Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(137)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/browser/extension_web_contents_observer.cc

Issue 2399853003: [M54 merge] Lock down creation of blob:chrome-extension URLs from non-extension processes. (Closed)
Patch Set: Rebase Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/shell/browser/shell_content_browser_client.cc ('k') | extensions/browser/guest_view/web_view/web_view_guest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/browser/extension_web_contents_observer.h" 5 #include "extensions/browser/extension_web_contents_observer.h"
6 6
7 #include "content/public/browser/child_process_security_policy.h" 7 #include "content/public/browser/child_process_security_policy.h"
8 #include "content/public/browser/navigation_details.h" 8 #include "content/public/browser/navigation_details.h"
9 #include "content/public/browser/render_frame_host.h" 9 #include "content/public/browser/render_frame_host.h"
10 #include "content/public/browser/render_process_host.h" 10 #include "content/public/browser/render_process_host.h"
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
56 // At the initialization of the render frame, the last committed URL is not 56 // At the initialization of the render frame, the last committed URL is not
57 // reliable, so do not take it into account in determining whether it is an 57 // reliable, so do not take it into account in determining whether it is an
58 // extension frame. 58 // extension frame.
59 const Extension* frame_extension = 59 const Extension* frame_extension =
60 GetExtensionFromFrame(render_frame_host, false); 60 GetExtensionFromFrame(render_frame_host, false);
61 // This observer is attached to every WebContents, so we are also notified of 61 // This observer is attached to every WebContents, so we are also notified of
62 // frames that are not in an extension process. 62 // frames that are not in an extension process.
63 if (!frame_extension) 63 if (!frame_extension)
64 return; 64 return;
65 65
66 // |render_frame_host->GetProcess()| is an extension process. Grant permission
67 // to commit pages from chrome-extension:// origins.
68 content::ChildProcessSecurityPolicy* security_policy =
69 content::ChildProcessSecurityPolicy::GetInstance();
70 int process_id = render_frame_host->GetProcess()->GetID();
71 security_policy->GrantScheme(process_id, extensions::kExtensionScheme);
72 security_policy->GrantScheme(process_id,
73 extensions::kExtensionResourceScheme);
74
66 // Notify the render frame of the view type. 75 // Notify the render frame of the view type.
67 render_frame_host->Send(new ExtensionMsg_NotifyRenderViewType( 76 render_frame_host->Send(new ExtensionMsg_NotifyRenderViewType(
68 render_frame_host->GetRoutingID(), GetViewType(web_contents()))); 77 render_frame_host->GetRoutingID(), GetViewType(web_contents())));
69 78
70 ExtensionsBrowserClient::Get()->RegisterMojoServices(render_frame_host, 79 ExtensionsBrowserClient::Get()->RegisterMojoServices(render_frame_host,
71 frame_extension); 80 frame_extension);
72 ProcessManager::Get(browser_context_) 81 ProcessManager::Get(browser_context_)
73 ->RegisterRenderFrameHost(web_contents(), render_frame_host, 82 ->RegisterRenderFrameHost(web_contents(), render_frame_host,
74 frame_extension); 83 frame_extension);
75 } 84 }
(...skipping 206 matching lines...) Expand 10 before | Expand all | Expand 10 after
282 // Since this is called for all existing RenderFrameHosts during the 291 // Since this is called for all existing RenderFrameHosts during the
283 // ExtensionWebContentsObserver's creation, it's possible that not all hosts 292 // ExtensionWebContentsObserver's creation, it's possible that not all hosts
284 // are ready. 293 // are ready.
285 // We only initialize the frame if the renderer counterpart is live; otherwise 294 // We only initialize the frame if the renderer counterpart is live; otherwise
286 // we wait for the RenderFrameCreated notification. 295 // we wait for the RenderFrameCreated notification.
287 if (render_frame_host->IsRenderFrameLive()) 296 if (render_frame_host->IsRenderFrameLive())
288 InitializeRenderFrame(render_frame_host); 297 InitializeRenderFrame(render_frame_host);
289 } 298 }
290 299
291 } // namespace extensions 300 } // namespace extensions
OLDNEW
« no previous file with comments | « content/shell/browser/shell_content_browser_client.cc ('k') | extensions/browser/guest_view/web_view/web_view_guest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698