| Index: extensions/browser/api/web_request/web_request_permissions.cc
|
| diff --git a/extensions/browser/api/web_request/web_request_permissions.cc b/extensions/browser/api/web_request/web_request_permissions.cc
|
| index 22dcaf582f89eee5d2629f3889fec8cac4ffa25d..033a0f111dce5d74d1d2697f39fe79117ed0b16d 100644
|
| --- a/extensions/browser/api/web_request/web_request_permissions.cc
|
| +++ b/extensions/browser/api/web_request/web_request_permissions.cc
|
| @@ -7,6 +7,8 @@
|
| #include "base/strings/string_piece.h"
|
| #include "base/strings/string_util.h"
|
| #include "base/strings/stringprintf.h"
|
| +#include "chromeos/login/login_state.h"
|
| +#include "content/public/browser/child_process_security_policy.h"
|
| #include "content/public/browser/resource_request_info.h"
|
| #include "extensions/browser/extension_navigation_ui_data.h"
|
| #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h"
|
| @@ -45,11 +47,14 @@ bool g_allow_all_extension_locations_in_public_session = false;
|
| // Returns true if the URL is sensitive and requests to this URL must not be
|
| // modified/canceled by extensions, e.g. because it is targeted to the webstore
|
| // to check for updates, extension blacklisting, etc.
|
| -bool IsSensitiveURL(const GURL& url) {
|
| +bool IsSensitiveURL(const GURL& url,
|
| + bool is_request_from_browser_or_webui_renderer) {
|
| // TODO(battre) Merge this, CanExtensionAccessURL and
|
| // PermissionsData::CanAccessPage into one function.
|
| bool sensitive_chrome_url = false;
|
| - const base::StringPiece& host = url.host_piece();
|
| + base::StringPiece host = url.host_piece();
|
| + while (host.ends_with("."))
|
| + host.remove_suffix(1u);
|
| const char kGoogleCom[] = "google.com";
|
| const char kClient[] = "clients";
|
| if (url.DomainIs(kGoogleCom)) {
|
| @@ -57,23 +62,34 @@ bool IsSensitiveURL(const GURL& url) {
|
| // This protects requests to several internal services such as sync,
|
| // extension update pings, captive portal detection, fraudulent certificate
|
| // reporting, autofill and others.
|
| - if (base::StartsWith(host, kClient, base::CompareCase::SENSITIVE)) {
|
| - bool match = true;
|
| - for (base::StringPiece::const_iterator
|
| - i = host.begin() + strlen(kClient),
|
| - end = host.end() - (strlen(kGoogleCom) + 1);
|
| - i != end; ++i) {
|
| - if (!isdigit(*i)) {
|
| + //
|
| + // These URLs are only protected for requests from the browser and webui
|
| + // renderers, not for requests from common renderers, because
|
| + // clients*.google.com are also used by websites.
|
| + if (is_request_from_browser_or_webui_renderer) {
|
| + base::StringPiece::size_type pos = host.rfind(kClient);
|
| + if (pos != base::StringPiece::npos) {
|
| + bool match = true;
|
| + if (pos > 0 && host[pos - 1] != '.') {
|
| match = false;
|
| - break;
|
| + } else {
|
| + for (base::StringPiece::const_iterator
|
| + i = host.begin() + pos + strlen(kClient),
|
| + end = host.end() - (strlen(kGoogleCom) + 1);
|
| + i != end; ++i) {
|
| + if (!isdigit(*i)) {
|
| + match = false;
|
| + break;
|
| + }
|
| + }
|
| }
|
| + sensitive_chrome_url = sensitive_chrome_url || match;
|
| }
|
| - sensitive_chrome_url = sensitive_chrome_url || match;
|
| }
|
| - // This protects requests to safe browsing, link doctor, and possibly
|
| - // others.
|
| +
|
| + // Safebrowsing and Chrome Webstore URLs are always protected, i.e. also
|
| + // for requests from common renderers.
|
| sensitive_chrome_url = sensitive_chrome_url ||
|
| - url.DomainIs("clients.google.com") ||
|
| url.DomainIs("sb-ssl.google.com") ||
|
| (url.DomainIs("chrome.google.com") &&
|
| base::StartsWith(url.path_piece(), "/webstore",
|
| @@ -88,8 +104,13 @@ bool WebRequestPermissions::HideRequest(
|
| const extensions::InfoMap* extension_info_map,
|
| const net::URLRequest* request,
|
| extensions::ExtensionNavigationUIData* navigation_ui_data) {
|
| - // Hide requests from the Chrome WebStore App or signin process.
|
| + // Hide requests from the Chrome WebStore App, signin process and WebUI.
|
| const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request);
|
| +
|
| + // Requests from the browser and webui get special protection for
|
| + // clients*.google.com URLs.
|
| + bool is_request_from_browser = true;
|
| + bool is_request_from_webui_renderer = false;
|
| if (info) {
|
| int process_id = info->GetChildID();
|
| // Never hide requests from guest processes.
|
| @@ -103,10 +124,17 @@ bool WebRequestPermissions::HideRequest(
|
| process_id)) {
|
| return true;
|
| }
|
| +
|
| + is_request_from_browser = false;
|
| + is_request_from_webui_renderer =
|
| + content::ChildProcessSecurityPolicy::GetInstance()->HasWebUIBindings(
|
| + process_id);
|
| }
|
|
|
| const GURL& url = request->url();
|
| - return IsSensitiveURL(url) || !HasWebRequestScheme(url);
|
| + return IsSensitiveURL(
|
| + url, is_request_from_browser || is_request_from_webui_renderer) ||
|
| + !HasWebRequestScheme(url);
|
| }
|
|
|
| // static
|
|
|
Chromium Code Reviews
Issue 2845943003:
Limit protection of clients[0-9]*.google.com to requests from browser. (Closed)
