| Index: extensions/common/permissions/permission_set.cc
|
| diff --git a/extensions/common/permissions/permission_set.cc b/extensions/common/permissions/permission_set.cc
|
| index b101e75ff696a860dc4c60b5c5c813f4cbb900b9..f60f8bfcd9139fe1cd0da1460e284c7fc25bc3ed 100644
|
| --- a/extensions/common/permissions/permission_set.cc
|
| +++ b/extensions/common/permissions/permission_set.cc
|
| @@ -8,12 +8,14 @@
|
| #include <iterator>
|
| #include <string>
|
|
|
| +#include "base/strings/stringprintf.h"
|
| #include "extensions/common/permissions/permissions_info.h"
|
| #include "extensions/common/url_pattern.h"
|
| #include "extensions/common/url_pattern_set.h"
|
| +#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
|
| #include "url/gurl.h"
|
|
|
| -using extensions::URLPatternSet;
|
| +namespace extensions {
|
|
|
| namespace {
|
|
|
| @@ -28,8 +30,6 @@ void AddPatternsAndRemovePaths(const URLPatternSet& set, URLPatternSet* out) {
|
|
|
| } // namespace
|
|
|
| -namespace extensions {
|
| -
|
| //
|
| // PermissionSet
|
| //
|
| @@ -230,6 +230,12 @@ bool PermissionSet::HasEffectiveAccessToAllHosts() const {
|
| return false;
|
| }
|
|
|
| +bool PermissionSet::HasAccessToMostHosts() const {
|
| + if (has_access_to_most_hosts_.get() == NULL)
|
| + InitHasAccessToMostHosts();
|
| + return *has_access_to_most_hosts_;
|
| +}
|
| +
|
| bool PermissionSet::HasEffectiveAccessToURL(const GURL& url) const {
|
| return effective_hosts().MatchesURL(url);
|
| }
|
| @@ -262,4 +268,48 @@ void PermissionSet::InitEffectiveHosts() {
|
| explicit_hosts(), scriptable_hosts(), &effective_hosts_);
|
| }
|
|
|
| +void PermissionSet::InitHasAccessToMostHosts() const {
|
| + if (HasEffectiveAccessToAllHosts()) {
|
| + has_access_to_most_hosts_.reset(new bool(true));
|
| + return;
|
| + }
|
| +
|
| + for (URLPatternSet::const_iterator iter = effective_hosts_.begin();
|
| + iter != effective_hosts_.end();
|
| + ++iter) {
|
| + // If this doesn't even match subdomains, it can't possibly imply all hosts.
|
| + if (!iter->match_subdomains())
|
| + continue;
|
| +
|
| + // If iter->host() is a recognized TLD, this will be 0. We don't include
|
| + // private TLDs, so that, e.g., *.appspot.com does not imply all hosts.
|
| + size_t registry_length =
|
| + net::registry_controlled_domains::GetRegistryLength(
|
| + iter->host(),
|
| + net::registry_controlled_domains::EXCLUDE_UNKNOWN_REGISTRIES,
|
| + net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES);
|
| + // If there was more than just a TLD in the host (e.g., *.foobar.com), it
|
| + // doesn't imply all hosts.
|
| + if (registry_length > 0)
|
| + continue;
|
| +
|
| + // At this point the host could either be just a TLD ("com") or some unknown
|
| + // TLD-like string ("notatld"). To disambiguate between them construct a
|
| + // fake URL, and check the registry. This returns 0 if the TLD is
|
| + // unrecognized, or the length of the recognized TLD.
|
| + registry_length = net::registry_controlled_domains::GetRegistryLength(
|
| + base::StringPrintf("foo.%s", iter->host().c_str()),
|
| + net::registry_controlled_domains::EXCLUDE_UNKNOWN_REGISTRIES,
|
| + net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES);
|
| + // If we recognized this TLD, then this is a pattern like *.com, and it
|
| + // should imply all hosts.
|
| + if (registry_length > 0) {
|
| + has_access_to_most_hosts_.reset(new bool(true));
|
| + return;
|
| + }
|
| + }
|
| +
|
| + has_access_to_most_hosts_.reset(new bool(false));
|
| +}
|
| +
|
| } // namespace extensions
|
|
|
Chromium Code Reviews
Issue 293003008:
Make ActiveScriptController use Active Tab-style permissions (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src