Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(878)

Side by Side Diff: chrome/renderer/extensions/extension_dispatcher.cc

Issue 10458063: Add sanbdoxed_pages to allow extension/app pages to be served in a sandboxed, unique origin (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: CheckCurrentContextAccessToExtensionAPI Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/renderer/extensions/extension_dispatcher.h" 5 #include "chrome/renderer/extensions/extension_dispatcher.h"
6 6
7 #include "base/callback.h" 7 #include "base/callback.h"
8 #include "base/command_line.h" 8 #include "base/command_line.h"
9 #include "base/memory/scoped_ptr.h" 9 #include "base/memory/scoped_ptr.h"
10 #include "base/string_piece.h" 10 #include "base/string_piece.h"
(...skipping 878 matching lines...) Expand 10 before | Expand all | Expand 10 after
889 RenderThread::Get()->Send(new ExtensionHostMsg_UnloadAck(extension_id)); 889 RenderThread::Get()->Send(new ExtensionHostMsg_UnloadAck(extension_id));
890 } 890 }
891 891
892 Feature::Context ExtensionDispatcher::ClassifyJavaScriptContext( 892 Feature::Context ExtensionDispatcher::ClassifyJavaScriptContext(
893 const std::string& extension_id, 893 const std::string& extension_id,
894 int extension_group, 894 int extension_group,
895 const ExtensionURLInfo& url_info) { 895 const ExtensionURLInfo& url_info) {
896 if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS) 896 if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS)
897 return Feature::CONTENT_SCRIPT_CONTEXT; 897 return Feature::CONTENT_SCRIPT_CONTEXT;
898 898
899 // We have an explicit check for sandboxed pages first since:
900 // 1. Sandboxed pages run in the same process as regular extension pages, so
901 // the extension is considered active.
902 // 2. ScriptContext creation (which triggers bindings injection) happens
903 // before the SecurityContext is updated with the sandbox flags (after
904 // reading the CSP header), so url_info.url().securityOrigin() is not
905 // unique yet.
906 if (extensions_.IsSandboxedPage(url_info))
907 return Feature::WEB_PAGE_CONTEXT;
908
899 if (IsExtensionActive(extension_id)) 909 if (IsExtensionActive(extension_id))
900 return Feature::BLESSED_EXTENSION_CONTEXT; 910 return Feature::BLESSED_EXTENSION_CONTEXT;
901 911
902 if (extensions_.ExtensionBindingsAllowed(url_info)) 912 if (extensions_.ExtensionBindingsAllowed(url_info))
903 return Feature::UNBLESSED_EXTENSION_CONTEXT; 913 return Feature::UNBLESSED_EXTENSION_CONTEXT;
904 914
905 if (url_info.url().is_valid()) 915 if (url_info.url().is_valid())
906 return Feature::WEB_PAGE_CONTEXT; 916 return Feature::WEB_PAGE_CONTEXT;
907 917
908 return Feature::UNSPECIFIED_CONTEXT; 918 return Feature::UNSPECIFIED_CONTEXT;
(...skipping 18 matching lines...) Expand all
927 !context->extension()->HasAPIPermission(function_name)) { 937 !context->extension()->HasAPIPermission(function_name)) {
928 static const char kMessage[] = 938 static const char kMessage[] =
929 "You do not have permission to use '%s'. Be sure to declare" 939 "You do not have permission to use '%s'. Be sure to declare"
930 " in your manifest what permissions you need."; 940 " in your manifest what permissions you need.";
931 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); 941 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str());
932 v8::ThrowException( 942 v8::ThrowException(
933 v8::Exception::Error(v8::String::New(error_msg.c_str()))); 943 v8::Exception::Error(v8::String::New(error_msg.c_str())));
934 return false; 944 return false;
935 } 945 }
936 946
937 if (!IsExtensionActive(context->extension()->id()) && 947 if (ExtensionAPI::GetSharedInstance()->IsPrivileged(function_name) &&
938 ExtensionAPI::GetSharedInstance()->IsPrivileged(function_name)) { 948 context->context_type() != Feature::BLESSED_EXTENSION_CONTEXT) {
939 static const char kMessage[] = 949 static const char kMessage[] =
940 "%s can only be used in an extension process."; 950 "%s can only be used in an extension process.";
941 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); 951 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str());
942 v8::ThrowException( 952 v8::ThrowException(
943 v8::Exception::Error(v8::String::New(error_msg.c_str()))); 953 v8::Exception::Error(v8::String::New(error_msg.c_str())));
944 return false; 954 return false;
945 } 955 }
946 956
957 // We should never end up with sandboxed contexts trying to invoke extension
Mihai Parparita -not on Chrome 2012/06/05 23:39:06 Adam also suggested checking at API invocation tim
958 // APIs, they don't get extension bindings injected. If we end up here it
959 // means that a sandboxed page somehow managed to invoke an API anyway, so
960 // we should abort.
961 WebKit::WebFrame* frame = context->web_frame();
962 ExtensionURLInfo url_info(frame->document().securityOrigin(),
963 UserScriptSlave::GetDataSourceURLForFrame(frame));
964 CHECK(!extensions_.IsSandboxedPage(url_info));
965
947 return true; 966 return true;
948 } 967 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698