Have the Debugger extension api check that it has access to the tab

chrome/browser/extensions/api/debugger/debugger_api.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Implements the Chrome Extensions Debugger API.
 
 #include "chrome/browser/extensions/api/debugger/debugger_api.h"
 
 #include <map>
 #include <set>
@@ skipping 29 matching lines @@
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/render_widget_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/content_client.h"
 #include "content/public/common/url_utils.h"
 #include "extensions/browser/event_router.h"
 #include "extensions/browser/extension_host.h"
 #include "extensions/browser/extension_registry.h"
 #include "extensions/browser/extension_registry_observer.h"
 #include "extensions/browser/extension_system.h"
+#include "extensions/common/constants.h"
 #include "extensions/common/error_utils.h"
 #include "extensions/common/extension.h"
+#include "extensions/common/manifest_constants.h"
+#include "extensions/common/permissions/permissions_data.h"
+#include "extensions/common/switches.h"
 #include "grit/generated_resources.h"
 #include "ui/base/l10n/l10n_util.h"
 
 using content::DevToolsAgentHost;
 using content::DevToolsClientHost;
 using content::DevToolsHttpHandler;
 using content::DevToolsManager;
 using content::RenderProcessHost;
 using content::RenderViewHost;
 using content::RenderWidgetHost;
@@ skipping 434 matching lines @@
       format, keys::kTabTargetType, base::IntToString(*debuggee_.tab_id));
   else if (debuggee_.extension_id)
     error_ = ErrorUtils::FormatErrorMessage(
       format, keys::kBackgroundPageTargetType, *debuggee_.extension_id);
   else
     error_ = ErrorUtils::FormatErrorMessage(
       format, keys::kOpaqueTargetType, *debuggee_.target_id);
 }
 
 bool DebuggerFunction::InitAgentHost() {
+  const Extension* extension = GetExtension();
   if (debuggee_.tab_id) {
     WebContents* web_contents = NULL;
     bool result = ExtensionTabUtil::GetTabById(*debuggee_.tab_id,
                                                GetProfile(),
                                                include_incognito(),
                                                NULL,
                                                NULL,
                                                &web_contents,
                                                NULL);
     if (result && web_contents) {
-      if (content::HasWebUIScheme(web_contents->GetURL())) {
-        error_ = ErrorUtils::FormatErrorMessage(
-            keys::kAttachToWebUIError,
-            web_contents->GetURL().scheme());
+      GURL url = web_contents->GetVisibleURL();

[not at google - send to devlin, 2014/06/25 20:42:16]

yeah this really should be GetLastCommittedURL. could you add a TODO or
something.

[Devlin, 2014/06/25 23:30:00]

Done.

+      if (PermissionsData::UrlIsRestricted(url, url, extension, &error_))
         return false;
-      }
       agent_host_ = DevToolsAgentHost::GetOrCreateFor(web_contents);
     }
   } else if (debuggee_.extension_id) {
     ExtensionHost* extension_host =
         ExtensionSystem::Get(GetProfile())
             ->process_manager()
             ->GetBackgroundHostForExtension(*debuggee_.extension_id);
     if (extension_host) {
+      if (PermissionsData::UrlIsRestricted(extension_host->GetURL(),
+                                           extension_host->GetURL(),
+                                           extension,
+                                           &error_)) {
+        return false;
+      }
       agent_host_ = DevToolsAgentHost::GetOrCreateFor(
           extension_host->render_view_host());
     }
   } else if (debuggee_.target_id) {
     agent_host_ = DevToolsAgentHost::GetForId(*debuggee_.target_id);
   } else {
     error_ = keys::kInvalidTargetError;
     return false;
   }
 
@@ skipping 41 matching lines @@
         keys::kProtocolVersionNotSupportedError,
         params->required_version);
     return false;
   }
 
   if (agent_host_->IsAttached()) {
     FormatErrorMessage(keys::kAlreadyAttachedError);
     return false;
   }
 
+  const Extension* extension = GetExtension();
   infobars::InfoBar* infobar = NULL;
   if (!CommandLine::ForCurrentProcess()->
-       HasSwitch(switches::kSilentDebuggerExtensionAPI)) {
+       HasSwitch(::switches::kSilentDebuggerExtensionAPI)) {
     // Do not attach to the target if for any reason the infobar cannot be shown
     // for this WebContents instance.
     infobar = ExtensionDevToolsInfoBarDelegate::Create(
-        agent_host_->GetRenderViewHost(), GetExtension()->name());
+        agent_host_->GetRenderViewHost(), extension->name());
     if (!infobar) {
       error_ = ErrorUtils::FormatErrorMessage(
           keys::kSilentDebuggingRequired,
-          switches::kSilentDebuggerExtensionAPI);
+          ::switches::kSilentDebuggerExtensionAPI);
       return false;
     }
   }
 
   new ExtensionDevToolsClientHost(GetProfile(),
                                   agent_host_.get(),
-                                  GetExtension()->id(),
-                                  GetExtension()->name(),
+                                  extension->id(),
+                                  extension->name(),
                                   debuggee_,
                                   infobar);
   SendResponse(true);
   return true;
 }
 
 
 // DebuggerDetachFunction -----------------------------------------------------
 
 DebuggerDetachFunction::DebuggerDetachFunction() {
@@ skipping 117 matching lines @@
     const std::vector<DevToolsTargetImpl*>& target_list) {
   scoped_ptr<base::ListValue> result(new base::ListValue());
   for (size_t i = 0; i < target_list.size(); ++i)
     result->Append(SerializeTarget(*target_list[i]));
   STLDeleteContainerPointers(target_list.begin(), target_list.end());
   SetResult(result.release());
   SendResponse(true);
 }
 
 }  // namespace extensions