| Index: chrome/browser/extensions/active_script_controller.cc
|
| diff --git a/chrome/browser/extensions/active_script_controller.cc b/chrome/browser/extensions/active_script_controller.cc
|
| index 822977d9d67b6d9cf3eee8cd6ca83e212cb03f75..d7b3e4bb2682da239fca5efffde2edb70a0094e3 100644
|
| --- a/chrome/browser/extensions/active_script_controller.cc
|
| +++ b/chrome/browser/extensions/active_script_controller.cc
|
| @@ -110,7 +110,7 @@ void ActiveScriptController::OnActiveTabPermissionGranted(
|
| }
|
|
|
| void ActiveScriptController::OnAdInjectionDetected(
|
| - const std::set<std::string> ad_injectors) {
|
| + const std::set<std::string>& ad_injectors) {
|
| // We're only interested in data if there are ad injectors detected.
|
| if (ad_injectors.empty())
|
| return;
|
| @@ -213,9 +213,10 @@ void ActiveScriptController::RunPendingForExtension(
|
| LocationBarController::NotifyChange(web_contents());
|
| }
|
|
|
| -void ActiveScriptController::OnNotifyExtensionScriptExecution(
|
| +void ActiveScriptController::OnRequestContentScriptPermission(
|
| const std::string& extension_id,
|
| - int page_id) {
|
| + int page_id,
|
| + int request_id) {
|
| if (!Extension::IdIsValid(extension_id)) {
|
| NOTREACHED() << "'" << extension_id << "' is not a valid id.";
|
| return;
|
| @@ -229,18 +230,44 @@ void ActiveScriptController::OnNotifyExtensionScriptExecution(
|
| if (!extension)
|
| return;
|
|
|
| - // Right now, we allow all content scripts to execute, but notify the
|
| - // controller of them.
|
| - // TODO(rdevlin.cronin): Fix this in a future CL.
|
| - if (RequiresUserConsentForScriptInjection(extension))
|
| - RequestScriptInjection(extension, page_id, base::Bind(&base::DoNothing));
|
| + // If the request id is -1, that signals that the content script has already
|
| + // ran (because this feature is not enabled). Add the extension to the list of
|
| + // permitted extensions (for metrics), and return immediately.
|
| + if (request_id == -1) {
|
| + DCHECK(!enabled_);
|
| + permitted_extensions_.insert(extension->id());
|
| + return;
|
| + }
|
| +
|
| + if (RequiresUserConsentForScriptInjection(extension)) {
|
| + // This base::Unretained() is safe, because the callback is only invoked by
|
| + // this object.
|
| + RequestScriptInjection(
|
| + extension,
|
| + page_id,
|
| + base::Bind(&ActiveScriptController::GrantContentScriptPermission,
|
| + base::Unretained(this),
|
| + request_id));
|
| + } else {
|
| + GrantContentScriptPermission(request_id);
|
| + }
|
| +}
|
| +
|
| +void ActiveScriptController::GrantContentScriptPermission(int request_id) {
|
| + content::RenderViewHost* render_view_host =
|
| + web_contents()->GetRenderViewHost();
|
| + if (render_view_host) {
|
| + render_view_host->Send(new ExtensionMsg_GrantContentScriptPermission(
|
| + render_view_host->GetRoutingID(),
|
| + request_id));
|
| + }
|
| }
|
|
|
| bool ActiveScriptController::OnMessageReceived(const IPC::Message& message) {
|
| bool handled = true;
|
| IPC_BEGIN_MESSAGE_MAP(ActiveScriptController, message)
|
| - IPC_MESSAGE_HANDLER(ExtensionHostMsg_NotifyExtensionScriptExecution,
|
| - OnNotifyExtensionScriptExecution)
|
| + IPC_MESSAGE_HANDLER(ExtensionHostMsg_RequestContentScriptPermission,
|
| + OnRequestContentScriptPermission)
|
| IPC_MESSAGE_UNHANDLED(handled = false)
|
| IPC_END_MESSAGE_MAP()
|
| return handled;
|
|
|
Chromium Code Reviews
Issue 313453002:
Resubmit: Block content scripts from executing until user grants permission (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src