Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(842)

Side by Side Diff: chrome/browser/extensions/api/declarative_webrequest/webrequest_action.cc

Issue 491123004: Make sure that HttpRequestHeaders contains valid key-value pairs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: edit comment Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/extensions/api/downloads/downloads_api.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/api/declarative_webrequest/webrequest_action .h" 5 #include "chrome/browser/extensions/api/declarative_webrequest/webrequest_action .h"
6 6
7 #include <limits> 7 #include <limits>
8 8
9 #include "base/lazy_instance.h" 9 #include "base/lazy_instance.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
11 #include "base/strings/string_util.h" 11 #include "base/strings/string_util.h"
12 #include "base/strings/stringprintf.h" 12 #include "base/strings/stringprintf.h"
13 #include "base/values.h" 13 #include "base/values.h"
14 #include "chrome/browser/extensions/api/declarative/deduping_factory.h" 14 #include "chrome/browser/extensions/api/declarative/deduping_factory.h"
15 #include "chrome/browser/extensions/api/declarative_webrequest/request_stage.h" 15 #include "chrome/browser/extensions/api/declarative_webrequest/request_stage.h"
16 #include "chrome/browser/extensions/api/declarative_webrequest/webrequest_condit ion.h" 16 #include "chrome/browser/extensions/api/declarative_webrequest/webrequest_condit ion.h"
17 #include "chrome/browser/extensions/api/declarative_webrequest/webrequest_consta nts.h" 17 #include "chrome/browser/extensions/api/declarative_webrequest/webrequest_consta nts.h"
18 #include "chrome/browser/extensions/api/web_request/web_request_api_constants.h" 18 #include "chrome/browser/extensions/api/web_request/web_request_api_constants.h"
19 #include "chrome/browser/extensions/api/web_request/web_request_api_helpers.h" 19 #include "chrome/browser/extensions/api/web_request/web_request_api_helpers.h"
20 #include "chrome/browser/extensions/api/web_request/web_request_permissions.h" 20 #include "chrome/browser/extensions/api/web_request/web_request_permissions.h"
21 #include "chrome/browser/guest_view/web_view/web_view_renderer_state.h" 21 #include "chrome/browser/guest_view/web_view/web_view_renderer_state.h"
22 #include "content/public/browser/resource_request_info.h" 22 #include "content/public/browser/resource_request_info.h"
23 #include "content/public/common/url_constants.h" 23 #include "content/public/common/url_constants.h"
24 #include "extensions/browser/info_map.h" 24 #include "extensions/browser/info_map.h"
25 #include "extensions/common/error_utils.h" 25 #include "extensions/common/error_utils.h"
26 #include "extensions/common/extension.h" 26 #include "extensions/common/extension.h"
27 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" 27 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
28 #include "net/http/http_util.h"
28 #include "net/url_request/url_request.h" 29 #include "net/url_request/url_request.h"
29 #include "third_party/re2/re2/re2.h" 30 #include "third_party/re2/re2/re2.h"
30 31
31 using content::ResourceRequestInfo; 32 using content::ResourceRequestInfo;
32 33
33 namespace extensions { 34 namespace extensions {
34 35
35 namespace helpers = extension_web_request_api_helpers; 36 namespace helpers = extension_web_request_api_helpers;
36 namespace keys = declarative_webrequest_constants; 37 namespace keys = declarative_webrequest_constants;
37 38
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
165 const std::string& instance_type, 166 const std::string& instance_type,
166 const base::Value* json_value, 167 const base::Value* json_value,
167 std::string* error, 168 std::string* error,
168 bool* bad_message) { 169 bool* bad_message) {
169 const base::DictionaryValue* dict = NULL; 170 const base::DictionaryValue* dict = NULL;
170 CHECK(json_value->GetAsDictionary(&dict)); 171 CHECK(json_value->GetAsDictionary(&dict));
171 std::string name; 172 std::string name;
172 std::string value; 173 std::string value;
173 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name)); 174 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name));
174 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kValueKey, &value)); 175 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kValueKey, &value));
175 if (!helpers::IsValidHeaderName(name)) { 176 if (!net::HttpUtil::IsValidHeaderName(name)) {
176 *error = extension_web_request_api_constants::kInvalidHeaderName; 177 *error = extension_web_request_api_constants::kInvalidHeaderName;
177 return scoped_refptr<const WebRequestAction>(NULL); 178 return scoped_refptr<const WebRequestAction>(NULL);
178 } 179 }
179 if (!helpers::IsValidHeaderValue(value)) { 180 if (!net::HttpUtil::IsValidHeaderValue(value)) {
180 *error = ErrorUtils::FormatErrorMessage( 181 *error = ErrorUtils::FormatErrorMessage(
181 extension_web_request_api_constants::kInvalidHeaderValue, name); 182 extension_web_request_api_constants::kInvalidHeaderValue, name);
182 return scoped_refptr<const WebRequestAction>(NULL); 183 return scoped_refptr<const WebRequestAction>(NULL);
183 } 184 }
184 return scoped_refptr<const WebRequestAction>( 185 return scoped_refptr<const WebRequestAction>(
185 new WebRequestSetRequestHeaderAction(name, value)); 186 new WebRequestSetRequestHeaderAction(name, value));
186 } 187 }
187 188
188 scoped_refptr<const WebRequestAction> CreateRemoveRequestHeaderAction( 189 scoped_refptr<const WebRequestAction> CreateRemoveRequestHeaderAction(
189 const std::string& instance_type, 190 const std::string& instance_type,
190 const base::Value* value, 191 const base::Value* value,
191 std::string* error, 192 std::string* error,
192 bool* bad_message) { 193 bool* bad_message) {
193 const base::DictionaryValue* dict = NULL; 194 const base::DictionaryValue* dict = NULL;
194 CHECK(value->GetAsDictionary(&dict)); 195 CHECK(value->GetAsDictionary(&dict));
195 std::string name; 196 std::string name;
196 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name)); 197 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name));
197 if (!helpers::IsValidHeaderName(name)) { 198 if (!net::HttpUtil::IsValidHeaderName(name)) {
198 *error = extension_web_request_api_constants::kInvalidHeaderName; 199 *error = extension_web_request_api_constants::kInvalidHeaderName;
199 return scoped_refptr<const WebRequestAction>(NULL); 200 return scoped_refptr<const WebRequestAction>(NULL);
200 } 201 }
201 return scoped_refptr<const WebRequestAction>( 202 return scoped_refptr<const WebRequestAction>(
202 new WebRequestRemoveRequestHeaderAction(name)); 203 new WebRequestRemoveRequestHeaderAction(name));
203 } 204 }
204 205
205 scoped_refptr<const WebRequestAction> CreateAddResponseHeaderAction( 206 scoped_refptr<const WebRequestAction> CreateAddResponseHeaderAction(
206 const std::string& instance_type, 207 const std::string& instance_type,
207 const base::Value* json_value, 208 const base::Value* json_value,
208 std::string* error, 209 std::string* error,
209 bool* bad_message) { 210 bool* bad_message) {
210 const base::DictionaryValue* dict = NULL; 211 const base::DictionaryValue* dict = NULL;
211 CHECK(json_value->GetAsDictionary(&dict)); 212 CHECK(json_value->GetAsDictionary(&dict));
212 std::string name; 213 std::string name;
213 std::string value; 214 std::string value;
214 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name)); 215 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name));
215 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kValueKey, &value)); 216 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kValueKey, &value));
216 if (!helpers::IsValidHeaderName(name)) { 217 if (!net::HttpUtil::IsValidHeaderName(name)) {
217 *error = extension_web_request_api_constants::kInvalidHeaderName; 218 *error = extension_web_request_api_constants::kInvalidHeaderName;
218 return scoped_refptr<const WebRequestAction>(NULL); 219 return scoped_refptr<const WebRequestAction>(NULL);
219 } 220 }
220 if (!helpers::IsValidHeaderValue(value)) { 221 if (!net::HttpUtil::IsValidHeaderValue(value)) {
221 *error = ErrorUtils::FormatErrorMessage( 222 *error = ErrorUtils::FormatErrorMessage(
222 extension_web_request_api_constants::kInvalidHeaderValue, name); 223 extension_web_request_api_constants::kInvalidHeaderValue, name);
223 return scoped_refptr<const WebRequestAction>(NULL); 224 return scoped_refptr<const WebRequestAction>(NULL);
224 } 225 }
225 return scoped_refptr<const WebRequestAction>( 226 return scoped_refptr<const WebRequestAction>(
226 new WebRequestAddResponseHeaderAction(name, value)); 227 new WebRequestAddResponseHeaderAction(name, value));
227 } 228 }
228 229
229 scoped_refptr<const WebRequestAction> CreateRemoveResponseHeaderAction( 230 scoped_refptr<const WebRequestAction> CreateRemoveResponseHeaderAction(
230 const std::string& instance_type, 231 const std::string& instance_type,
231 const base::Value* json_value, 232 const base::Value* json_value,
232 std::string* error, 233 std::string* error,
233 bool* bad_message) { 234 bool* bad_message) {
234 const base::DictionaryValue* dict = NULL; 235 const base::DictionaryValue* dict = NULL;
235 CHECK(json_value->GetAsDictionary(&dict)); 236 CHECK(json_value->GetAsDictionary(&dict));
236 std::string name; 237 std::string name;
237 std::string value; 238 std::string value;
238 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name)); 239 INPUT_FORMAT_VALIDATE(dict->GetString(keys::kNameKey, &name));
239 bool has_value = dict->GetString(keys::kValueKey, &value); 240 bool has_value = dict->GetString(keys::kValueKey, &value);
240 if (!helpers::IsValidHeaderName(name)) { 241 if (!net::HttpUtil::IsValidHeaderName(name)) {
241 *error = extension_web_request_api_constants::kInvalidHeaderName; 242 *error = extension_web_request_api_constants::kInvalidHeaderName;
242 return scoped_refptr<const WebRequestAction>(NULL); 243 return scoped_refptr<const WebRequestAction>(NULL);
243 } 244 }
244 if (has_value && !helpers::IsValidHeaderValue(value)) { 245 if (has_value && !net::HttpUtil::IsValidHeaderValue(value)) {
245 *error = ErrorUtils::FormatErrorMessage( 246 *error = ErrorUtils::FormatErrorMessage(
246 extension_web_request_api_constants::kInvalidHeaderValue, name); 247 extension_web_request_api_constants::kInvalidHeaderValue, name);
247 return scoped_refptr<const WebRequestAction>(NULL); 248 return scoped_refptr<const WebRequestAction>(NULL);
248 } 249 }
249 return scoped_refptr<const WebRequestAction>( 250 return scoped_refptr<const WebRequestAction>(
250 new WebRequestRemoveResponseHeaderAction(name, value, has_value)); 251 new WebRequestRemoveResponseHeaderAction(name, value, has_value));
251 } 252 }
252 253
253 scoped_refptr<const WebRequestAction> CreateIgnoreRulesAction( 254 scoped_refptr<const WebRequestAction> CreateIgnoreRulesAction(
254 const std::string& instance_type, 255 const std::string& instance_type,
(...skipping 903 matching lines...) Expand 10 before | Expand all | Expand 10 after
1158 const base::Time& extension_install_time) const { 1159 const base::Time& extension_install_time) const {
1159 CHECK(request_data.stage & stages()); 1160 CHECK(request_data.stage & stages());
1160 LinkedPtrEventResponseDelta result( 1161 LinkedPtrEventResponseDelta result(
1161 new extension_web_request_api_helpers::EventResponseDelta( 1162 new extension_web_request_api_helpers::EventResponseDelta(
1162 extension_id, extension_install_time)); 1163 extension_id, extension_install_time));
1163 result->messages_to_extension.insert(message_); 1164 result->messages_to_extension.insert(message_);
1164 return result; 1165 return result;
1165 } 1166 }
1166 1167
1167 } // namespace extensions 1168 } // namespace extensions
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/extensions/api/downloads/downloads_api.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698