Chromium Code Reviews Chromium Code Reviews
Issue 2401443002:
Fix nested URL blocking needs with PlzNavigate. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/chrome_extensions_network_delegate.h" | 5 #include "chrome/browser/net/chrome_extensions_network_delegate.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "net/base/net_errors.h" | 10 #include "net/base/net_errors.h" |
| 11 | 11 |
| 12 #if defined(ENABLE_EXTENSIONS) | 12 #if defined(ENABLE_EXTENSIONS) |
| 13 #include "chrome/browser/browser_process.h" | 13 #include "chrome/browser/browser_process.h" |
| 14 #include "chrome/browser/extensions/api/proxy/proxy_api.h" | 14 #include "chrome/browser/extensions/api/proxy/proxy_api.h" |
| 15 #include "chrome/browser/extensions/event_router_forwarder.h" | 15 #include "chrome/browser/extensions/event_router_forwarder.h" |
| 16 #include "chrome/browser/profiles/profile_manager.h" | 16 #include "chrome/browser/profiles/profile_manager.h" |
| 17 #include "chrome/browser/renderer_host/chrome_navigation_ui_data.h" | 17 #include "chrome/browser/renderer_host/chrome_navigation_ui_data.h" |
| 18 #include "content/public/browser/browser_thread.h" | 18 #include "content/public/browser/browser_thread.h" |
| 19 #include "content/public/browser/render_frame_host.h" | 19 #include "content/public/browser/render_frame_host.h" |
| 20 #include "content/public/browser/resource_request_info.h" | 20 #include "content/public/browser/resource_request_info.h" |
| 21 #include "extensions/browser/api/web_request/web_request_api.h" | 21 #include "extensions/browser/api/web_request/web_request_api.h" |
| 22 #include "extensions/browser/extension_navigation_ui_data.h" | 22 #include "extensions/browser/extension_navigation_ui_data.h" |
| 23 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h" | |
| 23 #include "extensions/browser/info_map.h" | 24 #include "extensions/browser/info_map.h" |
| 24 #include "extensions/browser/process_manager.h" | 25 #include "extensions/browser/process_manager.h" |
| 25 #include "extensions/common/constants.h" | 26 #include "extensions/common/constants.h" |
| 26 #include "extensions/common/permissions/api_permission.h" | 27 #include "extensions/common/permissions/api_permission.h" |
| 27 #include "net/url_request/url_request.h" | 28 #include "net/url_request/url_request.h" |
| 28 | 29 |
| 29 using content::BrowserThread; | 30 using content::BrowserThread; |
| 30 using content::ResourceRequestInfo; | 31 using content::ResourceRequestInfo; |
| 31 using extensions::ExtensionWebRequestEventRouter; | 32 using extensions::ExtensionWebRequestEventRouter; |
| 32 | 33 |
| (...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 178 GURL* new_url) { | 179 GURL* new_url) { |
| 179 const content::ResourceRequestInfo* info = | 180 const content::ResourceRequestInfo* info = |
| 180 content::ResourceRequestInfo::ForRequest(request); | 181 content::ResourceRequestInfo::ForRequest(request); |
| 181 GURL url(request->url()); | 182 GURL url(request->url()); |
| 182 | 183 |
| 183 // Block top-level navigations to blob: or filesystem: URLs with extension | 184 // Block top-level navigations to blob: or filesystem: URLs with extension |
| 184 // origin from non-extension processes. See https://crbug.com/645028. | 185 // origin from non-extension processes. See https://crbug.com/645028. |
| 185 bool is_nested_url = url.SchemeIsFileSystem() || url.SchemeIsBlob(); | 186 bool is_nested_url = url.SchemeIsFileSystem() || url.SchemeIsBlob(); |
| 186 bool is_navigation = | 187 bool is_navigation = |
| 187 info && content::IsResourceTypeFrame(info->GetResourceType()); | 188 info && content::IsResourceTypeFrame(info->GetResourceType()); |
| 189 extensions::ExtensionNavigationUIData* extension_data = | |
| 190 GetExtensionNavigationUIData(request); | |
| 191 | |
| 188 url::Origin origin(url); | 192 url::Origin origin(url); |
| 189 if (is_nested_url && is_navigation && info->IsMainFrame() && | 193 if (is_nested_url && is_navigation && info->IsMainFrame() && |
| 190 origin.scheme() == extensions::kExtensionScheme && | 194 origin.scheme() == extensions::kExtensionScheme && |
| 191 !extension_info_map_->process_map().Contains(info->GetChildID())) { | 195 !extension_info_map_->process_map().Contains(info->GetChildID())) { |
| 192 // Relax this restriction for apps that use <webview>. See | 196 // Relax this restriction for apps that use <webview>. See |
| 193 // https://crbug.com/652077. | 197 // https://crbug.com/652077. |
|
alexmos
2016/10/06 22:37:28
nit: maybe expand this comment to mention the new
| |
| 194 const extensions::Extension* extension = | 198 const extensions::Extension* extension = |
| 195 extension_info_map_->extensions().GetByID(origin.host()); | 199 extension_info_map_->extensions().GetByID(origin.host()); |
| 196 bool has_webview_permission = | 200 bool has_webview_permission = |
| 197 extension && | 201 extension && |
| 198 extension->permissions_data()->HasAPIPermission( | 202 extension->permissions_data()->HasAPIPermission( |
| 199 extensions::APIPermission::kWebView); | 203 extensions::APIPermission::kWebView); |
| 200 if (!has_webview_permission) | 204 if (!has_webview_permission && |
| 205 (extension_data ? !extension_data->from_extension() : true)) { | |
| 201 return net::ERR_ABORTED; | 206 return net::ERR_ABORTED; |
| 207 } | |
| 202 } | 208 } |
| 203 | 209 |
| 204 return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRequest( | 210 return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRequest( |
| 205 profile_, extension_info_map_.get(), | 211 profile_, extension_info_map_.get(), extension_data, request, callback, |
| 206 GetExtensionNavigationUIData(request), request, callback, new_url); | 212 new_url); |
| 207 } | 213 } |
| 208 | 214 |
| 209 int ChromeExtensionsNetworkDelegateImpl::OnBeforeStartTransaction( | 215 int ChromeExtensionsNetworkDelegateImpl::OnBeforeStartTransaction( |
| 210 net::URLRequest* request, | 216 net::URLRequest* request, |
| 211 const net::CompletionCallback& callback, | 217 const net::CompletionCallback& callback, |
| 212 net::HttpRequestHeaders* headers) { | 218 net::HttpRequestHeaders* headers) { |
| 213 return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeSendHeaders( | 219 return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeSendHeaders( |
| 214 profile_, extension_info_map_.get(), | 220 profile_, extension_info_map_.get(), |
| 215 GetExtensionNavigationUIData(request), request, callback, headers); | 221 GetExtensionNavigationUIData(request), request, callback, headers); |
| 216 } | 222 } |
| (...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 395 } | 401 } |
| 396 | 402 |
| 397 net::NetworkDelegate::AuthRequiredResponse | 403 net::NetworkDelegate::AuthRequiredResponse |
| 398 ChromeExtensionsNetworkDelegate::OnAuthRequired( | 404 ChromeExtensionsNetworkDelegate::OnAuthRequired( |
| 399 net::URLRequest* request, | 405 net::URLRequest* request, |
| 400 const net::AuthChallengeInfo& auth_info, | 406 const net::AuthChallengeInfo& auth_info, |
| 401 const AuthCallback& callback, | 407 const AuthCallback& callback, |
| 402 net::AuthCredentials* credentials) { | 408 net::AuthCredentials* credentials) { |
| 403 return net::NetworkDelegate::AUTH_REQUIRED_RESPONSE_NO_ACTION; | 409 return net::NetworkDelegate::AUTH_REQUIRED_RESPONSE_NO_ACTION; |
| 404 } | 410 } |
| OLD | NEW |
