Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(443)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/permissions_updater.cc

Issue 396033002: Support "always allow" for runtime script execution (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Refactoring, minor changes Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/extensions/active_tab_permission_granter.cc ('K') | « chrome/browser/extensions/extension_context_menu_model.cc ('k') | extensions/common/url_pattern.h » ('j') | extensions/common/url_pattern.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/permissions_updater.cc
diff --git a/chrome/browser/extensions/permissions_updater.cc b/chrome/browser/extensions/permissions_updater.cc
index 5f2f62981d5889f7db19804d7734561aaaac5b9f..3a2a585238ec3a7bf8b92e0c6ed6911c9cf0f4f7 100644
--- a/chrome/browser/extensions/permissions_updater.cc
+++ b/chrome/browser/extensions/permissions_updater.cc
@@ -36,6 +36,17 @@ namespace permissions = api::permissions;
namespace {
+URLPatternSet FilterSingleOriginPermissions(URLPatternSet permissions) {
not at google - send to devlin 2014/08/12 19:49:27 const URLPatternSet& permissions
gpdavis 2014/08/12 21:19:55 Done.
+ URLPatternSet single_origin_permissions;
+ for (URLPatternSet::const_iterator iter = permissions.begin();
+ iter != permissions.end();
+ ++iter) {
+ if (iter->MatchesSingleOrigin())
+ single_origin_permissions.AddPattern(*iter);
+ }
+ return single_origin_permissions;
+}
+
// Returns a PermissionSet that has the active permissions of the extension,
// bounded to its current manifest.
scoped_refptr<const PermissionSet> GetBoundedActivePermissions(
@@ -67,6 +78,19 @@ scoped_refptr<const PermissionSet> GetBoundedActivePermissions(
adjusted_active =
PermissionSet::CreateUnion(required_permissions, adjusted_active);
+ // Re-add any active permissions that only match a single origin in order
+ // to persist "always run" script injection hosts. These permissions get
+ // filtered out because single origin permissions are not recognized as a
+ // subset of all-host permissions.
+ adjusted_active = PermissionSet::CreateUnion(
+ adjusted_active,
+ new PermissionSet(
+ APIPermissionSet(),
+ ManifestPermissionSet(),
+ FilterSingleOriginPermissions(active_permissions->explicit_hosts()),
+ FilterSingleOriginPermissions(
+ active_permissions->scriptable_hosts())));
+
return adjusted_active;
}
« chrome/browser/extensions/active_tab_permission_granter.cc ('K') | « chrome/browser/extensions/extension_context_menu_model.cc ('k') | extensions/common/url_pattern.h » ('j') | extensions/common/url_pattern.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698