| Index: chrome/browser/extensions/active_script_controller.cc
|
| diff --git a/chrome/browser/extensions/active_script_controller.cc b/chrome/browser/extensions/active_script_controller.cc
|
| index c15d4781af29149a125a4c4603935b4460a314f3..39c7f353c73ff69563a969e5762040a366deb0fd 100644
|
| --- a/chrome/browser/extensions/active_script_controller.cc
|
| +++ b/chrome/browser/extensions/active_script_controller.cc
|
| @@ -210,9 +210,10 @@ void ActiveScriptController::RunPendingForExtension(
|
| LocationBarController::NotifyChange(web_contents());
|
| }
|
|
|
| -void ActiveScriptController::OnNotifyExtensionScriptExecution(
|
| +void ActiveScriptController::OnRequestContentScriptPermission(
|
| const std::string& extension_id,
|
| - int page_id) {
|
| + int page_id,
|
| + int request_id) {
|
| if (!Extension::IdIsValid(extension_id)) {
|
| NOTREACHED() << "'" << extension_id << "' is not a valid id.";
|
| return;
|
| @@ -226,18 +227,44 @@ void ActiveScriptController::OnNotifyExtensionScriptExecution(
|
| if (!extension)
|
| return;
|
|
|
| - // Right now, we allow all content scripts to execute, but notify the
|
| - // controller of them.
|
| - // TODO(rdevlin.cronin): Fix this in a future CL.
|
| - if (RequiresUserConsentForScriptInjection(extension))
|
| - RequestScriptInjection(extension, page_id, base::Bind(&base::DoNothing));
|
| + // If the request id is -1, that signals that the content script has already
|
| + // ran (because this feature is not enabled). Add the extension to the list of
|
| + // permitted extensions (for metrics), and return immediately.
|
| + if (request_id == -1) {
|
| + DCHECK(!enabled_);
|
| + permitted_extensions_.insert(extension->id());
|
| + return;
|
| + }
|
| +
|
| + if (RequiresUserConsentForScriptInjection(extension)) {
|
| + // This base::Unretained() is safe, because the callback is only invoked by
|
| + // this object.
|
| + RequestScriptInjection(
|
| + extension,
|
| + page_id,
|
| + base::Bind(&ActiveScriptController::GrantContentScriptPermission,
|
| + base::Unretained(this),
|
| + request_id));
|
| + } else {
|
| + GrantContentScriptPermission(request_id);
|
| + }
|
| +}
|
| +
|
| +void ActiveScriptController::GrantContentScriptPermission(int request_id) {
|
| + content::RenderViewHost* render_view_host =
|
| + web_contents()->GetRenderViewHost();
|
| + if (render_view_host) {
|
| + render_view_host->Send(new ExtensionMsg_GrantContentScriptPermission(
|
| + render_view_host->GetRoutingID(),
|
| + request_id));
|
| + }
|
| }
|
|
|
| bool ActiveScriptController::OnMessageReceived(const IPC::Message& message) {
|
| bool handled = true;
|
| IPC_BEGIN_MESSAGE_MAP(ActiveScriptController, message)
|
| - IPC_MESSAGE_HANDLER(ExtensionHostMsg_NotifyExtensionScriptExecution,
|
| - OnNotifyExtensionScriptExecution)
|
| + IPC_MESSAGE_HANDLER(ExtensionHostMsg_RequestContentScriptPermission,
|
| + OnRequestContentScriptPermission)
|
| IPC_MESSAGE_UNHANDLED(handled = false)
|
| IPC_END_MESSAGE_MAP()
|
| return handled;
|
|
|
Chromium Code Reviews
Issue 288053002:
Block content scripts from executing until user grants permission (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src