Have the Debugger extension api check that it has access to the tab

extensions/common/permissions/permissions_data.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/common/permissions/permissions_data.h"
 
 #include "base/command_line.h"
 #include "content/public/common/url_constants.h"
 #include "extensions/common/constants.h"
 #include "extensions/common/error_utils.h"
 #include "extensions/common/extensions_client.h"
 #include "extensions/common/manifest.h"
 #include "extensions/common/manifest_constants.h"
 #include "extensions/common/manifest_handlers/permissions_parser.h"
 #include "extensions/common/permissions/permission_message_provider.h"
 #include "extensions/common/switches.h"
 #include "extensions/common/url_pattern_set.h"
 #include "extensions/common/user_script.h"
 #include "url/gurl.h"
+#include "url/url_constants.h"
 
 namespace extensions {
 
 namespace {
 
 PermissionsData::PolicyDelegate* g_policy_delegate = NULL;
 
 // Returns true if this extension id is from a trusted provider.
 bool ShouldSkipPermissionWarnings(const std::string& extension_id) {
   // See http://b/4946060 for more details.
@@ skipping 33 matching lines @@
   if (extension->location() == Manifest::COMPONENT)
     return true;
 
   const ExtensionsClient::ScriptingWhitelist& whitelist =
       ExtensionsClient::Get()->GetScriptingWhitelist();
 
   return std::find(whitelist.begin(), whitelist.end(), extension->id()) !=
          whitelist.end();
 }
 
+// static
+bool PermissionsData::IsRestrictedUrl(const GURL& document_url,
+                                      const GURL& top_frame_url,
+                                      const Extension* extension,
+                                      std::string* error) {
+  if (CanExecuteScriptEverywhere(extension))
+    return false;
+
+  // Check if the scheme is valid for extensions. If not, return.
+  // For some reason, about urls are valid but not listed in the valid schemes.
+  // Hmm....

[meacer, 2014/06/26 17:32:08]

Is this because of the somewhat recent change that allowed content scripts on
about: pages? AFAIR that CL only modified "matches" and didn't add a host
permission for about:, but still.

That change also checked if the parent of the about: page was owned by a page
which the extension can access, so I'm not sure if
document_url.SchemeIs(url::kAboutScheme) will be too broad of a check?

[Devlin, 2014/06/26 17:37:13]

Mostly, this is going off the PermissionsData tests, in which we don't consider
about:flags a restricted url (even though we can't script on it, we can capture
it).  Is this the right behavior?  Most likely not.  But I'm also not sure that
no extensions rely on capturing about: urls.  Note that this is doesn't allow
anything that wasn't allowed before (unlike the chrome-extensions:// change).

[not at google - send to devlin, 2014/06/26 18:11:28]

If this is just so that tabCapture can work, can't you put this extra check into
CanCaptureTab or whatever it's called? If not, a more specific comment would be
better.

[meacer, 2014/06/26 19:24:39]

I meant this bug, not specific to tab capture: http://crbug.com/76429

+  if (!URLPattern::IsValidSchemeForExtensions(document_url.scheme()) &&
+      !document_url.SchemeIs(url::kAboutScheme)) {
+    if (error) {
+      *error = ErrorUtils::FormatErrorMessage(
+                   manifest_errors::kCannotAccessPage,
+                   document_url.spec());
+    }
+    return true;
+  }
+
+  if (!ExtensionsClient::Get()->IsScriptableURL(document_url, error))
+    return true;
+
+  bool allow_on_chrome_urls = base::CommandLine::ForCurrentProcess()->HasSwitch(
+                                  switches::kExtensionsOnChromeURLs);
+  if (document_url.SchemeIs(content::kChromeUIScheme) &&
+      !allow_on_chrome_urls) {
+    if (error)
+      *error = manifest_errors::kCannotAccessChromeUrl;
+    return true;
+  }
+
+  if (top_frame_url.SchemeIs(kExtensionScheme) &&
+      top_frame_url.host() != extension->id() &&
+      !allow_on_chrome_urls) {
+    if (error)
+      *error = manifest_errors::kCannotAccessExtensionUrl;
+    return true;
+  }
+
+  return false;
+}
+
 void PermissionsData::SetActivePermissions(
     const PermissionSet* permissions) const {
   base::AutoLock auto_lock(runtime_lock_);
   active_permissions_unsafe_ = permissions;
 }
 
 void PermissionsData::UpdateTabSpecificPermissions(
     int tab_id,
     scoped_refptr<const PermissionSet> permissions) const {
   base::AutoLock auto_lock(runtime_lock_);
@@ skipping 193 matching lines @@
                                    int tab_id,
                                    int process_id,
                                    const URLPatternSet& permitted_url_patterns,
                                    std::string* error) const {
   if (g_policy_delegate &&
       !g_policy_delegate->CanExecuteScriptOnPage(
           extension, document_url, top_frame_url, tab_id, process_id, error)) {
     return false;
   }
 
-  bool can_execute_everywhere = CanExecuteScriptEverywhere(extension);
-  if (!can_execute_everywhere &&
-      !ExtensionsClient::Get()->IsScriptableURL(document_url, error)) {
+  if (IsRestrictedUrl(document_url, top_frame_url, extension, error))
     return false;
-  }
-
-  if (!base::CommandLine::ForCurrentProcess()->HasSwitch(
-          switches::kExtensionsOnChromeURLs)) {
-    if (document_url.SchemeIs(content::kChromeUIScheme) &&
-        !can_execute_everywhere) {
-      if (error)
-        *error = manifest_errors::kCannotAccessChromeUrl;
-      return false;
-    }
-  }
-
-  if (top_frame_url.SchemeIs(kExtensionScheme) &&
-      top_frame_url.GetOrigin() !=
-          Extension::GetBaseURLFromExtensionId(extension->id()).GetOrigin() &&
-      !can_execute_everywhere) {
-    if (error)
-      *error = manifest_errors::kCannotAccessExtensionUrl;
-    return false;
-  }
 
   if (HasTabSpecificPermissionToExecuteScript(tab_id, top_frame_url))
     return true;
 
   bool can_access = permitted_url_patterns.MatchesURL(document_url);
 
   if (!can_access && error) {
     *error = ErrorUtils::FormatErrorMessage(manifest_errors::kCannotAccessPage,
                                             document_url.spec());
   }
 
   return can_access;
 }
 
 }  // namespace extensions