`chrome.browsingData` extension API can now remove data from protected origins.

chrome/browser/extensions/api/browsing_data/browsing_data_api.cc

Index: chrome/browser/extensions/api/browsing_data/browsing_data_api.cc
diff --git a/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc b/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc
index 5fc3b9903acc91e4ac87e55a52229d6adf05648a..31679147a5a4df07f5d2b2970ce67968b5b50fa6 100644
--- a/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc
+++ b/chrome/browser/extensions/api/browsing_data/browsing_data_api.cc
@@ -41,10 +41,14 @@ const char kPluginDataKey[] = "pluginData";
 const char kWebSQLKey[] = "webSQL";
 
 // Option Keys.
+const char kExtensionsKey[] = "extensions";
+const char kOriginTypesKey[] = "origin_types";
+const char kProtectedWebKey[] = "protected_web";
 const char kSinceKey[] = "since";
+const char kUnprotectedWebKey[] = "unprotected_web";
 
 // Errors!
-const char kOneAtATimeError[] = "Only one 'browsingData' API call can run at"
+const char kOneAtATimeError[] = "Only one 'browsingData' API call can run at "
                                 "a time.";
 
 }  // namespace extension_browsing_data_api_constants
@@ -128,6 +132,29 @@ bool BrowsingDataExtensionFunction::RunImpl() {
                           &ms_since_epoch))
     ms_since_epoch = 0;
 
+  // If |m_origin_set_mask| isn't set, default it to 'UNPROTECTED_WEB'.

[Bernhard Bauer, 2012/06/04 11:20:16]

Nit: |origin_set_mask_|

[Mike West, 2012/06/04 12:23:39]

Done.

+  origin_set_mask_ = 0;

[Bernhard Bauer, 2012/06/04 11:20:16]

I guess you could directly initialize the value to
BrowsingDataHelper::UNPROTECTED_WEB?

[Mike West, 2012/06/04 12:23:39]

I'm not sure that would save me any work: I'd still have to set it to 0 inside
the `if` block (the developer might specify only `["protected_web"]`). But I
guess it's slightly faster when there's no `origin_type` specified...

[Bernhard Bauer, 2012/06/04 12:42:17]

Ah, true. Just do what's simpler then.

+  ListValue* origin_set_list = NULL;
+  if (options->GetList(extension_browsing_data_api_constants::kOriginTypesKey,

[Bernhard Bauer, 2012/06/04 11:20:16]

You could be more aggressive in enforcing parameter validity here, i.e.
EXTENSION_FUNCTION_VALIDATE instead of silently ignoring invalid values.

[Mike West, 2012/06/04 12:23:39]

Done.

+                       &origin_set_list)) {
+    for (size_t i = 0; i < origin_set_list->GetSize(); ++i) {
+      std::string value;
+      if (!origin_set_list->GetString(i, &value))
+        continue;
+
+      if (value == extension_browsing_data_api_constants::kUnprotectedWebKey)
+        origin_set_mask_ |= BrowsingDataHelper::UNPROTECTED_WEB;
+      else if (value == extension_browsing_data_api_constants::kProtectedWebKey)
+        origin_set_mask_ |= BrowsingDataHelper::PROTECTED_WEB;
+      else if (value == extension_browsing_data_api_constants::kExtensionsKey)

[Bernhard Bauer, 2012/06/04 11:20:16]

This value isn't in the API definition.

[Mike West, 2012/06/04 12:23:39]

That's intentional. I'm not sure we want to open up that particular pandora's
box. But I'll drop a quick line to our group to see what other people think.

[Bernhard Bauer, 2012/06/04 12:42:17]

Fair enough, but then you shouldn't accept it here either; otherwise a malicious
extension / compromised renderer could bypass the JS-side validation and clear
extension data.

[Mike West, 2012/06/04 13:20:53]

Fair enough. Commented out for the moment. Once we make a decision, I'll either
uncomment it, or remove it entirely.

+        origin_set_mask_ |= BrowsingDataHelper::EXTENSION;
+      else
+        continue;
+    }
+  } else {
+    origin_set_mask_ = BrowsingDataHelper::UNPROTECTED_WEB;
+  }
+
   // base::Time takes a double that represents seconds since epoch. JavaScript
   // gives developers milliseconds, so do a quick conversion before populating
   // the object. Also, Time::FromDoubleT converts double time 0 to empty Time
@@ -177,7 +204,7 @@ void BrowsingDataExtensionFunction::StartRemoving() {
   BrowsingDataRemover* remover = new BrowsingDataRemover(
       GetCurrentBrowser()->profile(), remove_since_, base::Time::Now());
   remover->AddObserver(this);
-  remover->Remove(removal_mask_, BrowsingDataHelper::UNPROTECTED_WEB);
+  remover->Remove(removal_mask_, origin_set_mask_);
 }
 
 int RemoveBrowsingDataFunction::GetRemovalMask() const {