extensions/browser/extension_web_contents_observer.cc - Issue 2399853003: [M54 merge] Lock down creation of blob:chrome-extension URLs from non-extension processes.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: extensions/browser/extension_web_contents_observer.cc

Issue 2399853003: [M54 merge] Lock down creation of blob:chrome-extension URLs from non-extension processes. (Closed)

Patch Set: Rebase Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: extensions/browser/extension_web_contents_observer.cc

diff --git a/extensions/browser/extension_web_contents_observer.cc b/extensions/browser/extension_web_contents_observer.cc

index 52b9041a5ebdc170298bce4c76ea9938a7fad845..6f065256712a5bac065cde5100c4f81c3b96ea8a 100644

--- a/extensions/browser/extension_web_contents_observer.cc

+++ b/extensions/browser/extension_web_contents_observer.cc

@@ -63,6 +63,15 @@ void ExtensionWebContentsObserver::InitializeRenderFrame(

if (!frame_extension)

return;

+ // |render_frame_host->GetProcess()| is an extension process. Grant permission

+ // to commit pages from chrome-extension:// origins.

+ content::ChildProcessSecurityPolicy* security_policy =

+ content::ChildProcessSecurityPolicy::GetInstance();

+ int process_id = render_frame_host->GetProcess()->GetID();

+ security_policy->GrantScheme(process_id, extensions::kExtensionScheme);

+ security_policy->GrantScheme(process_id,

+ extensions::kExtensionResourceScheme);

// Notify the render frame of the view type.

render_frame_host->Send(new ExtensionMsg_NotifyRenderViewType(

render_frame_host->GetRoutingID(), GetViewType(web_contents())));