| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/browser/extension_function_dispatcher.h" | 5 #include "extensions/browser/extension_function_dispatcher.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/json/json_string_value_serializer.h" | 8 #include "base/json/json_string_value_serializer.h" |
| 9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 456 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 467 return NULL; | 467 return NULL; |
| 468 } | 468 } |
| 469 | 469 |
| 470 // Most hosted apps can't call APIs. | 470 // Most hosted apps can't call APIs. |
| 471 bool allowed = true; | 471 bool allowed = true; |
| 472 if (extension->is_hosted_app()) | 472 if (extension->is_hosted_app()) |
| 473 allowed = AllowHostedAppAPICall(*extension, params.source_url, params.name); | 473 allowed = AllowHostedAppAPICall(*extension, params.source_url, params.name); |
| 474 | 474 |
| 475 // Privileged APIs can only be called from the process the extension | 475 // Privileged APIs can only be called from the process the extension |
| 476 // is running in. | 476 // is running in. |
| 477 if (allowed && api->IsPrivileged(params.name)) | 477 if (allowed && !api->IsAvailableInUntrustedContext(params.name, extension)) |
| 478 allowed = process_map.Contains(extension->id(), requesting_process_id); | 478 allowed = process_map.Contains(extension->id(), requesting_process_id); |
| 479 | 479 |
| 480 if (!allowed) { | 480 if (!allowed) { |
| 481 LOG(ERROR) << "Extension API call disallowed - name:" << params.name | 481 LOG(ERROR) << "Extension API call disallowed - name:" << params.name |
| 482 << " pid:" << requesting_process_id | 482 << " pid:" << requesting_process_id |
| 483 << " from URL " << params.source_url.spec(); | 483 << " from URL " << params.source_url.spec(); |
| 484 SendAccessDenied(callback); | 484 SendAccessDenied(callback); |
| 485 return NULL; | 485 return NULL; |
| 486 } | 486 } |
| 487 | 487 |
| (...skipping 20 matching lines...) Expand all Loading... |
| 508 | 508 |
| 509 // static | 509 // static |
| 510 void ExtensionFunctionDispatcher::SendAccessDenied( | 510 void ExtensionFunctionDispatcher::SendAccessDenied( |
| 511 const ExtensionFunction::ResponseCallback& callback) { | 511 const ExtensionFunction::ResponseCallback& callback) { |
| 512 base::ListValue empty_list; | 512 base::ListValue empty_list; |
| 513 callback.Run(ExtensionFunction::FAILED, empty_list, | 513 callback.Run(ExtensionFunction::FAILED, empty_list, |
| 514 "Access to extension API denied."); | 514 "Access to extension API denied."); |
| 515 } | 515 } |
| 516 | 516 |
| 517 } // namespace extensions | 517 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 377753003:
Remove GetContexts() from the public interface of extensions::Feature. It was (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src