Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(281)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: extensions/renderer/content_setting.cc

Issue 2953453002: [Extensions Bindings] Add access checks in custom types (Closed)
Patch Set: lazyboy's Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « extensions/renderer/content_setting.h ('k') | extensions/renderer/storage_area.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: extensions/renderer/content_setting.cc
diff --git a/extensions/renderer/content_setting.cc b/extensions/renderer/content_setting.cc
index b21f729a7f6641ce892e97d4bc7a7c116a4cef49..51495cdccc1c5e00b52448e43601d65eb658d257 100644
--- a/extensions/renderer/content_setting.cc
+++ b/extensions/renderer/content_setting.cc
@@ -11,6 +11,7 @@
#include "extensions/renderer/api_request_handler.h"
#include "extensions/renderer/api_signature.h"
#include "extensions/renderer/api_type_reference_map.h"
+#include "extensions/renderer/binding_access_checker.h"
#include "extensions/renderer/console.h"
#include "extensions/renderer/script_context_set.h"
#include "gin/arguments.h"
@@ -40,26 +41,29 @@ v8::Local<v8::Object> ContentSetting::Create(
const base::ListValue* property_values,
APIRequestHandler* request_handler,
APIEventHandler* event_handler,
- APITypeReferenceMap* type_refs) {
+ APITypeReferenceMap* type_refs,
+ const BindingAccessChecker* access_checker) {
std::string pref_name;
CHECK(property_values->GetString(0u, &pref_name));
const base::DictionaryValue* value_spec = nullptr;
CHECK(property_values->GetDictionary(1u, &value_spec));
gin::Handle<ContentSetting> handle = gin::CreateHandle(
- isolate, new ContentSetting(run_js, request_handler, type_refs, pref_name,
- *value_spec));
+ isolate, new ContentSetting(run_js, request_handler, type_refs,
+ access_checker, pref_name, *value_spec));
return handle.ToV8().As<v8::Object>();
}
ContentSetting::ContentSetting(const binding::RunJSFunction& run_js,
APIRequestHandler* request_handler,
const APITypeReferenceMap* type_refs,
+ const BindingAccessChecker* access_checker,
const std::string& pref_name,
const base::DictionaryValue& set_value_spec)
: run_js_(run_js),
request_handler_(request_handler),
type_refs_(type_refs),
+ access_checker_(access_checker),
pref_name_(pref_name),
argument_spec_(ArgumentType::OBJECT) {
// The set() call takes an object { setting: { type: <t> }, ... }, where <t>
@@ -129,6 +133,10 @@ void ContentSetting::HandleFunction(const std::string& method_name,
std::vector<v8::Local<v8::Value>> argument_list = arguments->GetAll();
std::string full_name = "contentSettings.ContentSetting." + method_name;
+
+ if (!access_checker_->HasAccessOrThrowError(context, full_name))
+ return;
+
std::unique_ptr<base::ListValue> converted_arguments;
v8::Local<v8::Function> callback;
std::string error;
« no previous file with comments | « extensions/renderer/content_setting.h ('k') | extensions/renderer/storage_area.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698