| Index: chrome/browser/chrome_content_browser_client.cc
|
| diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
|
| index a500608f602883d1459990b340f517c526be759f..b194a4fd159ba4931815963c77fa87c34caa7e5b 100644
|
| --- a/chrome/browser/chrome_content_browser_client.cc
|
| +++ b/chrome/browser/chrome_content_browser_client.cc
|
| @@ -280,6 +280,14 @@ namespace {
|
| base::LazyInstance<std::string> g_io_thread_application_locale;
|
|
|
| #if defined(ENABLE_PLUGINS)
|
| +// TODO(teravest): Add renderer-side API-specific checking for these APIs so
|
| +// that blanket permission isn't granted to all dev channel APIs for these.
|
| +// http://crbug.com/386743
|
| +const char* const kPredefinedAllowedDevChannelOrigins[] = {
|
| + "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/383937
|
| + "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/383937
|
| +};
|
| +
|
| const char* const kPredefinedAllowedFileHandleOrigins[] = {
|
| "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789
|
| "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/234789
|
| @@ -642,6 +650,8 @@ namespace chrome {
|
| ChromeContentBrowserClient::ChromeContentBrowserClient()
|
| : prerender_tracker_(NULL) {
|
| #if defined(ENABLE_PLUGINS)
|
| + for (size_t i = 0; i < arraysize(kPredefinedAllowedDevChannelOrigins); ++i)
|
| + allowed_dev_channel_origins_.insert(kPredefinedAllowedDevChannelOrigins[i]);
|
| for (size_t i = 0; i < arraysize(kPredefinedAllowedFileHandleOrigins); ++i)
|
| allowed_file_handle_origins_.insert(kPredefinedAllowedFileHandleOrigins[i]);
|
| for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i)
|
| @@ -2795,8 +2805,6 @@ bool ChromeContentBrowserClient::IsPluginAllowedToCallRequestOSFileHandle(
|
| extension_set = extensions::ExtensionSystem::Get(profile)->
|
| extension_service()->extensions();
|
| }
|
| - // TODO(teravest): Populate allowed_file_handle_origins_ when FileIO is moved
|
| - // from the renderer to the browser.
|
| return IsExtensionOrSharedModuleWhitelisted(url, extension_set,
|
| allowed_file_handle_origins_) ||
|
| IsHostAllowedByCommandLine(url, extension_set,
|
| @@ -2806,7 +2814,9 @@ bool ChromeContentBrowserClient::IsPluginAllowedToCallRequestOSFileHandle(
|
| #endif
|
| }
|
|
|
| -bool ChromeContentBrowserClient::IsPluginAllowedToUseDevChannelAPIs() {
|
| +bool ChromeContentBrowserClient::IsPluginAllowedToUseDevChannelAPIs(
|
| + content::BrowserContext* browser_context,
|
| + const GURL& url) {
|
| #if defined(ENABLE_PLUGINS)
|
| // Allow access for tests.
|
| if (CommandLine::ForCurrentProcess()->HasSwitch(
|
| @@ -2814,6 +2824,20 @@ bool ChromeContentBrowserClient::IsPluginAllowedToUseDevChannelAPIs() {
|
| return true;
|
| }
|
|
|
| + Profile* profile = Profile::FromBrowserContext(browser_context);
|
| + const extensions::ExtensionSet* extension_set = NULL;
|
| + if (profile) {
|
| + extension_set = extensions::ExtensionSystem::Get(profile)->
|
| + extension_service()->extensions();
|
| + }
|
| +
|
| + // Allow access for whitelisted applications.
|
| + if (IsExtensionOrSharedModuleWhitelisted(url,
|
| + extension_set,
|
| + allowed_dev_channel_origins_)) {
|
| + return true;
|
| + }
|
| +
|
| chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
|
| // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
|
| // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
|
|
|
Chromium Code Reviews
Issue 338523007:
Pepper: Whitelist dev channel APIs for some apps. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src