OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/renderer/extensions/user_script_scheduler.h" | 5 #include "chrome/renderer/extensions/user_script_scheduler.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
10 #include "chrome/common/url_constants.h" | |
10 #include "chrome/renderer/chrome_render_process_observer.h" | 11 #include "chrome/renderer/chrome_render_process_observer.h" |
11 #include "chrome/renderer/extensions/chrome_v8_context.h" | 12 #include "chrome/renderer/extensions/chrome_v8_context.h" |
12 #include "chrome/renderer/extensions/dispatcher.h" | 13 #include "chrome/renderer/extensions/dispatcher.h" |
13 #include "chrome/renderer/extensions/dom_activity_logger.h" | 14 #include "chrome/renderer/extensions/dom_activity_logger.h" |
14 #include "chrome/renderer/extensions/extension_groups.h" | 15 #include "chrome/renderer/extensions/extension_groups.h" |
15 #include "chrome/renderer/extensions/extension_helper.h" | 16 #include "chrome/renderer/extensions/extension_helper.h" |
16 #include "chrome/renderer/extensions/user_script_slave.h" | 17 #include "chrome/renderer/extensions/user_script_slave.h" |
17 #include "content/public/renderer/render_view.h" | 18 #include "content/public/renderer/render_view.h" |
18 #include "content/public/renderer/v8_value_converter.h" | 19 #include "content/public/renderer/v8_value_converter.h" |
19 #include "extensions/common/error_utils.h" | 20 #include "extensions/common/error_utils.h" |
(...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
177 // We recheck access here in the renderer for extra safety against races | 178 // We recheck access here in the renderer for extra safety against races |
178 // with navigation. | 179 // with navigation. |
179 // | 180 // |
180 // But different frames can have different URLs, and the extension might | 181 // But different frames can have different URLs, and the extension might |
181 // only have access to a subset of them. For the top frame, we can | 182 // only have access to a subset of them. For the top frame, we can |
182 // immediately send an error and stop because the browser process | 183 // immediately send an error and stop because the browser process |
183 // considers that an error too. | 184 // considers that an error too. |
184 // | 185 // |
185 // For child frames, we just skip ones the extension doesn't have access | 186 // For child frames, we just skip ones the extension doesn't have access |
186 // to and carry on. | 187 // to and carry on. |
187 if (!params.is_web_view && | 188 if (!params.is_web_view) { |
188 !PermissionsData::CanExecuteScriptOnPage(extension, | 189 GURL document_url(child_frame->document().url()); |
189 child_frame->document().url(), | 190 |
190 frame_->document().url(), | 191 if (document_url.SchemeIs(content::kAboutScheme)) { |
not at google - send to devlin
2014/04/18 16:04:55
mention that about: URLs inherit the origin from t
| |
191 extension_helper->tab_id(), | 192 GURL document_origin_url( |
192 NULL, | 193 child_frame->document().securityOrigin().toString()); |
193 -1, | 194 if (document_origin_url.is_valid()) |
194 NULL)) { | 195 document_url = document_origin_url; |
195 if (child_frame->parent()) { | 196 } |
196 continue; | 197 |
197 } else { | 198 if (!PermissionsData::CanExecuteScriptOnPage(extension, |
198 error = ErrorUtils::FormatErrorMessage( | 199 document_url, |
199 manifest_errors::kCannotAccessPage, | 200 frame_->document().url(), |
200 child_frame->document().url().spec()); | 201 extension_helper->tab_id(), |
201 break; | 202 NULL, |
203 -1, | |
204 NULL)) { | |
205 if (child_frame->parent()) { | |
206 continue; | |
207 } else { | |
208 error = ErrorUtils::FormatErrorMessage( | |
209 manifest_errors::kCannotAccessPage, | |
210 child_frame->document().url().spec()); | |
not at google - send to devlin
2014/04/18 16:04:55
use document_url here.
| |
211 break; | |
212 } | |
202 } | 213 } |
203 } | 214 } |
204 | 215 |
205 if (params.is_javascript) { | 216 if (params.is_javascript) { |
206 WebScriptSource source(WebString::fromUTF8(params.code), params.file_url); | 217 WebScriptSource source(WebString::fromUTF8(params.code), params.file_url); |
207 v8::HandleScope scope(v8::Isolate::GetCurrent()); | 218 v8::HandleScope scope(v8::Isolate::GetCurrent()); |
208 | 219 |
209 scoped_ptr<content::V8ValueConverter> v8_converter( | 220 scoped_ptr<content::V8ValueConverter> v8_converter( |
210 content::V8ValueConverter::create()); | 221 content::V8ValueConverter::create()); |
211 v8::Local<v8::Value> script_value; | 222 v8::Local<v8::Value> script_value; |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
264 | 275 |
265 for (WebFrame* child_frame = parent_frame->firstChild(); child_frame; | 276 for (WebFrame* child_frame = parent_frame->firstChild(); child_frame; |
266 child_frame = child_frame->nextSibling()) { | 277 child_frame = child_frame->nextSibling()) { |
267 frames_vector->push_back(child_frame); | 278 frames_vector->push_back(child_frame); |
268 GetAllChildFrames(child_frame, frames_vector); | 279 GetAllChildFrames(child_frame, frames_vector); |
269 } | 280 } |
270 return true; | 281 return true; |
271 } | 282 } |
272 | 283 |
273 } // namespace extensions | 284 } // namespace extensions |
OLD | NEW |