Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(289)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc

Issue 512543002: Model <webview> and <appview> script injection after <extensionoptions> (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Add permission dependency to whitelist Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/common/extensions/api/_api_features.json ('k') | extensions/common/feature_switch.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h" 5 #include "chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/sha1.h" 8 #include "base/sha1.h"
9 #include "base/strings/string_number_conversions.h" 9 #include "base/strings/string_number_conversions.h"
10 #include "chrome/common/chrome_switches.h" 10 #include "chrome/common/chrome_switches.h"
(...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after
265 // expensive. It would be better if there were a light way of detecting when 265 // expensive. It would be better if there were a light way of detecting when
266 // a webview or appview is created and only then set up the infrastructure. 266 // a webview or appview is created and only then set up the infrastructure.
267 if (context_type == extensions::Feature::BLESSED_EXTENSION_CONTEXT && 267 if (context_type == extensions::Feature::BLESSED_EXTENSION_CONTEXT &&
268 is_within_platform_app && 268 is_within_platform_app &&
269 extensions::GetCurrentChannel() <= chrome::VersionInfo::CHANNEL_DEV && 269 extensions::GetCurrentChannel() <= chrome::VersionInfo::CHANNEL_DEV &&
270 CommandLine::ForCurrentProcess()->HasSwitch( 270 CommandLine::ForCurrentProcess()->HasSwitch(
271 ::switches::kEnableAppWindowControls)) { 271 ::switches::kEnableAppWindowControls)) {
272 module_system->Require("windowControls"); 272 module_system->Require("windowControls");
273 } 273 }
274 274
275 const extensions::Extension* extension = context->extension();
276
277 // We used to limit WebView to |BLESSED_EXTENSION_CONTEXT| within platform
278 // apps. An ext/app runs in a blessed extension context, if it is the active
279 // extension in the current process, in other words, if it is loaded in a top
280 // frame. To support webview in a non-frame extension, we have to allow
281 // unblessed extension context as well.
282 // Note: setting up the WebView class here, not the chrome.webview API. 275 // Note: setting up the WebView class here, not the chrome.webview API.
283 // The API will be automatically set up when first used. 276 // The API will be automatically set up when first used.
284 if (context_type == extensions::Feature::BLESSED_EXTENSION_CONTEXT || 277 if (context->GetAvailability("webViewInternal").is_available()) {
285 context_type == extensions::Feature::UNBLESSED_EXTENSION_CONTEXT) { 278 module_system->Require("webView");
286 // TODO(fsamuel): Use context->GetAvailability("webViewInternal"). 279 if (context->GetAvailability("webViewExperimentalInternal").is_available())
287 if (extension->permissions_data()->HasAPIPermission( 280 module_system->Require("webViewExperimental");
288 extensions::APIPermission::kWebView)) { 281 } else if (context_type == extensions::Feature::BLESSED_EXTENSION_CONTEXT) {
289 module_system->Require("webView"); 282 module_system->Require("denyWebView");
290 if (extensions::GetCurrentChannel() <= chrome::VersionInfo::CHANNEL_DEV) {
291 module_system->Require("webViewExperimental");
292 } else {
293 // TODO(asargent) We need a whitelist for webview experimental.
294 // crbug.com/264852
295 std::string id_hash = base::SHA1HashString(extension->id());
296 std::string hexencoded_id_hash =
297 base::HexEncode(id_hash.c_str(), id_hash.length());
298 if (hexencoded_id_hash == "8C3741E3AF0B93B6E8E0DDD499BB0B74839EA578" ||
299 hexencoded_id_hash == "E703483CEF33DEC18B4B6DD84B5C776FB9182BDB" ||
300 hexencoded_id_hash == "1A26E32DE447A17CBE5E9750CDBA78F58539B39C" ||
301 hexencoded_id_hash == "59048028102D7B4C681DBC7BC6CD980C3DC66DA3") {
302 module_system->Require("webViewExperimental");
303 }
304 }
305 } else {
306 module_system->Require("denyWebView");
307 }
308 } 283 }
309 284
310 if (context_type == extensions::Feature::BLESSED_EXTENSION_CONTEXT) { 285 if (extensions::FeatureSwitch::app_view()->IsEnabled() &&
311 // TODO(fsamuel): Use context->GetAvailability("appViewInternal"). 286 context->GetAvailability("appViewEmbedderInternal").is_available()) {
312 if (CommandLine::ForCurrentProcess()->HasSwitch( 287 module_system->Require("appView");
313 extensions::switches::kEnableAppView) && 288 } else if (context_type == extensions::Feature::BLESSED_EXTENSION_CONTEXT) {
314 extension->permissions_data()->HasAPIPermission( 289 module_system->Require("denyAppView");
315 extensions::APIPermission::kAppView)) {
316 module_system->Require("appView");
317 } else {
318 module_system->Require("denyAppView");
319 }
320 } 290 }
321 291
322 if (extensions::FeatureSwitch::embedded_extension_options()->IsEnabled() && 292 if (extensions::FeatureSwitch::embedded_extension_options()->IsEnabled() &&
323 context->GetAvailability("extensionOptionsInternal").is_available()) { 293 context->GetAvailability("extensionOptionsInternal").is_available()) {
324 module_system->Require("extensionOptions"); 294 module_system->Require("extensionOptions");
325 } 295 }
326 } 296 }
327 297
328 void ChromeExtensionsDispatcherDelegate::OnActiveExtensionsUpdated( 298 void ChromeExtensionsDispatcherDelegate::OnActiveExtensionsUpdated(
329 const std::set<std::string>& extension_ids) { 299 const std::set<std::string>& extension_ids) {
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
378 new extensions::PermissionSet(extensions::APIPermissionSet(), 348 new extensions::PermissionSet(extensions::APIPermissionSet(),
379 extensions::ManifestPermissionSet(), 349 extensions::ManifestPermissionSet(),
380 origin_set, 350 origin_set,
381 extensions::URLPatternSet())); 351 extensions::URLPatternSet()));
382 } 352 }
383 353
384 void ChromeExtensionsDispatcherDelegate::HandleWebRequestAPIUsage( 354 void ChromeExtensionsDispatcherDelegate::HandleWebRequestAPIUsage(
385 bool webrequest_used) { 355 bool webrequest_used) {
386 webrequest_used_ = webrequest_used; 356 webrequest_used_ = webrequest_used;
387 } 357 }
OLDNEW
« no previous file with comments | « chrome/common/extensions/api/_api_features.json ('k') | extensions/common/feature_switch.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698