Chromium Code Reviews Chromium Code Reviews
Issue 573113002:
Relax shared module whitelist restriction (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/pepper_permission_util.h" | 5 #include "chrome/common/pepper_permission_util.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "chrome/common/extensions/features/feature_channel.h" | 10 #include "chrome/common/extensions/features/feature_channel.h" |
| (...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 108 // Important: whitelist *only* the shared module. | 108 // Important: whitelist *only* the shared module. |
| 109 whitelist.insert(shared_module->id()); | 109 whitelist.insert(shared_module->id()); |
| 110 | 110 |
| 111 extensions.Insert(ext); | 111 extensions.Insert(ext); |
| 112 // This should fail because shared_module is not in the set of extensions. | 112 // This should fail because shared_module is not in the set of extensions. |
| 113 EXPECT_FALSE(IsExtensionOrSharedModuleWhitelisted( | 113 EXPECT_FALSE(IsExtensionOrSharedModuleWhitelisted( |
| 114 GURL(extension_url), &extensions, whitelist)); | 114 GURL(extension_url), &extensions, whitelist)); |
| 115 extensions.Insert(shared_module); | 115 extensions.Insert(shared_module); |
| 116 EXPECT_TRUE(IsExtensionOrSharedModuleWhitelisted( | 116 EXPECT_TRUE(IsExtensionOrSharedModuleWhitelisted( |
| 117 GURL(extension_url), &extensions, whitelist)); | 117 GURL(extension_url), &extensions, whitelist)); |
| 118 scoped_refptr<Extension> bad_ext = | 118 scoped_refptr<Extension> not_in_sm_whitelist = |
| 119 CreateExtensionImportingModule(shared_module->id(), bad_id); | 119 CreateExtensionImportingModule(shared_module->id(), bad_id); |
| 120 std::string bad_extension_url = std::string("chrome-extension://") + | 120 std::string not_in_sm_whitelist_url = std::string("chrome-extension://") + |
| 121 bad_ext->id() + std::string("/foo.html"); | 121 not_in_sm_whitelist->id() + |
| 122 std::string("/foo.html"); | |
| 122 | 123 |
| 123 extensions.Insert(bad_ext); | 124 extensions.Insert(not_in_sm_whitelist); |
| 124 // This should fail because bad_ext is not whitelisted to use shared_module. | 125 // This should succeed, even though |not_in_sm_whitelist| is not whitelisted |
| 125 EXPECT_FALSE(IsExtensionOrSharedModuleWhitelisted( | 126 // to use shared_module, because the pepper permission utilitiy does not care |
|
Ken Rockot(use gerrit already)
2014/09/17 17:32:54
nit: "utility"
elijahtaylor1
2014/09/17 17:41:03
Done.
| |
| 126 GURL(bad_extension_url), &extensions, whitelist)); | 127 // about that whitelist. It is possible to install against the whitelist as |
| 128 // an unpacked extension. | |
| 129 EXPECT_TRUE(IsExtensionOrSharedModuleWhitelisted( | |
| 130 GURL(not_in_sm_whitelist_url), &extensions, whitelist)); | |
| 127 | 131 |
| 128 // Note that the whitelist should be empty after this call, so tests checking | 132 // Note that the whitelist should be empty after this call, so tests checking |
| 129 // for failure to import will fail because of this. | 133 // for failure to import will fail because of this. |
| 130 whitelist.erase(shared_module->id()); | 134 whitelist.erase(shared_module->id()); |
| 131 EXPECT_FALSE(IsExtensionOrSharedModuleWhitelisted( | 135 EXPECT_FALSE(IsExtensionOrSharedModuleWhitelisted( |
| 132 GURL(extension_url), &extensions, whitelist)); | 136 GURL(extension_url), &extensions, whitelist)); |
| 133 } | 137 } |
| 134 | 138 |
| 135 } // namespace extensions | 139 } // namespace extensions |
| OLD | NEW |
