| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/extensions/extension_dispatcher.h" | 5 #include "chrome/renderer/extensions/extension_dispatcher.h" |
| 6 | 6 |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/string_piece.h" | 10 #include "base/string_piece.h" |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 70 using WebKit::WebDocument; | 70 using WebKit::WebDocument; |
| 71 using WebKit::WebFrame; | 71 using WebKit::WebFrame; |
| 72 using WebKit::WebScopedUserGesture; | 72 using WebKit::WebScopedUserGesture; |
| 73 using WebKit::WebSecurityPolicy; | 73 using WebKit::WebSecurityPolicy; |
| 74 using WebKit::WebString; | 74 using WebKit::WebString; |
| 75 using WebKit::WebVector; | 75 using WebKit::WebVector; |
| 76 using WebKit::WebView; | 76 using WebKit::WebView; |
| 77 using content::RenderThread; | 77 using content::RenderThread; |
| 78 using content::RenderView; | 78 using content::RenderView; |
| 79 using extensions::APIPermission; | 79 using extensions::APIPermission; |
| 80 using extensions::APIPermissionSet; |
| 80 using extensions::ApiDefinitionsNatives; | 81 using extensions::ApiDefinitionsNatives; |
| 81 using extensions::AppWindowCustomBindings; | 82 using extensions::AppWindowCustomBindings; |
| 82 using extensions::ContextMenusCustomBindings; | 83 using extensions::ContextMenusCustomBindings; |
| 83 using extensions::Extension; | 84 using extensions::Extension; |
| 84 using extensions::ExperimentalAppCustomBindings; | 85 using extensions::ExperimentalAppCustomBindings; |
| 85 using extensions::ExperimentalUsbCustomBindings; | 86 using extensions::ExperimentalUsbCustomBindings; |
| 86 using extensions::ExtensionAPI; | 87 using extensions::ExtensionAPI; |
| 87 using extensions::ExtensionCustomBindings; | 88 using extensions::ExtensionCustomBindings; |
| 88 using extensions::Feature; | 89 using extensions::Feature; |
| 89 using extensions::FileBrowserHandlerCustomBindings; | 90 using extensions::FileBrowserHandlerCustomBindings; |
| (...skipping 835 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 925 // the target tab. This may change. Either way, if this is the target tab it | 926 // the target tab. This may change. Either way, if this is the target tab it |
| 926 // gives us the chance to check against the page ID to avoid races. | 927 // gives us the chance to check against the page ID to avoid races. |
| 927 DCHECK(view); | 928 DCHECK(view); |
| 928 if (view && view->GetPageId() != page_id) | 929 if (view && view->GetPageId() != page_id) |
| 929 return; | 930 return; |
| 930 | 931 |
| 931 const Extension* extension = extensions_.GetByID(extension_id); | 932 const Extension* extension = extensions_.GetByID(extension_id); |
| 932 if (!extension) | 933 if (!extension) |
| 933 return; | 934 return; |
| 934 | 935 |
| 935 extension->SetTabSpecificHostPermissions(tab_id, origin_set); | 936 extension->UpdateTabSpecificPermissions( |
| 937 tab_id, |
| 938 new PermissionSet(APIPermissionSet(), origin_set, URLPatternSet())); |
| 936 } | 939 } |
| 937 | 940 |
| 938 void ExtensionDispatcher::OnClearTabSpecificPermissions( | 941 void ExtensionDispatcher::OnClearTabSpecificPermissions( |
| 939 int tab_id, | 942 int tab_id, |
| 940 const std::vector<std::string>& extension_ids) { | 943 const std::vector<std::string>& extension_ids) { |
| 941 for (std::vector<std::string>::const_iterator it = extension_ids.begin(); | 944 for (std::vector<std::string>::const_iterator it = extension_ids.begin(); |
| 942 it != extension_ids.end(); ++it) { | 945 it != extension_ids.end(); ++it) { |
| 943 const Extension* extension = extensions_.GetByID(*it); | 946 const Extension* extension = extensions_.GetByID(*it); |
| 944 if (extension) | 947 if (extension) |
| 945 extension->ClearTabSpecificHostPermissions(tab_id); | 948 extension->ClearTabSpecificPermissions(tab_id); |
| 946 } | 949 } |
| 947 } | 950 } |
| 948 | 951 |
| 949 void ExtensionDispatcher::OnUpdateUserScripts( | 952 void ExtensionDispatcher::OnUpdateUserScripts( |
| 950 base::SharedMemoryHandle scripts) { | 953 base::SharedMemoryHandle scripts) { |
| 951 DCHECK(base::SharedMemory::IsHandleValid(scripts)) << "Bad scripts handle"; | 954 DCHECK(base::SharedMemory::IsHandleValid(scripts)) << "Bad scripts handle"; |
| 952 user_script_slave_->UpdateScripts(scripts); | 955 user_script_slave_->UpdateScripts(scripts); |
| 953 UpdateActiveExtensions(); | 956 UpdateActiveExtensions(); |
| 954 } | 957 } |
| 955 | 958 |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1036 } | 1039 } |
| 1037 | 1040 |
| 1038 bool ExtensionDispatcher::CheckCurrentContextAccessToExtensionAPI( | 1041 bool ExtensionDispatcher::CheckCurrentContextAccessToExtensionAPI( |
| 1039 const std::string& function_name) const { | 1042 const std::string& function_name) const { |
| 1040 ChromeV8Context* context = v8_context_set().GetCurrent(); | 1043 ChromeV8Context* context = v8_context_set().GetCurrent(); |
| 1041 if (!context) { | 1044 if (!context) { |
| 1042 DLOG(ERROR) << "Not in a v8::Context"; | 1045 DLOG(ERROR) << "Not in a v8::Context"; |
| 1043 return false; | 1046 return false; |
| 1044 } | 1047 } |
| 1045 | 1048 |
| 1046 if (!context->extension() || | 1049 if (!context->extension()) { |
| 1050 v8::ThrowException( |
| 1051 v8::Exception::Error(v8::String::New("Not in an extension."))); |
| 1052 return false; |
| 1053 } |
| 1054 |
| 1055 // Whitelist tabs.executeScript and tabs.insertCSS since they might be |
| 1056 // controlled by activeTab. The browser will do the relevant access checks. |
| 1057 // We either do this or propagate all tab IDs to renderers with extensions |
| 1058 // that have activeTab. |
| 1059 bool skip_permission_check = (function_name == "tabs.executeScript") || |
| 1060 (function_name == "tabs.insertCSS"); |
| 1061 |
| 1062 if (!skip_permission_check && |
| 1047 !context->extension()->HasAPIPermission(function_name)) { | 1063 !context->extension()->HasAPIPermission(function_name)) { |
| 1048 static const char kMessage[] = | 1064 static const char kMessage[] = |
| 1049 "You do not have permission to use '%s'. Be sure to declare" | 1065 "You do not have permission to use '%s'. Be sure to declare" |
| 1050 " in your manifest what permissions you need."; | 1066 " in your manifest what permissions you need."; |
| 1051 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); | 1067 std::string error_msg = base::StringPrintf(kMessage, function_name.c_str()); |
| 1052 v8::ThrowException( | 1068 v8::ThrowException( |
| 1053 v8::Exception::Error(v8::String::New(error_msg.c_str()))); | 1069 v8::Exception::Error(v8::String::New(error_msg.c_str()))); |
| 1054 return false; | 1070 return false; |
| 1055 } | 1071 } |
| 1056 | 1072 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 1068 // APIs, they don't get extension bindings injected. If we end up here it | 1084 // APIs, they don't get extension bindings injected. If we end up here it |
| 1069 // means that a sandboxed page somehow managed to invoke an API anyway, so | 1085 // means that a sandboxed page somehow managed to invoke an API anyway, so |
| 1070 // we should abort. | 1086 // we should abort. |
| 1071 WebKit::WebFrame* frame = context->web_frame(); | 1087 WebKit::WebFrame* frame = context->web_frame(); |
| 1072 ExtensionURLInfo url_info(frame->document().securityOrigin(), | 1088 ExtensionURLInfo url_info(frame->document().securityOrigin(), |
| 1073 extensions::UserScriptSlave::GetDataSourceURLForFrame(frame)); | 1089 extensions::UserScriptSlave::GetDataSourceURLForFrame(frame)); |
| 1074 CHECK(!extensions_.IsSandboxedPage(url_info)); | 1090 CHECK(!extensions_.IsSandboxedPage(url_info)); |
| 1075 | 1091 |
| 1076 return true; | 1092 return true; |
| 1077 } | 1093 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10815028:
Make ActiveTabPermissionManager also grant the tabs permission. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src