |
+} |
+ |
} // namespace extensions |