Enable file_handlers and chrome.app.runtime for QuickOffice.

extensions/common/features/simple_feature.cc

Index: extensions/common/features/simple_feature.cc
diff --git a/extensions/common/features/simple_feature.cc b/extensions/common/features/simple_feature.cc
index 8ef18f8ff64b4e62c1bf48c9096fd2c9f2ca40cc..b5187908d2b08e1638ae03113c5c3da90cc290fe 100644
--- a/extensions/common/features/simple_feature.cc
+++ b/extensions/common/features/simple_feature.cc
@@ -227,7 +227,8 @@ SimpleFeature::SimpleFeature()
     : location_(UNSPECIFIED_LOCATION),
       min_manifest_version_(0),
       max_manifest_version_(0),
-      has_parent_(false) {}
+      has_parent_(false),
+      component_extensions_auto_whitelisted_(true) {}
 
 SimpleFeature::~SimpleFeature() {}
 
@@ -237,6 +238,7 @@ void SimpleFeature::AddFilter(scoped_ptr<SimpleFeatureFilter> filter) {
 
 std::string SimpleFeature::Parse(const base::DictionaryValue* value) {
   ParseURLPatterns(value, "matches", &matches_);
+  ParseSet(value, "blacklist", &blacklist_);
   ParseSet(value, "whitelist", &whitelist_);
   ParseSet(value, "dependencies", &dependencies_);
   ParseEnumSet<Manifest::Type>(value, "extension_types", &extension_types_,
@@ -253,6 +255,10 @@ std::string SimpleFeature::Parse(const base::DictionaryValue* value) {
   no_parent_ = false;
   value->GetBoolean("noparent", &no_parent_);
 
+  component_extensions_auto_whitelisted_ = true;
+  value->GetBoolean("component_extensions_auto_whitelisted",
+                    &component_extensions_auto_whitelisted_);
+
   if (matches_.is_empty() && contexts_.count(WEB_PAGE_CONTEXT) != 0) {
     return name() + ": Allowing web_page contexts requires supplying a value " +
         "for matches.";
@@ -287,9 +293,12 @@ Feature::Availability SimpleFeature::IsAvailableToManifest(
     return CreateAvailability(INVALID_TYPE, type);
   }
 
-  // Component extensions can access any feature.
-  // TODO(kalman/asargent): Should this match EXTERNAL_COMPONENT too?
-  if (location == Manifest::COMPONENT)
+  if (IsIdInBlacklist(extension_id))
+    return CreateAvailability(FOUND_IN_BLACKLIST, type);
+
+  // TODO(benwells): don't auto whitelist all component extensions.
+  // See http://crbug.com/370375 for more details.

[not at google - send to devlin, 2014/05/06 23:04:03]

this is pretty hacky. I've been working on trying to cut out the component auto
whitelist again but it's tricky, so, let's just do this for now. It's not too
invasive.

+  if (component_extensions_auto_whitelisted_ && location == Manifest::COMPONENT)
     return CreateAvailability(IS_AVAILABLE, type);
 
   if (!whitelist_.empty()) {
@@ -308,6 +317,11 @@ Feature::Availability SimpleFeature::IsAvailableToManifest(
     }
   }
 
+  // Component extensions can access any feature.
+  // TODO(kalman/asargent): Should this match EXTERNAL_COMPONENT too?

[not at google - send to devlin, 2014/05/06 23:04:03]

hey could you change this TODO to be instead:

NOTE: Deliberately does not match EXTERNAL_COMPONENT.

+  if (location == Manifest::COMPONENT)
+    return CreateAvailability(IS_AVAILABLE, type);
+
   if (!MatchesManifestLocation(location))
     return CreateAvailability(INVALID_LOCATION, type);
 
@@ -375,6 +389,7 @@ std::string SimpleFeature::GetAvailabilityMessage(
     case IS_AVAILABLE:
       return std::string();
     case NOT_FOUND_IN_WHITELIST:
+    case FOUND_IN_BLACKLIST:
       return base::StringPrintf(
           "'%s' is not allowed for specified extension ID.",
           name().c_str());
@@ -466,13 +481,17 @@ bool SimpleFeature::IsInternal() const {
 
 bool SimpleFeature::IsBlockedInServiceWorker() const { return false; }
 
+bool SimpleFeature::IsIdInBlacklist(const std::string& extension_id) const {
+  return IsIdInList(extension_id, blacklist_);
+}
+
 bool SimpleFeature::IsIdInWhitelist(const std::string& extension_id) const {
-  return IsIdInWhitelist(extension_id, whitelist_);
+  return IsIdInList(extension_id, whitelist_);
 }
 
 // static
-bool SimpleFeature::IsIdInWhitelist(const std::string& extension_id,
-                                    const std::set<std::string>& whitelist) {
+bool SimpleFeature::IsIdInList(const std::string& extension_id,
+                               const std::set<std::string>& list) {
   // Belt-and-suspenders philosophy here. We should be pretty confident by this
   // point that we've validated the extension ID format, but in case something
   // slips through, we avoid a class of attack where creative ID manipulation
@@ -480,8 +499,8 @@ bool SimpleFeature::IsIdInWhitelist(const std::string& extension_id,
   if (extension_id.length() != 32)  // 128 bits / 4 = 32 mpdecimal characters
     return false;
 
-  if (whitelist.find(extension_id) != whitelist.end() ||
-      whitelist.find(HashExtensionId(extension_id)) != whitelist.end()) {
+  if (list.find(extension_id) != list.end() ||
+      list.find(HashExtensionId(extension_id)) != list.end()) {
     return true;
   }