extensions/browser/api/web_request/web_request_permissions.cc - Issue 2489233003: [extensions] Remove unnecessary checks in IsSensitiveURL

Side by Side Diff: extensions/browser/api/web_request/web_request_permissions.cc

Issue 2489233003: [extensions] Remove unnecessary checks in IsSensitiveURL (Closed)

Patch Set: Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "extensions/browser/api/web_request/web_request_permissions.h"	5 #include "extensions/browser/api/web_request/web_request_permissions.h"

6	6

7 #include "base/strings/string_util.h"	7 #include "base/strings/string_util.h"

8 #include "base/strings/stringprintf.h"	8 #include "base/strings/stringprintf.h"

9 #include "content/public/browser/resource_request_info.h"	9 #include "content/public/browser/resource_request_info.h"

10 #include "extensions/browser/extension_navigation_ui_data.h"	10 #include "extensions/browser/extension_navigation_ui_data.h"

(...skipping 12 matching lines...) Expand all Loading...
23	23

24 namespace {	24 namespace {

25	25

26 // Returns true if the URL is sensitive and requests to this URL must not be	26 // Returns true if the URL is sensitive and requests to this URL must not be

27 // modified/canceled by extensions, e.g. because it is targeted to the webstore	27 // modified/canceled by extensions, e.g. because it is targeted to the webstore

28 // to check for updates, extension blacklisting, etc.	28 // to check for updates, extension blacklisting, etc.

29 bool IsSensitiveURL(const GURL& url) {	29 bool IsSensitiveURL(const GURL& url) {

30 // TODO(battre) Merge this, CanExtensionAccessURL and	30 // TODO(battre) Merge this, CanExtensionAccessURL and

31 // PermissionsData::CanAccessPage into one function.	31 // PermissionsData::CanAccessPage into one function.

32 bool sensitive_chrome_url = false;	32 bool sensitive_chrome_url = false;

33 const std::string host = url.host();	33 const std::string host = url.host();
	Devlin 2016/11/10 20:57:15 can this be a StringPiece? can this be a StringPiece?
34 const char kGoogleCom[] = ".google.com";	34 const char kGoogleCom[] = ".google.com";

35 const char kClient[] = "clients";	35 const char kClient[] = "clients";

36 if (base::EndsWith(host, kGoogleCom, base::CompareCase::SENSITIVE)) {	36 if (base::EndsWith(host, kGoogleCom, base::CompareCase::SENSITIVE)) {
	Devlin 2016/11/10 20:57:14 Can we use url.DomainIs(kGoogleCom)? I know it wo Can we use url.DomainIs(kGoogleCom)? I know it would work for DomainIs("google.com"), and I think it does for ".google.com", but it'd be worth double-checking. Charlie Harrison 2016/11/10 22:10:20 I think we should just make kGoogleCom = "google.c Show quoted text On 2016/11/10 20:57:14, Devlin (slow) wrote: > Can we use url.DomainIs(kGoogleCom)? I know it would work for > DomainIs("google.com"), and I think it does for ".google.com", but it'd be > worth double-checking. I think we should just make kGoogleCom = "google.com"
37 // Check for "clients[0-9]*.google.com" hosts.	37 // Check for "clients[0-9]*.google.com" hosts.

38 // This protects requests to several internal services such as sync,	38 // This protects requests to several internal services such as sync,

39 // extension update pings, captive portal detection, fraudulent certificate	39 // extension update pings, captive portal detection, fraudulent certificate

40 // reporting, autofill and others.	40 // reporting, autofill and others.

41 if (base::StartsWith(host, kClient, base::CompareCase::SENSITIVE)) {	41 if (base::StartsWith(host, kClient, base::CompareCase::SENSITIVE)) {

42 bool match = true;	42 bool match = true;

43 for (std::string::const_iterator i = host.begin() + strlen(kClient),	43 for (std::string::const_iterator i = host.begin() + strlen(kClient),

44 end = host.end() - strlen(kGoogleCom); i != end; ++i) {	44 end = host.end() - strlen(kGoogleCom); i != end; ++i) {

45 if (!isdigit(*i)) {	45 if (!isdigit(*i)) {

46 match = false;	46 match = false;

47 break;	47 break;

48 }	48 }

49 }	49 }

50 sensitive_chrome_url = sensitive_chrome_url \|\| match;	50 sensitive_chrome_url = sensitive_chrome_url \|\| match;

51 }	51 }

52 // This protects requests to safe browsing, link doctor, and possibly	52 // This protects requests to safe browsing, link doctor, and possibly

53 // others.	53 // others.

54 sensitive_chrome_url =	54 sensitive_chrome_url =

55 sensitive_chrome_url \|\|	55 sensitive_chrome_url \|\|

56 base::EndsWith(url.host(), ".clients.google.com",	56 base::EndsWith(url.host(), ".clients.google.com",
	Devlin 2016/11/10 20:57:15 ditto, DomainIs? ditto, DomainIs? Charlie Harrison 2016/11/10 22:10:20 Done. Show quoted text On 2016/11/10 20:57:15, Devlin (slow) wrote: > ditto, DomainIs? Done.
57 base::CompareCase::SENSITIVE) \|\|	57 base::CompareCase::SENSITIVE) \|\|

58 url.host() == "sb-ssl.google.com" \|\|	58 url.host() == "sb-ssl.google.com" \|\|
	Devlin 2016/11/10 20:57:15 host_piece() here and below host_piece() here and below Charlie Harrison 2016/11/10 22:10:20 Done. Show quoted text On 2016/11/10 20:57:15, Devlin (slow) wrote: > host_piece() here and below Done.
59 (url.host() == "chrome.google.com" &&	59 (url.host() == "chrome.google.com" &&

60 base::StartsWith(url.path(), "/webstore",	60 base::StartsWith(url.path(), "/webstore",

61 base::CompareCase::SENSITIVE));	61 base::CompareCase::SENSITIVE));

62 }	62 }

63 GURL::Replacements replacements;	63 return sensitive_chrome_url \|\| extension_urls::IsWebstoreUpdateUrl(url) \|\|

64 replacements.ClearQuery();	64 extension_urls::IsBlacklistUpdateUrl(url);

65 replacements.ClearRef();

66 GURL url_without_query = url.ReplaceComponents(replacements);

67 return sensitive_chrome_url \|\|

68 extension_urls::IsWebstoreUpdateUrl(url_without_query) \|\|

69 extension_urls::IsBlacklistUpdateUrl(url);

70 }	65 }

71	66

72 // Returns true if the scheme is one we want to allow extensions to have access	67 // Returns true if the scheme is one we want to allow extensions to have access

73 // to. Extensions still need specific permissions for a given URL, which is	68 // to. Extensions still need specific permissions for a given URL, which is

74 // covered by CanExtensionAccessURL.	69 // covered by CanExtensionAccessURL.

75 bool HasWebRequestScheme(const GURL& url) {	70 bool HasWebRequestScheme(const GURL& url) {

76 return (url.SchemeIs(url::kAboutScheme) \|\| url.SchemeIs(url::kFileScheme) \|\|	71 return (url.SchemeIs(url::kAboutScheme) \|\| url.SchemeIs(url::kFileScheme) \|\|

77 url.SchemeIs(url::kFileSystemScheme) \|\|	72 url.SchemeIs(url::kFileSystemScheme) \|\|

78 url.SchemeIs(url::kFtpScheme) \|\| url.SchemeIs(url::kHttpScheme) \|\|	73 url.SchemeIs(url::kFtpScheme) \|\| url.SchemeIs(url::kHttpScheme) \|\|

79 url.SchemeIs(url::kHttpsScheme) \|\|	74 url.SchemeIs(url::kHttpsScheme) \|\|

(...skipping 67 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
147 break;	142 break;

148 case REQUIRE_ALL_URLS:	143 case REQUIRE_ALL_URLS:

149 if (extension->permissions_data()->HasEffectiveAccessToAllHosts())	144 if (extension->permissions_data()->HasEffectiveAccessToAllHosts())

150 access = PermissionsData::ACCESS_ALLOWED;	145 access = PermissionsData::ACCESS_ALLOWED;

151 // else ACCESS_DENIED	146 // else ACCESS_DENIED

152 break;	147 break;

153 }	148 }

154	149

155 return access;	150 return access;

156 }	151 }

OLD	NEW

« no previous file with comments | « no previous file | extensions/common/extension_urls.cc » ('j') | no next file with comments »