Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/extensions/extension_dispatcher.h" | 5 #include "chrome/renderer/extensions/extension_dispatcher.h" |
| 6 | 6 |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/string_piece.h" | 10 #include "base/string_piece.h" |
| (...skipping 878 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 889 RenderThread::Get()->Send(new ExtensionHostMsg_UnloadAck(extension_id)); | 889 RenderThread::Get()->Send(new ExtensionHostMsg_UnloadAck(extension_id)); |
| 890 } | 890 } |
| 891 | 891 |
| 892 Feature::Context ExtensionDispatcher::ClassifyJavaScriptContext( | 892 Feature::Context ExtensionDispatcher::ClassifyJavaScriptContext( |
| 893 const std::string& extension_id, | 893 const std::string& extension_id, |
| 894 int extension_group, | 894 int extension_group, |
| 895 const ExtensionURLInfo& url_info) { | 895 const ExtensionURLInfo& url_info) { |
| 896 if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS) | 896 if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS) |
| 897 return Feature::CONTENT_SCRIPT_CONTEXT; | 897 return Feature::CONTENT_SCRIPT_CONTEXT; |
| 898 | 898 |
| 899 // We have an explicit check for sandboxed pages first since: | |
| 900 // 1. Sandboxed pages run in the same process as regular extension pages, so | |
| 901 // the extension is considered active. | |
| 902 // 2. ScriptContext creation (which triggers bindings injection) happens | |
| 903 // before the SecurityContext is updated with the sandbox flags (after | |
| 904 // reading the CSP header), so url_info.url().securityOrigin() is not | |
| 905 // unique yet. | |
| 906 if (extensions_.IsSandboxedPage(url_info)) | |
| 907 return Feature::WEB_PAGE_CONTEXT; | |
| 908 | |
| 899 if (IsExtensionActive(extension_id)) | 909 if (IsExtensionActive(extension_id)) |
| 900 return Feature::BLESSED_EXTENSION_CONTEXT; | 910 return Feature::BLESSED_EXTENSION_CONTEXT; |
| 901 | 911 |
| 902 if (extensions_.ExtensionBindingsAllowed(url_info)) | 912 if (extensions_.ExtensionBindingsAllowed(url_info)) |
| 903 return Feature::UNBLESSED_EXTENSION_CONTEXT; | 913 return Feature::UNBLESSED_EXTENSION_CONTEXT; |
| 904 | 914 |
| 905 if (url_info.url().is_valid()) | 915 if (url_info.url().is_valid()) |
| 906 return Feature::WEB_PAGE_CONTEXT; | 916 return Feature::WEB_PAGE_CONTEXT; |
| 907 | 917 |
| 908 return Feature::UNSPECIFIED_CONTEXT; | 918 return Feature::UNSPECIFIED_CONTEXT; |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 927 !context->extension()->HasAPIPermission(function_name)) { | 937 !context->extension()->HasAPIPermission(function_name)) { |
| 928 static const char kMessage[] = | 938 static const char kMessage[] = |
| 929 "You do not have permission to use '%s'. Be sure to declare" | 939 "You do not have permission to use '%s'. Be sure to declare" |
| 930 " in your manifest what permissions you need."; | 940 " in your manifest what permissions you need."; |
| 931 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); | 941 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); |
| 932 v8::ThrowException( | 942 v8::ThrowException( |
| 933 v8::Exception::Error(v8::String::New(error_msg.c_str()))); | 943 v8::Exception::Error(v8::String::New(error_msg.c_str()))); |
| 934 return false; | 944 return false; |
| 935 } | 945 } |
| 936 | 946 |
| 937 if (!IsExtensionActive(context->extension()->id()) && | 947 if (ExtensionAPI::GetSharedInstance()->IsPrivileged(function_name) && |
| 938 ExtensionAPI::GetSharedInstance()->IsPrivileged(function_name)) { | 948 context->context_type() != Feature::BLESSED_EXTENSION_CONTEXT) { |
| 939 static const char kMessage[] = | 949 static const char kMessage[] = |
| 940 "%s can only be used in an extension process."; | 950 "%s can only be used in an extension process."; |
| 941 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); | 951 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); |
| 942 v8::ThrowException( | 952 v8::ThrowException( |
| 943 v8::Exception::Error(v8::String::New(error_msg.c_str()))); | 953 v8::Exception::Error(v8::String::New(error_msg.c_str()))); |
| 944 return false; | 954 return false; |
| 945 } | 955 } |
| 946 | 956 |
| 957 // We should never end up with sandboxed contexts trying to invoke extension | |
|
Mihai Parparita -not on Chrome
2012/06/05 23:39:06
Adam also suggested checking at API invocation tim
| |
| 958 // APIs, they don't get extension bindings injected. If we end up here it | |
| 959 // means that a sandboxed page somehow managed to invoke an API anyway, so | |
| 960 // we should abort. | |
| 961 WebKit::WebFrame* frame = context->web_frame(); | |
| 962 ExtensionURLInfo url_info(frame->document().securityOrigin(), | |
| 963 UserScriptSlave::GetDataSourceURLForFrame(frame)); | |
| 964 CHECK(!extensions_.IsSandboxedPage(url_info)); | |
| 965 | |
| 947 return true; | 966 return true; |
| 948 } | 967 } |
| OLD | NEW |