Index: extensions/common/permissions/permissions_data.cc |
diff --git a/extensions/common/permissions/permissions_data.cc b/extensions/common/permissions/permissions_data.cc |
index 72717f7617d493ac2c9955155082def54ae0e951..77c2a03e76e0f3d2cbaaa96605c0b51a4fd8fe7e 100644 |
--- a/extensions/common/permissions/permissions_data.cc |
+++ b/extensions/common/permissions/permissions_data.cc |
@@ -70,6 +70,39 @@ bool PermissionsData::CanExecuteScriptEverywhere(const Extension* extension) { |
whitelist.end(); |
} |
+// static |
+bool PermissionsData::UrlIsRestricted(const GURL& document_url, |
meacer
2014/06/25 21:24:25
Would these schemes/urls be covered by this method
not at google - send to devlin
2014/06/25 21:26:27
oh, good point. we should also check the whitelist
Devlin
2014/06/25 23:30:00
Done.
|
+ const GURL& top_frame_url, |
+ const Extension* extension, |
+ std::string* error) { |
+ bool can_execute_everywhere = CanExecuteScriptEverywhere(extension); |
not at google - send to devlin
2014/06/25 20:42:17
this is a bit silly, because every condition check
Devlin
2014/06/25 23:30:00
Done.
|
+ if (!can_execute_everywhere && |
+ !ExtensionsClient::Get()->IsScriptableURL(document_url, error)) { |
+ return true; |
+ } |
+ |
+ bool has_switch = base::CommandLine::ForCurrentProcess()->HasSwitch( |
not at google - send to devlin
2014/06/25 20:42:17
please call this allow_chrome_urls or something.
Devlin
2014/06/25 23:30:00
Done.
|
+ switches::kExtensionsOnChromeURLs); |
+ if (document_url.SchemeIs(content::kChromeUIScheme) && |
+ !can_execute_everywhere && |
+ !has_switch) { |
+ if (error) |
+ *error = manifest_errors::kCannotAccessChromeUrl; |
+ return true; |
+ } |
+ |
+ if (top_frame_url.SchemeIs(kExtensionScheme) && |
+ top_frame_url.host() != extension->id() && |
+ !can_execute_everywhere && |
+ !has_switch) { |
+ if (error) |
+ *error = manifest_errors::kCannotAccessExtensionUrl; |
+ return true; |
+ } |
+ |
+ return false; |
+} |
+ |
void PermissionsData::SetActivePermissions( |
const PermissionSet* permissions) const { |
base::AutoLock auto_lock(runtime_lock_); |
@@ -283,30 +316,8 @@ bool PermissionsData::CanRunOnPage(const Extension* extension, |
return false; |
} |
- bool can_execute_everywhere = CanExecuteScriptEverywhere(extension); |
- if (!can_execute_everywhere && |
- !ExtensionsClient::Get()->IsScriptableURL(document_url, error)) { |
- return false; |
- } |
- |
- if (!base::CommandLine::ForCurrentProcess()->HasSwitch( |
- switches::kExtensionsOnChromeURLs)) { |
- if (document_url.SchemeIs(content::kChromeUIScheme) && |
- !can_execute_everywhere) { |
- if (error) |
- *error = manifest_errors::kCannotAccessChromeUrl; |
- return false; |
- } |
- } |
- |
- if (top_frame_url.SchemeIs(kExtensionScheme) && |
- top_frame_url.GetOrigin() != |
- Extension::GetBaseURLFromExtensionId(extension->id()).GetOrigin() && |
- !can_execute_everywhere) { |
- if (error) |
- *error = manifest_errors::kCannotAccessExtensionUrl; |
+ if (UrlIsRestricted(document_url, top_frame_url, extension, error)) |
return false; |
- } |
if (HasTabSpecificPermissionToExecuteScript(tab_id, top_frame_url)) |
return true; |