Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(104)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: extensions/renderer/chrome_setting.cc

Issue 2953453002: [Extensions Bindings] Add access checks in custom types (Closed)
Patch Set: lazyboy's Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « extensions/renderer/chrome_setting.h ('k') | extensions/renderer/content_setting.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: extensions/renderer/chrome_setting.cc
diff --git a/extensions/renderer/chrome_setting.cc b/extensions/renderer/chrome_setting.cc
index 2509bfbb593fceac992cc988054799690e07061d..0f5b5f0d6f9a245d53bb789c05fe97bcdf78a711 100644
--- a/extensions/renderer/chrome_setting.cc
+++ b/extensions/renderer/chrome_setting.cc
@@ -11,6 +11,7 @@
#include "extensions/renderer/api_request_handler.h"
#include "extensions/renderer/api_signature.h"
#include "extensions/renderer/api_type_reference_map.h"
+#include "extensions/renderer/binding_access_checker.h"
#include "gin/arguments.h"
#include "gin/handle.h"
#include "gin/object_template_builder.h"
@@ -23,7 +24,8 @@ v8::Local<v8::Object> ChromeSetting::Create(
const base::ListValue* property_values,
APIRequestHandler* request_handler,
APIEventHandler* event_handler,
- APITypeReferenceMap* type_refs) {
+ APITypeReferenceMap* type_refs,
+ const BindingAccessChecker* access_checker) {
std::string pref_name;
CHECK(property_values->GetString(0u, &pref_name));
const base::DictionaryValue* value_spec = nullptr;
@@ -31,18 +33,20 @@ v8::Local<v8::Object> ChromeSetting::Create(
gin::Handle<ChromeSetting> handle = gin::CreateHandle(
isolate, new ChromeSetting(request_handler, event_handler, type_refs,
- pref_name, *value_spec));
+ access_checker, pref_name, *value_spec));
return handle.ToV8().As<v8::Object>();
}
ChromeSetting::ChromeSetting(APIRequestHandler* request_handler,
APIEventHandler* event_handler,
const APITypeReferenceMap* type_refs,
+ const BindingAccessChecker* access_checker,
const std::string& pref_name,
const base::DictionaryValue& set_value_spec)
: request_handler_(request_handler),
event_handler_(event_handler),
type_refs_(type_refs),
+ access_checker_(access_checker),
pref_name_(pref_name),
argument_spec_(ArgumentType::OBJECT) {
// The set() call takes an object { value: { type: <t> }, ... }, where <t>
@@ -135,6 +139,10 @@ void ChromeSetting::HandleFunction(const std::string& method_name,
std::vector<v8::Local<v8::Value>> argument_list = arguments->GetAll();
std::string full_name = "types.ChromeSetting." + method_name;
+
+ if (!access_checker_->HasAccessOrThrowError(context, full_name))
+ return;
+
std::unique_ptr<base::ListValue> converted_arguments;
v8::Local<v8::Function> callback;
std::string error;
« no previous file with comments | « extensions/renderer/chrome_setting.h ('k') | extensions/renderer/content_setting.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698