Index: extensions/common/manifest_handlers/sandboxed_page_info.cc |
diff --git a/extensions/common/manifest_handlers/sandboxed_page_info.cc b/extensions/common/manifest_handlers/sandboxed_page_info.cc |
index d3c82d5fdc12bb7301e9e6ea4c4dc626e4303e41..c8ad586b8ec130e53a8b57fb879f8b8a7ea82a99 100644 |
--- a/extensions/common/manifest_handlers/sandboxed_page_info.cc |
+++ b/extensions/common/manifest_handlers/sandboxed_page_info.cc |
@@ -25,7 +25,8 @@ namespace keys = extensions::manifest_keys; |
namespace errors = manifest_errors; |
const char kDefaultSandboxedPageContentSecurityPolicy[] = |
- "sandbox allow-scripts allow-forms allow-popups allow-modals"; |
+ "sandbox allow-scripts allow-forms allow-popups allow-modals; " |
+ "script-src 'self' 'unsafe-inline' 'unsafe-eval'; child-src 'self';"; |
static base::LazyInstance<SandboxedPageInfo> g_empty_sandboxed_info = |
LAZY_INSTANCE_INITIALIZER; |
@@ -93,26 +94,31 @@ bool SandboxedPageHandler::Parse(Extension* extension, base::string16* error) { |
} |
if (extension->manifest()->HasPath(keys::kSandboxedPagesCSP)) { |
- if (!extension->manifest()->GetString( |
- keys::kSandboxedPagesCSP, |
- &sandboxed_info->content_security_policy)) { |
+ std::string content_security_policy; |
+ if (!extension->manifest()->GetString(keys::kSandboxedPagesCSP, |
+ &content_security_policy)) { |
*error = base::ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); |
return false; |
} |
- if (!csp_validator::ContentSecurityPolicyIsLegal( |
- sandboxed_info->content_security_policy) || |
+ if (!csp_validator::ContentSecurityPolicyIsLegal(content_security_policy) || |
!csp_validator::ContentSecurityPolicyIsSandboxed( |
- sandboxed_info->content_security_policy, extension->GetType())) { |
+ content_security_policy, extension->GetType())) { |
*error = base::ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); |
return false; |
} |
+ |
+ std::vector<InstallWarning> warnings; |
+ sandboxed_info->content_security_policy = |
+ csp_validator::GetEffectiveSandoxedPageCSP(content_security_policy, |
+ &warnings); |
+ extension->AddInstallWarnings(warnings); |
} else { |
sandboxed_info->content_security_policy = |
kDefaultSandboxedPageContentSecurityPolicy; |
- CHECK(csp_validator::ContentSecurityPolicyIsSandboxed( |
- sandboxed_info->content_security_policy, extension->GetType())); |
} |
+ CHECK(csp_validator::ContentSecurityPolicyIsSandboxed( |
+ sandboxed_info->content_security_policy, extension->GetType())); |
extension->SetManifestData(keys::kSandboxedPages, sandboxed_info.release()); |
return true; |