Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: extensions/browser/api/web_request/web_request_permissions.cc

Issue 2489233003: [extensions] Remove unnecessary checks in IsSensitiveURL (Closed)
Patch Set: Fix up code and write unit tests Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « extensions/browser/api/web_request/web_request_permissions.h ('k') | extensions/browser/api/web_request/web_request_permissions_unittest.cc » ('j') | extensions/test/test_extensions_client.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: extensions/browser/api/web_request/web_request_permissions.cc
diff --git a/extensions/browser/api/web_request/web_request_permissions.cc b/extensions/browser/api/web_request/web_request_permissions.cc
index c4ac79580cec811af010da24ee14d79d50018e26..ae0b97995acc68a495ab1fb8e0548ba453dee426 100644
--- a/extensions/browser/api/web_request/web_request_permissions.cc
+++ b/extensions/browser/api/web_request/web_request_permissions.cc
@@ -4,6 +4,7 @@
#include "extensions/browser/api/web_request/web_request_permissions.h"
+#include "base/strings/string_piece.h"
#include "base/strings/string_util.h"
#include "base/strings/stringprintf.h"
#include "content/public/browser/resource_request_info.h"
@@ -23,6 +24,19 @@ using extensions::PermissionsData;
namespace {
+// Returns true if the scheme is one we want to allow extensions to have access
+// to. Extensions still need specific permissions for a given URL, which is
+// covered by CanExtensionAccessURL.
+bool HasWebRequestScheme(const GURL& url) {
+ return (url.SchemeIs(url::kAboutScheme) || url.SchemeIs(url::kFileScheme) ||
+ url.SchemeIs(url::kFileSystemScheme) ||
+ url.SchemeIs(url::kFtpScheme) || url.SchemeIs(url::kHttpScheme) ||
+ url.SchemeIs(url::kHttpsScheme) ||
+ url.SchemeIs(extensions::kExtensionScheme));
+}
+
+} // namespace
+
// Returns true if the URL is sensitive and requests to this URL must not be
// modified/canceled by extensions, e.g. because it is targeted to the webstore
// to check for updates, extension blacklisting, etc.
@@ -30,18 +44,20 @@ bool IsSensitiveURL(const GURL& url) {
// TODO(battre) Merge this, CanExtensionAccessURL and
// PermissionsData::CanAccessPage into one function.
bool sensitive_chrome_url = false;
- const std::string host = url.host();
- const char kGoogleCom[] = ".google.com";
+ const base::StringPiece& host = url.host_piece();
+ const char kGoogleCom[] = "google.com";
const char kClient[] = "clients";
- if (base::EndsWith(host, kGoogleCom, base::CompareCase::SENSITIVE)) {
+ if (url.DomainIs(kGoogleCom)) {
// Check for "clients[0-9]*.google.com" hosts.
// This protects requests to several internal services such as sync,
// extension update pings, captive portal detection, fraudulent certificate
// reporting, autofill and others.
if (base::StartsWith(host, kClient, base::CompareCase::SENSITIVE)) {
bool match = true;
- for (std::string::const_iterator i = host.begin() + strlen(kClient),
- end = host.end() - strlen(kGoogleCom); i != end; ++i) {
+ for (base::StringPiece::const_iterator
+ i = host.begin() + strlen(kClient),
+ end = host.end() - (strlen(kGoogleCom) + 1);
+ i != end; ++i) {
if (!isdigit(*i)) {
match = false;
break;
@@ -51,37 +67,17 @@ bool IsSensitiveURL(const GURL& url) {
}
// This protects requests to safe browsing, link doctor, and possibly
// others.
- sensitive_chrome_url =
- sensitive_chrome_url ||
- base::EndsWith(url.host(), ".clients.google.com",
- base::CompareCase::SENSITIVE) ||
- url.host() == "sb-ssl.google.com" ||
- (url.host() == "chrome.google.com" &&
- base::StartsWith(url.path(), "/webstore",
- base::CompareCase::SENSITIVE));
+ sensitive_chrome_url = sensitive_chrome_url ||
+ url.DomainIs("clients.google.com") ||
+ url.host_piece() == "sb-ssl.google.com" ||
Devlin 2016/11/10 22:26:39 hmm... maybe also just DomainIs() for these. It w
Charlie Harrison 2016/11/10 22:35:36 SGTM. Done.
+ (url.host_piece() == "chrome.google.com" &&
+ base::StartsWith(url.path_piece(), "/webstore",
+ base::CompareCase::SENSITIVE));
}
- GURL::Replacements replacements;
- replacements.ClearQuery();
- replacements.ClearRef();
- GURL url_without_query = url.ReplaceComponents(replacements);
- return sensitive_chrome_url ||
- extension_urls::IsWebstoreUpdateUrl(url_without_query) ||
- extension_urls::IsBlacklistUpdateUrl(url);
+ return sensitive_chrome_url || extension_urls::IsWebstoreUpdateUrl(url) ||
+ extension_urls::IsBlacklistUpdateUrl(url);
}
-// Returns true if the scheme is one we want to allow extensions to have access
-// to. Extensions still need specific permissions for a given URL, which is
-// covered by CanExtensionAccessURL.
-bool HasWebRequestScheme(const GURL& url) {
- return (url.SchemeIs(url::kAboutScheme) || url.SchemeIs(url::kFileScheme) ||
- url.SchemeIs(url::kFileSystemScheme) ||
- url.SchemeIs(url::kFtpScheme) || url.SchemeIs(url::kHttpScheme) ||
- url.SchemeIs(url::kHttpsScheme) ||
- url.SchemeIs(extensions::kExtensionScheme));
-}
-
-} // namespace
-
// static
bool WebRequestPermissions::HideRequest(
const extensions::InfoMap* extension_info_map,
« no previous file with comments | « extensions/browser/api/web_request/web_request_permissions.h ('k') | extensions/browser/api/web_request/web_request_permissions_unittest.cc » ('j') | extensions/test/test_extensions_client.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698