Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(17)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/renderer/script_context.cc

Issue 226663003: Allow content script insertion on about:-URLs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Move GetEffectiveDocumentURL to ScriptContext Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/renderer/script_context.h ('k') | extensions/renderer/script_context_browsertest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/renderer/script_context.h" 5 #include "extensions/renderer/script_context.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/memory/scoped_ptr.h" 8 #include "base/memory/scoped_ptr.h"
9 #include "base/strings/string_split.h" 9 #include "base/strings/string_split.h"
10 #include "base/values.h" 10 #include "base/values.h"
11 #include "content/public/common/url_constants.h"
11 #include "content/public/renderer/render_view.h" 12 #include "content/public/renderer/render_view.h"
12 #include "content/public/renderer/v8_value_converter.h" 13 #include "content/public/renderer/v8_value_converter.h"
13 #include "extensions/common/extension.h" 14 #include "extensions/common/extension.h"
14 #include "extensions/common/extension_api.h" 15 #include "extensions/common/extension_api.h"
15 #include "extensions/common/extension_urls.h" 16 #include "extensions/common/extension_urls.h"
16 #include "extensions/common/features/base_feature_provider.h" 17 #include "extensions/common/features/base_feature_provider.h"
17 #include "third_party/WebKit/public/web/WebDataSource.h" 18 #include "third_party/WebKit/public/web/WebDataSource.h"
19 #include "third_party/WebKit/public/web/WebDocument.h"
18 #include "third_party/WebKit/public/web/WebFrame.h" 20 #include "third_party/WebKit/public/web/WebFrame.h"
19 #include "third_party/WebKit/public/web/WebScopedMicrotaskSuppression.h" 21 #include "third_party/WebKit/public/web/WebScopedMicrotaskSuppression.h"
22 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
20 #include "third_party/WebKit/public/web/WebView.h" 23 #include "third_party/WebKit/public/web/WebView.h"
21 #include "v8/include/v8.h" 24 #include "v8/include/v8.h"
22 25
23 using content::V8ValueConverter; 26 using content::V8ValueConverter;
24 27
25 namespace extensions { 28 namespace extensions {
26 29
27 ScriptContext::ScriptContext(const v8::Handle<v8::Context>& v8_context, 30 ScriptContext::ScriptContext(const v8::Handle<v8::Context>& v8_context,
28 blink::WebFrame* web_frame, 31 blink::WebFrame* web_frame,
29 const Extension* extension, 32 const Extension* extension,
(...skipping 125 matching lines...) Expand 10 before | Expand all | Expand 10 after
155 // changes to match the parent document after Gmail document.writes into 158 // changes to match the parent document after Gmail document.writes into
156 // it to create the editor. 159 // it to create the editor.
157 // http://code.google.com/p/chromium/issues/detail?id=86742 160 // http://code.google.com/p/chromium/issues/detail?id=86742
158 blink::WebDataSource* data_source = frame->provisionalDataSource() 161 blink::WebDataSource* data_source = frame->provisionalDataSource()
159 ? frame->provisionalDataSource() 162 ? frame->provisionalDataSource()
160 : frame->dataSource(); 163 : frame->dataSource();
161 CHECK(data_source); 164 CHECK(data_source);
162 return GURL(data_source->request().url()); 165 return GURL(data_source->request().url());
163 } 166 }
164 167
168 // static
169 GURL ScriptContext::GetEffectiveDocumentURL(const blink::WebFrame* frame,
170 const GURL& document_url,
171 bool match_about_blank) {
172 // Common scenario. If |match_about_blank| is false (as is the case in most
173 // extensions), or if the frame is not an about:-page, just return
174 // |document_url| (supposedly the URL of the frame).
175 if (!match_about_blank || !document_url.SchemeIs(content::kAboutScheme))
176 return document_url;
177
178 // Non-sandboxed about:blank and about:srcdoc pages inherit their security
179 // origin from their parent frame/window. So, traverse the frame/window
180 // hierarchy to find the closest non-about:-page and return its URL.
181 const blink::WebFrame* parent = frame;
182 do {
183 parent = parent->parent() ? parent->parent() : parent->opener();
184 } while (parent != NULL &&
185 GURL(parent->document().url()).SchemeIs(content::kAboutScheme));
186
187 if (parent) {
188 // Only return the parent URL if the frame can access it.
189 const blink::WebDocument& parent_document = parent->document();
190 if (frame->document().securityOrigin().canAccess(
191 parent_document.securityOrigin()))
192 return parent_document.url();
193 }
194 return document_url;
195 }
196
165 ScriptContext* ScriptContext::GetContext() { return this; } 197 ScriptContext* ScriptContext::GetContext() { return this; }
166 198
167 void ScriptContext::OnResponseReceived(const std::string& name, 199 void ScriptContext::OnResponseReceived(const std::string& name,
168 int request_id, 200 int request_id,
169 bool success, 201 bool success,
170 const base::ListValue& response, 202 const base::ListValue& response,
171 const std::string& error) { 203 const std::string& error) {
172 v8::HandleScope handle_scope(isolate()); 204 v8::HandleScope handle_scope(isolate());
173 205
174 scoped_ptr<V8ValueConverter> converter(V8ValueConverter::create()); 206 scoped_ptr<V8ValueConverter> converter(V8ValueConverter::create());
175 v8::Handle<v8::Value> argv[] = { 207 v8::Handle<v8::Value> argv[] = {
176 v8::Integer::New(isolate(), request_id), 208 v8::Integer::New(isolate(), request_id),
177 v8::String::NewFromUtf8(isolate(), name.c_str()), 209 v8::String::NewFromUtf8(isolate(), name.c_str()),
178 v8::Boolean::New(isolate(), success), 210 v8::Boolean::New(isolate(), success),
179 converter->ToV8Value(&response, v8_context_.NewHandle(isolate())), 211 converter->ToV8Value(&response, v8_context_.NewHandle(isolate())),
180 v8::String::NewFromUtf8(isolate(), error.c_str())}; 212 v8::String::NewFromUtf8(isolate(), error.c_str())};
181 213
182 v8::Handle<v8::Value> retval = module_system()->CallModuleMethod( 214 v8::Handle<v8::Value> retval = module_system()->CallModuleMethod(
183 "sendRequest", "handleResponse", arraysize(argv), argv); 215 "sendRequest", "handleResponse", arraysize(argv), argv);
184 216
185 // In debug, the js will validate the callback parameters and return a 217 // In debug, the js will validate the callback parameters and return a
186 // string if a validation error has occured. 218 // string if a validation error has occured.
187 DCHECK(retval.IsEmpty() || retval->IsUndefined()) 219 DCHECK(retval.IsEmpty() || retval->IsUndefined())
188 << *v8::String::Utf8Value(retval); 220 << *v8::String::Utf8Value(retval);
189 } 221 }
190 222
191 } // namespace extensions 223 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/renderer/script_context.h ('k') | extensions/renderer/script_context_browsertest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698