OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/extensions/extension.h" | 5 #include "chrome/common/extensions/extension.h" |
6 | 6 |
7 #include <ostream> | 7 #include <ostream> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
(...skipping 19 matching lines...) Expand all Loading... |
30 #include "chrome/common/extensions/csp_validator.h" | 30 #include "chrome/common/extensions/csp_validator.h" |
31 #include "chrome/common/extensions/extension_action.h" | 31 #include "chrome/common/extensions/extension_action.h" |
32 #include "chrome/common/extensions/extension_error_utils.h" | 32 #include "chrome/common/extensions/extension_error_utils.h" |
33 #include "chrome/common/extensions/extension_manifest_constants.h" | 33 #include "chrome/common/extensions/extension_manifest_constants.h" |
34 #include "chrome/common/extensions/extension_resource.h" | 34 #include "chrome/common/extensions/extension_resource.h" |
35 #include "chrome/common/extensions/extension_switch_utils.h" | 35 #include "chrome/common/extensions/extension_switch_utils.h" |
36 #include "chrome/common/extensions/features/feature.h" | 36 #include "chrome/common/extensions/features/feature.h" |
37 #include "chrome/common/extensions/features/simple_feature_provider.h" | 37 #include "chrome/common/extensions/features/simple_feature_provider.h" |
38 #include "chrome/common/extensions/file_browser_handler.h" | 38 #include "chrome/common/extensions/file_browser_handler.h" |
39 #include "chrome/common/extensions/manifest.h" | 39 #include "chrome/common/extensions/manifest.h" |
| 40 #include "chrome/common/extensions/permissions/permissions_info.h" |
40 #include "chrome/common/extensions/url_pattern_set.h" | 41 #include "chrome/common/extensions/url_pattern_set.h" |
41 #include "chrome/common/extensions/user_script.h" | 42 #include "chrome/common/extensions/user_script.h" |
42 #include "chrome/common/url_constants.h" | 43 #include "chrome/common/url_constants.h" |
43 #include "crypto/sha2.h" | 44 #include "crypto/sha2.h" |
44 #include "googleurl/src/url_util.h" | 45 #include "googleurl/src/url_util.h" |
45 #include "grit/chromium_strings.h" | 46 #include "grit/chromium_strings.h" |
46 #include "grit/generated_resources.h" | 47 #include "grit/generated_resources.h" |
47 #include "grit/theme_resources_standard.h" | 48 #include "grit/theme_resources_standard.h" |
48 #include "net/base/registry_controlled_domain.h" | 49 #include "net/base/registry_controlled_domain.h" |
49 #include "third_party/skia/include/core/SkBitmap.h" | 50 #include "third_party/skia/include/core/SkBitmap.h" |
(...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
274 } | 275 } |
275 | 276 |
276 Extension::InputComponentInfo::~InputComponentInfo() {} | 277 Extension::InputComponentInfo::~InputComponentInfo() {} |
277 | 278 |
278 Extension::TtsVoice::TtsVoice() {} | 279 Extension::TtsVoice::TtsVoice() {} |
279 Extension::TtsVoice::~TtsVoice() {} | 280 Extension::TtsVoice::~TtsVoice() {} |
280 | 281 |
281 Extension::OAuth2Info::OAuth2Info() {} | 282 Extension::OAuth2Info::OAuth2Info() {} |
282 Extension::OAuth2Info::~OAuth2Info() {} | 283 Extension::OAuth2Info::~OAuth2Info() {} |
283 | 284 |
284 ExtensionOAuth2Scopes Extension::OAuth2Info::GetScopesAsSet() { | 285 OAuth2Scopes Extension::OAuth2Info::GetScopesAsSet() { |
285 ExtensionOAuth2Scopes result; | 286 OAuth2Scopes result; |
286 std::copy(scopes.begin(), scopes.end(), | 287 std::copy(scopes.begin(), scopes.end(), |
287 std::inserter(result, result.begin())); | 288 std::inserter(result, result.begin())); |
288 return result; | 289 return result; |
289 } | 290 } |
290 | 291 |
291 // | 292 // |
292 // Extension | 293 // Extension |
293 // | 294 // |
294 | 295 |
295 // static | 296 // static |
(...skipping 999 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1295 keys::kLaunchHeight, | 1296 keys::kLaunchHeight, |
1296 &launch_height_, | 1297 &launch_height_, |
1297 can_specify_initial_size, | 1298 can_specify_initial_size, |
1298 error)) | 1299 error)) |
1299 return false; | 1300 return false; |
1300 | 1301 |
1301 return true; | 1302 return true; |
1302 } | 1303 } |
1303 | 1304 |
1304 bool Extension::LoadSharedFeatures( | 1305 bool Extension::LoadSharedFeatures( |
1305 const ExtensionAPIPermissionSet& api_permissions, | 1306 const APIPermissionSet& api_permissions, |
1306 string16* error) { | 1307 string16* error) { |
1307 if (!LoadDescription(error) || | 1308 if (!LoadDescription(error) || |
1308 !LoadHomepageURL(error) || | 1309 !LoadHomepageURL(error) || |
1309 !LoadUpdateURL(error) || | 1310 !LoadUpdateURL(error) || |
1310 !LoadIcons(error) || | 1311 !LoadIcons(error) || |
1311 !LoadCommands(error) || | 1312 !LoadCommands(error) || |
1312 !LoadPlugins(error) || | 1313 !LoadPlugins(error) || |
1313 !LoadNaClModules(error) || | 1314 !LoadNaClModules(error) || |
1314 !LoadWebAccessibleResources(error) || | 1315 !LoadWebAccessibleResources(error) || |
1315 !LoadSandboxedPages(error) || | 1316 !LoadSandboxedPages(error) || |
(...skipping 457 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1773 errors::kInvalidBackgroundScript, base::IntToString(i)); | 1774 errors::kInvalidBackgroundScript, base::IntToString(i)); |
1774 return false; | 1775 return false; |
1775 } | 1776 } |
1776 background_scripts_.push_back(script); | 1777 background_scripts_.push_back(script); |
1777 } | 1778 } |
1778 | 1779 |
1779 return true; | 1780 return true; |
1780 } | 1781 } |
1781 | 1782 |
1782 bool Extension::LoadBackgroundPage( | 1783 bool Extension::LoadBackgroundPage( |
1783 const ExtensionAPIPermissionSet& api_permissions, | 1784 const APIPermissionSet& api_permissions, |
1784 string16* error) { | 1785 string16* error) { |
1785 if (is_platform_app()) { | 1786 if (is_platform_app()) { |
1786 return LoadBackgroundPage( | 1787 return LoadBackgroundPage( |
1787 keys::kPlatformAppBackgroundPage, api_permissions, error); | 1788 keys::kPlatformAppBackgroundPage, api_permissions, error); |
1788 } | 1789 } |
1789 | 1790 |
1790 if (!LoadBackgroundPage(keys::kBackgroundPage, api_permissions, error)) | 1791 if (!LoadBackgroundPage(keys::kBackgroundPage, api_permissions, error)) |
1791 return false; | 1792 return false; |
1792 if (background_url_.is_empty()) | 1793 if (background_url_.is_empty()) |
1793 return LoadBackgroundPage( | 1794 return LoadBackgroundPage( |
1794 keys::kBackgroundPageLegacy, api_permissions, error); | 1795 keys::kBackgroundPageLegacy, api_permissions, error); |
1795 return true; | 1796 return true; |
1796 } | 1797 } |
1797 | 1798 |
1798 bool Extension::LoadBackgroundPage( | 1799 bool Extension::LoadBackgroundPage( |
1799 const std::string& key, | 1800 const std::string& key, |
1800 const ExtensionAPIPermissionSet& api_permissions, | 1801 const APIPermissionSet& api_permissions, |
1801 string16* error) { | 1802 string16* error) { |
1802 base::Value* background_page_value = NULL; | 1803 base::Value* background_page_value = NULL; |
1803 if (!manifest_->Get(key, &background_page_value)) | 1804 if (!manifest_->Get(key, &background_page_value)) |
1804 return true; | 1805 return true; |
1805 | 1806 |
1806 if (!background_scripts_.empty()) { | 1807 if (!background_scripts_.empty()) { |
1807 *error = ASCIIToUTF16(errors::kInvalidBackgroundCombination); | 1808 *error = ASCIIToUTF16(errors::kInvalidBackgroundCombination); |
1808 return false; | 1809 return false; |
1809 } | 1810 } |
1810 | 1811 |
1811 | 1812 |
1812 std::string background_str; | 1813 std::string background_str; |
1813 if (!background_page_value->GetAsString(&background_str)) { | 1814 if (!background_page_value->GetAsString(&background_str)) { |
1814 *error = ASCIIToUTF16(errors::kInvalidBackground); | 1815 *error = ASCIIToUTF16(errors::kInvalidBackground); |
1815 return false; | 1816 return false; |
1816 } | 1817 } |
1817 | 1818 |
1818 if (is_hosted_app()) { | 1819 if (is_hosted_app()) { |
1819 background_url_ = GURL(background_str); | 1820 background_url_ = GURL(background_str); |
1820 | 1821 |
1821 // Make sure "background" permission is set. | 1822 // Make sure "background" permission is set. |
1822 if (!api_permissions.count(ExtensionAPIPermission::kBackground)) { | 1823 if (!api_permissions.count(APIPermission::kBackground)) { |
1823 *error = ASCIIToUTF16(errors::kBackgroundPermissionNeeded); | 1824 *error = ASCIIToUTF16(errors::kBackgroundPermissionNeeded); |
1824 return false; | 1825 return false; |
1825 } | 1826 } |
1826 // Hosted apps require an absolute URL. | 1827 // Hosted apps require an absolute URL. |
1827 if (!background_url_.is_valid()) { | 1828 if (!background_url_.is_valid()) { |
1828 *error = ASCIIToUTF16(errors::kInvalidBackgroundInHostedApp); | 1829 *error = ASCIIToUTF16(errors::kInvalidBackgroundInHostedApp); |
1829 return false; | 1830 return false; |
1830 } | 1831 } |
1831 | 1832 |
1832 if (!(background_url_.SchemeIs("https") || | 1833 if (!(background_url_.SchemeIs("https") || |
1833 (CommandLine::ForCurrentProcess()->HasSwitch( | 1834 (CommandLine::ForCurrentProcess()->HasSwitch( |
1834 switches::kAllowHTTPBackgroundPage) && | 1835 switches::kAllowHTTPBackgroundPage) && |
1835 background_url_.SchemeIs("http")))) { | 1836 background_url_.SchemeIs("http")))) { |
1836 *error = ASCIIToUTF16(errors::kInvalidBackgroundInHostedApp); | 1837 *error = ASCIIToUTF16(errors::kInvalidBackgroundInHostedApp); |
1837 return false; | 1838 return false; |
1838 } | 1839 } |
1839 } else { | 1840 } else { |
1840 background_url_ = GetResourceURL(background_str); | 1841 background_url_ = GetResourceURL(background_str); |
1841 } | 1842 } |
1842 | 1843 |
1843 return true; | 1844 return true; |
1844 } | 1845 } |
1845 | 1846 |
1846 bool Extension::LoadBackgroundPersistent( | 1847 bool Extension::LoadBackgroundPersistent( |
1847 const ExtensionAPIPermissionSet& api_permissions, | 1848 const APIPermissionSet& api_permissions, |
1848 string16* error) { | 1849 string16* error) { |
1849 if (is_platform_app()) { | 1850 if (is_platform_app()) { |
1850 background_page_is_persistent_ = false; | 1851 background_page_is_persistent_ = false; |
1851 return true; | 1852 return true; |
1852 } | 1853 } |
1853 | 1854 |
1854 Value* background_persistent = NULL; | 1855 Value* background_persistent = NULL; |
1855 if (!manifest_->Get(keys::kBackgroundPersistent, &background_persistent)) | 1856 if (!manifest_->Get(keys::kBackgroundPersistent, &background_persistent)) |
1856 return true; | 1857 return true; |
1857 | 1858 |
1858 if (!background_persistent->GetAsBoolean(&background_page_is_persistent_)) { | 1859 if (!background_persistent->GetAsBoolean(&background_page_is_persistent_)) { |
1859 *error = ASCIIToUTF16(errors::kInvalidBackgroundPersistent); | 1860 *error = ASCIIToUTF16(errors::kInvalidBackgroundPersistent); |
1860 return false; | 1861 return false; |
1861 } | 1862 } |
1862 | 1863 |
1863 if (!has_background_page()) { | 1864 if (!has_background_page()) { |
1864 *error = ASCIIToUTF16(errors::kInvalidBackgroundPersistentNoPage); | 1865 *error = ASCIIToUTF16(errors::kInvalidBackgroundPersistentNoPage); |
1865 return false; | 1866 return false; |
1866 } | 1867 } |
1867 | 1868 |
1868 return true; | 1869 return true; |
1869 } | 1870 } |
1870 | 1871 |
1871 bool Extension::LoadBackgroundAllowJSAccess( | 1872 bool Extension::LoadBackgroundAllowJSAccess( |
1872 const ExtensionAPIPermissionSet& api_permissions, | 1873 const APIPermissionSet& api_permissions, |
1873 string16* error) { | 1874 string16* error) { |
1874 Value* allow_js_access = NULL; | 1875 Value* allow_js_access = NULL; |
1875 if (!manifest_->Get(keys::kBackgroundAllowJsAccess, &allow_js_access)) | 1876 if (!manifest_->Get(keys::kBackgroundAllowJsAccess, &allow_js_access)) |
1876 return true; | 1877 return true; |
1877 | 1878 |
1878 if (!allow_js_access->IsType(Value::TYPE_BOOLEAN) || | 1879 if (!allow_js_access->IsType(Value::TYPE_BOOLEAN) || |
1879 !allow_js_access->GetAsBoolean(&allow_background_js_access_)) { | 1880 !allow_js_access->GetAsBoolean(&allow_background_js_access_)) { |
1880 *error = ASCIIToUTF16(errors::kInvalidBackgroundAllowJsAccess); | 1881 *error = ASCIIToUTF16(errors::kInvalidBackgroundAllowJsAccess); |
1881 return false; | 1882 return false; |
1882 } | 1883 } |
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2039 *error = ASCIIToUTF16(errors::kInvalidIntent); | 2040 *error = ASCIIToUTF16(errors::kInvalidIntent); |
2040 return false; | 2041 return false; |
2041 } | 2042 } |
2042 if (!LoadWebIntentAction(*iter, *one_service, error)) | 2043 if (!LoadWebIntentAction(*iter, *one_service, error)) |
2043 return false; | 2044 return false; |
2044 } | 2045 } |
2045 } | 2046 } |
2046 return true; | 2047 return true; |
2047 } | 2048 } |
2048 bool Extension::LoadExtensionFeatures( | 2049 bool Extension::LoadExtensionFeatures( |
2049 const ExtensionAPIPermissionSet& api_permissions, | 2050 const APIPermissionSet& api_permissions, |
2050 string16* error) { | 2051 string16* error) { |
2051 if (manifest_->HasKey(keys::kConvertedFromUserScript)) | 2052 if (manifest_->HasKey(keys::kConvertedFromUserScript)) |
2052 manifest_->GetBoolean(keys::kConvertedFromUserScript, | 2053 manifest_->GetBoolean(keys::kConvertedFromUserScript, |
2053 &converted_from_user_script_); | 2054 &converted_from_user_script_); |
2054 | 2055 |
2055 if (!LoadDevToolsPage(error) || | 2056 if (!LoadDevToolsPage(error) || |
2056 !LoadInputComponents(api_permissions, error) || | 2057 !LoadInputComponents(api_permissions, error) || |
2057 !LoadContentScripts(error) || | 2058 !LoadContentScripts(error) || |
2058 !LoadPageAction(error) || | 2059 !LoadPageAction(error) || |
2059 !LoadBrowserAction(error) || | 2060 !LoadBrowserAction(error) || |
(...skipping 15 matching lines...) Expand all Loading... |
2075 std::string devtools_str; | 2076 std::string devtools_str; |
2076 if (!manifest_->GetString(keys::kDevToolsPage, &devtools_str)) { | 2077 if (!manifest_->GetString(keys::kDevToolsPage, &devtools_str)) { |
2077 *error = ASCIIToUTF16(errors::kInvalidDevToolsPage); | 2078 *error = ASCIIToUTF16(errors::kInvalidDevToolsPage); |
2078 return false; | 2079 return false; |
2079 } | 2080 } |
2080 devtools_url_ = GetResourceURL(devtools_str); | 2081 devtools_url_ = GetResourceURL(devtools_str); |
2081 return true; | 2082 return true; |
2082 } | 2083 } |
2083 | 2084 |
2084 bool Extension::LoadInputComponents( | 2085 bool Extension::LoadInputComponents( |
2085 const ExtensionAPIPermissionSet& api_permissions, | 2086 const APIPermissionSet& api_permissions, |
2086 string16* error) { | 2087 string16* error) { |
2087 if (!manifest_->HasKey(keys::kInputComponents)) | 2088 if (!manifest_->HasKey(keys::kInputComponents)) |
2088 return true; | 2089 return true; |
2089 ListValue* list_value = NULL; | 2090 ListValue* list_value = NULL; |
2090 if (!manifest_->GetList(keys::kInputComponents, &list_value)) { | 2091 if (!manifest_->GetList(keys::kInputComponents, &list_value)) { |
2091 *error = ASCIIToUTF16(errors::kInvalidInputComponents); | 2092 *error = ASCIIToUTF16(errors::kInvalidInputComponents); |
2092 return false; | 2093 return false; |
2093 } | 2094 } |
2094 | 2095 |
2095 for (size_t i = 0; i < list_value->GetSize(); ++i) { | 2096 for (size_t i = 0; i < list_value->GetSize(); ++i) { |
(...skipping 605 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2701 // default Content-Security-Policy? | 2702 // default Content-Security-Policy? |
2702 content_security_policy_ = is_platform_app() ? | 2703 content_security_policy_ = is_platform_app() ? |
2703 kDefaultPlatformAppContentSecurityPolicy : | 2704 kDefaultPlatformAppContentSecurityPolicy : |
2704 kDefaultContentSecurityPolicy; | 2705 kDefaultContentSecurityPolicy; |
2705 CHECK(ContentSecurityPolicyIsSecure(content_security_policy_)); | 2706 CHECK(ContentSecurityPolicyIsSecure(content_security_policy_)); |
2706 } | 2707 } |
2707 return true; | 2708 return true; |
2708 } | 2709 } |
2709 | 2710 |
2710 bool Extension::LoadAppIsolation( | 2711 bool Extension::LoadAppIsolation( |
2711 const ExtensionAPIPermissionSet& api_permissions, string16* error) { | 2712 const APIPermissionSet& api_permissions, string16* error) { |
2712 // Platform apps always get isolated storage. | 2713 // Platform apps always get isolated storage. |
2713 if (is_platform_app()) { | 2714 if (is_platform_app()) { |
2714 is_storage_isolated_ = true; | 2715 is_storage_isolated_ = true; |
2715 return true; | 2716 return true; |
2716 } | 2717 } |
2717 | 2718 |
2718 // Other apps only get it if it is requested _and_ experimental APIs are | 2719 // Other apps only get it if it is requested _and_ experimental APIs are |
2719 // enabled. | 2720 // enabled. |
2720 if (!api_permissions.count(ExtensionAPIPermission::kExperimental) || | 2721 if (!api_permissions.count(APIPermission::kExperimental) || |
2721 !is_app()) { | 2722 !is_app()) { |
2722 return true; | 2723 return true; |
2723 } | 2724 } |
2724 | 2725 |
2725 Value* temp = NULL; | 2726 Value* temp = NULL; |
2726 if (!manifest_->Get(keys::kIsolation, &temp)) | 2727 if (!manifest_->Get(keys::kIsolation, &temp)) |
2727 return true; | 2728 return true; |
2728 | 2729 |
2729 if (temp->GetType() != Value::TYPE_LIST) { | 2730 if (temp->GetType() != Value::TYPE_LIST) { |
2730 *error = ASCIIToUTF16(errors::kInvalidIsolation); | 2731 *error = ASCIIToUTF16(errors::kInvalidIsolation); |
(...skipping 321 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3052 return GURL(std::string(chrome::kExtensionScheme) + | 3053 return GURL(std::string(chrome::kExtensionScheme) + |
3053 content::kStandardSchemeSeparator + extension_id + "/"); | 3054 content::kStandardSchemeSeparator + extension_id + "/"); |
3054 } | 3055 } |
3055 | 3056 |
3056 bool Extension::InitFromValue(int flags, string16* error) { | 3057 bool Extension::InitFromValue(int flags, string16* error) { |
3057 DCHECK(error); | 3058 DCHECK(error); |
3058 | 3059 |
3059 base::AutoLock auto_lock(runtime_data_lock_); | 3060 base::AutoLock auto_lock(runtime_data_lock_); |
3060 | 3061 |
3061 // Initialize permissions with an empty, default permission set. | 3062 // Initialize permissions with an empty, default permission set. |
3062 runtime_data_.SetActivePermissions(new ExtensionPermissionSet()); | 3063 runtime_data_.SetActivePermissions(new PermissionSet()); |
3063 optional_permission_set_ = new ExtensionPermissionSet(); | 3064 optional_permission_set_ = new PermissionSet(); |
3064 required_permission_set_ = new ExtensionPermissionSet(); | 3065 required_permission_set_ = new PermissionSet(); |
3065 | 3066 |
3066 creation_flags_ = flags; | 3067 creation_flags_ = flags; |
3067 | 3068 |
3068 // Important to load manifest version first because many other features | 3069 // Important to load manifest version first because many other features |
3069 // depend on its value. | 3070 // depend on its value. |
3070 if (!LoadManifestVersion(error)) | 3071 if (!LoadManifestVersion(error)) |
3071 return false; | 3072 return false; |
3072 | 3073 |
3073 // Validate minimum Chrome version. We don't need to store this, since the | 3074 // Validate minimum Chrome version. We don't need to store this, since the |
3074 // extension is not valid if it is incorrect | 3075 // extension is not valid if it is incorrect |
3075 if (!CheckMinimumChromeVersion(error)) | 3076 if (!CheckMinimumChromeVersion(error)) |
3076 return false; | 3077 return false; |
3077 | 3078 |
3078 if (!LoadRequiredFeatures(error)) | 3079 if (!LoadRequiredFeatures(error)) |
3079 return false; | 3080 return false; |
3080 | 3081 |
3081 // We don't ned to validate because InitExtensionID already did that. | 3082 // We don't ned to validate because InitExtensionID already did that. |
3082 manifest_->GetString(keys::kPublicKey, &public_key_); | 3083 manifest_->GetString(keys::kPublicKey, &public_key_); |
3083 | 3084 |
3084 extension_url_ = Extension::GetBaseURLFromExtensionId(id()); | 3085 extension_url_ = Extension::GetBaseURLFromExtensionId(id()); |
3085 | 3086 |
3086 // Load App settings. LoadExtent at least has to be done before | 3087 // Load App settings. LoadExtent at least has to be done before |
3087 // ParsePermissions(), because the valid permissions depend on what type of | 3088 // ParsePermissions(), because the valid permissions depend on what type of |
3088 // package this is. | 3089 // package this is. |
3089 if (is_app() && !LoadAppFeatures(error)) | 3090 if (is_app() && !LoadAppFeatures(error)) |
3090 return false; | 3091 return false; |
3091 | 3092 |
3092 ExtensionAPIPermissionSet api_permissions; | 3093 APIPermissionSet api_permissions; |
3093 URLPatternSet host_permissions; | 3094 URLPatternSet host_permissions; |
3094 if (!ParsePermissions(keys::kPermissions, | 3095 if (!ParsePermissions(keys::kPermissions, |
3095 error, | 3096 error, |
3096 &api_permissions, | 3097 &api_permissions, |
3097 &host_permissions)) { | 3098 &host_permissions)) { |
3098 return false; | 3099 return false; |
3099 } | 3100 } |
3100 | 3101 |
3101 ExtensionAPIPermissionSet optional_api_permissions; | 3102 APIPermissionSet optional_api_permissions; |
3102 URLPatternSet optional_host_permissions; | 3103 URLPatternSet optional_host_permissions; |
3103 if (!ParsePermissions(keys::kOptionalPermissions, | 3104 if (!ParsePermissions(keys::kOptionalPermissions, |
3104 error, | 3105 error, |
3105 &optional_api_permissions, | 3106 &optional_api_permissions, |
3106 &optional_host_permissions)) { | 3107 &optional_host_permissions)) { |
3107 return false; | 3108 return false; |
3108 } | 3109 } |
3109 | 3110 |
3110 if (!LoadAppIsolation(api_permissions, error)) | 3111 if (!LoadAppIsolation(api_permissions, error)) |
3111 return false; | 3112 return false; |
3112 | 3113 |
3113 if (!LoadSharedFeatures(api_permissions, error)) | 3114 if (!LoadSharedFeatures(api_permissions, error)) |
3114 return false; | 3115 return false; |
3115 | 3116 |
3116 if (!LoadExtensionFeatures(api_permissions, error)) | 3117 if (!LoadExtensionFeatures(api_permissions, error)) |
3117 return false; | 3118 return false; |
3118 | 3119 |
3119 if (!LoadThemeFeatures(error)) | 3120 if (!LoadThemeFeatures(error)) |
3120 return false; | 3121 return false; |
3121 | 3122 |
3122 if (HasMultipleUISurfaces()) { | 3123 if (HasMultipleUISurfaces()) { |
3123 *error = ASCIIToUTF16(errors::kOneUISurfaceOnly); | 3124 *error = ASCIIToUTF16(errors::kOneUISurfaceOnly); |
3124 return false; | 3125 return false; |
3125 } | 3126 } |
3126 | 3127 |
3127 runtime_data_.SetActivePermissions(new ExtensionPermissionSet( | 3128 runtime_data_.SetActivePermissions(new PermissionSet( |
3128 this, api_permissions, host_permissions, oauth2_info_.GetScopesAsSet())); | 3129 this, api_permissions, host_permissions, oauth2_info_.GetScopesAsSet())); |
3129 required_permission_set_ = new ExtensionPermissionSet( | 3130 required_permission_set_ = new PermissionSet( |
3130 this, api_permissions, host_permissions, oauth2_info_.GetScopesAsSet()); | 3131 this, api_permissions, host_permissions, oauth2_info_.GetScopesAsSet()); |
3131 optional_permission_set_ = new ExtensionPermissionSet( | 3132 optional_permission_set_ = new PermissionSet( |
3132 optional_api_permissions, optional_host_permissions, URLPatternSet()); | 3133 optional_api_permissions, optional_host_permissions, URLPatternSet()); |
3133 | 3134 |
3134 return true; | 3135 return true; |
3135 } | 3136 } |
3136 | 3137 |
3137 GURL Extension::GetHomepageURL() const { | 3138 GURL Extension::GetHomepageURL() const { |
3138 if (homepage_url_.is_valid()) | 3139 if (homepage_url_.is_valid()) |
3139 return homepage_url_; | 3140 return homepage_url_; |
3140 | 3141 |
3141 if (!UpdatesFromGallery()) | 3142 if (!UpdatesFromGallery()) |
(...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3281 ExtensionIconSet::MatchType match_type) const { | 3282 ExtensionIconSet::MatchType match_type) const { |
3282 std::string path = icons().Get(size, match_type); | 3283 std::string path = icons().Get(size, match_type); |
3283 if (path.empty()) | 3284 if (path.empty()) |
3284 return GURL(); | 3285 return GURL(); |
3285 else | 3286 else |
3286 return GetResourceURL(path); | 3287 return GetResourceURL(path); |
3287 } | 3288 } |
3288 | 3289 |
3289 bool Extension::ParsePermissions(const char* key, | 3290 bool Extension::ParsePermissions(const char* key, |
3290 string16* error, | 3291 string16* error, |
3291 ExtensionAPIPermissionSet* api_permissions, | 3292 APIPermissionSet* api_permissions, |
3292 URLPatternSet* host_permissions) { | 3293 URLPatternSet* host_permissions) { |
3293 if (manifest_->HasKey(key)) { | 3294 if (manifest_->HasKey(key)) { |
3294 ListValue* permissions = NULL; | 3295 ListValue* permissions = NULL; |
3295 if (!manifest_->GetList(key, &permissions)) { | 3296 if (!manifest_->GetList(key, &permissions)) { |
3296 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( | 3297 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( |
3297 errors::kInvalidPermissions, ""); | 3298 errors::kInvalidPermissions, ""); |
3298 return false; | 3299 return false; |
3299 } | 3300 } |
3300 | 3301 |
3301 for (size_t i = 0; i < permissions->GetSize(); ++i) { | 3302 for (size_t i = 0; i < permissions->GetSize(); ++i) { |
3302 std::string permission_str; | 3303 std::string permission_str; |
3303 if (!permissions->GetString(i, &permission_str)) { | 3304 if (!permissions->GetString(i, &permission_str)) { |
3304 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( | 3305 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( |
3305 errors::kInvalidPermission, base::IntToString(i)); | 3306 errors::kInvalidPermission, base::IntToString(i)); |
3306 return false; | 3307 return false; |
3307 } | 3308 } |
3308 | 3309 |
3309 // NOTE: We need to get the ExtensionAPIPermission before the Feature | 3310 // NOTE: We need to get the APIPermission before the Feature |
3310 // object because the feature system does not know about aliases. | 3311 // object because the feature system does not know about aliases. |
3311 ExtensionAPIPermission* permission = | 3312 APIPermission* permission = |
3312 ExtensionPermissionsInfo::GetInstance()->GetByName(permission_str); | 3313 PermissionsInfo::GetInstance()->GetByName(permission_str); |
3313 if (permission) { | 3314 if (permission) { |
3314 extensions::SimpleFeatureProvider* permission_features = | 3315 extensions::SimpleFeatureProvider* permission_features = |
3315 extensions::SimpleFeatureProvider::GetPermissionFeatures(); | 3316 extensions::SimpleFeatureProvider::GetPermissionFeatures(); |
3316 extensions::Feature* feature = | 3317 extensions::Feature* feature = |
3317 permission_features->GetFeature(permission->name()); | 3318 permission_features->GetFeature(permission->name()); |
3318 | 3319 |
3319 // The feature should exist since we just got an ExtensionAPIPermission | 3320 // The feature should exist since we just got an APIPermission |
3320 // for it. The two systems should be updated together whenever a | 3321 // for it. The two systems should be updated together whenever a |
3321 // permission is added. | 3322 // permission is added. |
3322 CHECK(feature); | 3323 CHECK(feature); |
3323 | 3324 |
3324 extensions::Feature::Availability availability = | 3325 extensions::Feature::Availability availability = |
3325 feature->IsAvailableToManifest( | 3326 feature->IsAvailableToManifest( |
3326 id(), | 3327 id(), |
3327 GetType(), | 3328 GetType(), |
3328 extensions::Feature::ConvertLocation(location()), | 3329 extensions::Feature::ConvertLocation(location()), |
3329 manifest_version()); | 3330 manifest_version()); |
3330 if (availability != extensions::Feature::IS_AVAILABLE) { | 3331 if (availability != extensions::Feature::IS_AVAILABLE) { |
3331 // Don't fail, but warn the developer that the manifest contains | 3332 // Don't fail, but warn the developer that the manifest contains |
3332 // unrecognized permissions. This may happen legitimately if the | 3333 // unrecognized permissions. This may happen legitimately if the |
3333 // extensions requests platform- or channel-specific permissions. | 3334 // extensions requests platform- or channel-specific permissions. |
3334 install_warnings_.push_back( | 3335 install_warnings_.push_back( |
3335 InstallWarning(InstallWarning::FORMAT_TEXT, | 3336 InstallWarning(InstallWarning::FORMAT_TEXT, |
3336 feature->GetErrorMessage(availability))); | 3337 feature->GetErrorMessage(availability))); |
3337 continue; | 3338 continue; |
3338 } | 3339 } |
3339 | 3340 |
3340 if (permission->id() == ExtensionAPIPermission::kExperimental) { | 3341 if (permission->id() == APIPermission::kExperimental) { |
3341 if (!CanSpecifyExperimentalPermission()) { | 3342 if (!CanSpecifyExperimentalPermission()) { |
3342 *error = ASCIIToUTF16(errors::kExperimentalFlagRequired); | 3343 *error = ASCIIToUTF16(errors::kExperimentalFlagRequired); |
3343 return false; | 3344 return false; |
3344 } | 3345 } |
3345 } | 3346 } |
3346 | 3347 |
3347 api_permissions->insert(permission->id()); | 3348 api_permissions->insert(permission->id()); |
3348 continue; | 3349 continue; |
3349 } | 3350 } |
3350 | 3351 |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3387 } | 3388 } |
3388 } | 3389 } |
3389 return true; | 3390 return true; |
3390 } | 3391 } |
3391 | 3392 |
3392 bool Extension::CanSilentlyIncreasePermissions() const { | 3393 bool Extension::CanSilentlyIncreasePermissions() const { |
3393 return location() != INTERNAL; | 3394 return location() != INTERNAL; |
3394 } | 3395 } |
3395 | 3396 |
3396 bool Extension::CanSpecifyHostPermission(const URLPattern& pattern, | 3397 bool Extension::CanSpecifyHostPermission(const URLPattern& pattern, |
3397 const ExtensionAPIPermissionSet& permissions) const { | 3398 const APIPermissionSet& permissions) const { |
3398 if (!pattern.match_all_urls() && | 3399 if (!pattern.match_all_urls() && |
3399 pattern.MatchesScheme(chrome::kChromeUIScheme)) { | 3400 pattern.MatchesScheme(chrome::kChromeUIScheme)) { |
3400 // Regular extensions are only allowed access to chrome://favicon. | 3401 // Regular extensions are only allowed access to chrome://favicon. |
3401 if (pattern.host() == chrome::kChromeUIFaviconHost) | 3402 if (pattern.host() == chrome::kChromeUIFaviconHost) |
3402 return true; | 3403 return true; |
3403 | 3404 |
3404 // Experimental extensions are also allowed chrome://thumb. | 3405 // Experimental extensions are also allowed chrome://thumb. |
3405 if (pattern.host() == chrome::kChromeUIThumbnailHost) { | 3406 if (pattern.host() == chrome::kChromeUIThumbnailHost) { |
3406 return permissions.find(ExtensionAPIPermission::kExperimental) != | 3407 return permissions.find(APIPermission::kExperimental) != |
3407 permissions.end(); | 3408 permissions.end(); |
3408 } | 3409 } |
3409 | 3410 |
3410 // Component extensions can have access to all of chrome://*. | 3411 // Component extensions can have access to all of chrome://*. |
3411 if (CanExecuteScriptEverywhere()) | 3412 if (CanExecuteScriptEverywhere()) |
3412 return true; | 3413 return true; |
3413 | 3414 |
3414 return false; | 3415 return false; |
3415 } | 3416 } |
3416 | 3417 |
3417 // Otherwise, the valid schemes were handled by URLPattern. | 3418 // Otherwise, the valid schemes were handled by URLPattern. |
3418 return true; | 3419 return true; |
3419 } | 3420 } |
3420 | 3421 |
3421 bool Extension::HasAPIPermission( | 3422 bool Extension::HasAPIPermission( |
3422 ExtensionAPIPermission::ID permission) const { | 3423 APIPermission::ID permission) const { |
3423 base::AutoLock auto_lock(runtime_data_lock_); | 3424 base::AutoLock auto_lock(runtime_data_lock_); |
3424 return runtime_data_.GetActivePermissions()->HasAPIPermission(permission); | 3425 return runtime_data_.GetActivePermissions()->HasAPIPermission(permission); |
3425 } | 3426 } |
3426 | 3427 |
3427 bool Extension::HasAPIPermission( | 3428 bool Extension::HasAPIPermission( |
3428 const std::string& function_name) const { | 3429 const std::string& function_name) const { |
3429 base::AutoLock auto_lock(runtime_data_lock_); | 3430 base::AutoLock auto_lock(runtime_data_lock_); |
3430 return runtime_data_.GetActivePermissions()-> | 3431 return runtime_data_.GetActivePermissions()-> |
3431 HasAccessToFunction(function_name); | 3432 HasAccessToFunction(function_name); |
3432 } | 3433 } |
(...skipping 19 matching lines...) Expand all Loading... |
3452 bool Extension::HasEffectiveAccessToAllHosts() const { | 3453 bool Extension::HasEffectiveAccessToAllHosts() const { |
3453 base::AutoLock auto_lock(runtime_data_lock_); | 3454 base::AutoLock auto_lock(runtime_data_lock_); |
3454 return runtime_data_.GetActivePermissions()->HasEffectiveAccessToAllHosts(); | 3455 return runtime_data_.GetActivePermissions()->HasEffectiveAccessToAllHosts(); |
3455 } | 3456 } |
3456 | 3457 |
3457 bool Extension::HasFullPermissions() const { | 3458 bool Extension::HasFullPermissions() const { |
3458 base::AutoLock auto_lock(runtime_data_lock_); | 3459 base::AutoLock auto_lock(runtime_data_lock_); |
3459 return runtime_data_.GetActivePermissions()->HasEffectiveFullAccess(); | 3460 return runtime_data_.GetActivePermissions()->HasEffectiveFullAccess(); |
3460 } | 3461 } |
3461 | 3462 |
3462 ExtensionPermissionMessages Extension::GetPermissionMessages() const { | 3463 PermissionMessages Extension::GetPermissionMessages() const { |
3463 base::AutoLock auto_lock(runtime_data_lock_); | 3464 base::AutoLock auto_lock(runtime_data_lock_); |
3464 if (IsTrustedId(id())) | 3465 if (IsTrustedId(id())) |
3465 return ExtensionPermissionMessages(); | 3466 return PermissionMessages(); |
3466 else | 3467 else |
3467 return runtime_data_.GetActivePermissions()->GetPermissionMessages(); | 3468 return runtime_data_.GetActivePermissions()->GetPermissionMessages(); |
3468 } | 3469 } |
3469 | 3470 |
3470 std::vector<string16> Extension::GetPermissionMessageStrings() const { | 3471 std::vector<string16> Extension::GetPermissionMessageStrings() const { |
3471 base::AutoLock auto_lock(runtime_data_lock_); | 3472 base::AutoLock auto_lock(runtime_data_lock_); |
3472 if (IsTrustedId(id())) | 3473 if (IsTrustedId(id())) |
3473 return std::vector<string16>(); | 3474 return std::vector<string16>(); |
3474 else | 3475 else |
3475 return runtime_data_.GetActivePermissions()->GetWarningMessages(); | 3476 return runtime_data_.GetActivePermissions()->GetWarningMessages(); |
3476 } | 3477 } |
3477 | 3478 |
3478 void Extension::SetActivePermissions( | 3479 void Extension::SetActivePermissions( |
3479 const ExtensionPermissionSet* permissions) const { | 3480 const PermissionSet* permissions) const { |
3480 base::AutoLock auto_lock(runtime_data_lock_); | 3481 base::AutoLock auto_lock(runtime_data_lock_); |
3481 runtime_data_.SetActivePermissions(permissions); | 3482 runtime_data_.SetActivePermissions(permissions); |
3482 } | 3483 } |
3483 | 3484 |
3484 scoped_refptr<const ExtensionPermissionSet> | 3485 scoped_refptr<const PermissionSet> |
3485 Extension::GetActivePermissions() const { | 3486 Extension::GetActivePermissions() const { |
3486 base::AutoLock auto_lock(runtime_data_lock_); | 3487 base::AutoLock auto_lock(runtime_data_lock_); |
3487 return runtime_data_.GetActivePermissions(); | 3488 return runtime_data_.GetActivePermissions(); |
3488 } | 3489 } |
3489 | 3490 |
3490 bool Extension::HasMultipleUISurfaces() const { | 3491 bool Extension::HasMultipleUISurfaces() const { |
3491 int num_surfaces = 0; | 3492 int num_surfaces = 0; |
3492 | 3493 |
3493 if (page_action()) | 3494 if (page_action()) |
3494 ++num_surfaces; | 3495 ++num_surfaces; |
(...skipping 293 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3788 if (!has_background_page()) { | 3789 if (!has_background_page()) { |
3789 *utf8_error = errors::kBackgroundRequiredForPlatformApps; | 3790 *utf8_error = errors::kBackgroundRequiredForPlatformApps; |
3790 return false; | 3791 return false; |
3791 } | 3792 } |
3792 | 3793 |
3793 return true; | 3794 return true; |
3794 } | 3795 } |
3795 | 3796 |
3796 bool Extension::CheckConflictingFeatures(std::string* utf8_error) { | 3797 bool Extension::CheckConflictingFeatures(std::string* utf8_error) { |
3797 if (has_lazy_background_page() && | 3798 if (has_lazy_background_page() && |
3798 HasAPIPermission(ExtensionAPIPermission::kWebRequest)) { | 3799 HasAPIPermission(APIPermission::kWebRequest)) { |
3799 *utf8_error = errors::kWebRequestConflictsWithLazyBackground; | 3800 *utf8_error = errors::kWebRequestConflictsWithLazyBackground; |
3800 return false; | 3801 return false; |
3801 } | 3802 } |
3802 | 3803 |
3803 return true; | 3804 return true; |
3804 } | 3805 } |
3805 | 3806 |
3806 ExtensionInfo::~ExtensionInfo() {} | 3807 ExtensionInfo::~ExtensionInfo() {} |
3807 | 3808 |
3808 Extension::RuntimeData::RuntimeData() {} | 3809 Extension::RuntimeData::RuntimeData() {} |
3809 Extension::RuntimeData::RuntimeData(const ExtensionPermissionSet* active) | 3810 Extension::RuntimeData::RuntimeData(const PermissionSet* active) |
3810 : active_permissions_(active) {} | 3811 : active_permissions_(active) {} |
3811 Extension::RuntimeData::~RuntimeData() {} | 3812 Extension::RuntimeData::~RuntimeData() {} |
3812 | 3813 |
3813 scoped_refptr<const ExtensionPermissionSet> | 3814 scoped_refptr<const PermissionSet> |
3814 Extension::RuntimeData::GetActivePermissions() const { | 3815 Extension::RuntimeData::GetActivePermissions() const { |
3815 return active_permissions_; | 3816 return active_permissions_; |
3816 } | 3817 } |
3817 | 3818 |
3818 void Extension::RuntimeData::SetActivePermissions( | 3819 void Extension::RuntimeData::SetActivePermissions( |
3819 const ExtensionPermissionSet* active) { | 3820 const PermissionSet* active) { |
3820 active_permissions_ = active; | 3821 active_permissions_ = active; |
3821 } | 3822 } |
3822 | 3823 |
3823 const URLPatternSet* | 3824 const URLPatternSet* |
3824 Extension::RuntimeData::GetTabSpecificHostPermissions(int tab_id) const { | 3825 Extension::RuntimeData::GetTabSpecificHostPermissions(int tab_id) const { |
3825 CHECK_GE(tab_id, 0); | 3826 CHECK_GE(tab_id, 0); |
3826 TabHostPermissionsMap::const_iterator it = | 3827 TabHostPermissionsMap::const_iterator it = |
3827 tab_specific_host_permissions_.find(tab_id); | 3828 tab_specific_host_permissions_.find(tab_id); |
3828 return (it != tab_specific_host_permissions_.end()) ? it->second.get() : NULL; | 3829 return (it != tab_specific_host_permissions_.end()) ? it->second.get() : NULL; |
3829 } | 3830 } |
(...skipping 13 matching lines...) Expand all Loading... |
3843 | 3844 |
3844 UnloadedExtensionInfo::UnloadedExtensionInfo( | 3845 UnloadedExtensionInfo::UnloadedExtensionInfo( |
3845 const Extension* extension, | 3846 const Extension* extension, |
3846 extension_misc::UnloadedExtensionReason reason) | 3847 extension_misc::UnloadedExtensionReason reason) |
3847 : reason(reason), | 3848 : reason(reason), |
3848 already_disabled(false), | 3849 already_disabled(false), |
3849 extension(extension) {} | 3850 extension(extension) {} |
3850 | 3851 |
3851 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo( | 3852 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo( |
3852 const Extension* extension, | 3853 const Extension* extension, |
3853 const ExtensionPermissionSet* permissions, | 3854 const PermissionSet* permissions, |
3854 Reason reason) | 3855 Reason reason) |
3855 : reason(reason), | 3856 : reason(reason), |
3856 extension(extension), | 3857 extension(extension), |
3857 permissions(permissions) {} | 3858 permissions(permissions) {} |
3858 | 3859 |
3859 } // namespace extensions | 3860 } // namespace extensions |
OLD | NEW |