chrome/renderer/extensions/extension_dispatcher.cc - Issue 10815028: Make ActiveTabPermissionManager also grant the tabs permission.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/renderer/extensions/extension_dispatcher.cc

Issue 10815028: Make ActiveTabPermissionManager also grant the tabs permission. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: oops Created 8 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/renderer/extensions/extension_dispatcher.cc

diff --git a/chrome/renderer/extensions/extension_dispatcher.cc b/chrome/renderer/extensions/extension_dispatcher.cc

index b8aa0335998de883d9dfccfb124e75702bbf22d4..eb99f48f168fa8580f77283987a3ab9c714560ef 100644

--- a/chrome/renderer/extensions/extension_dispatcher.cc

+++ b/chrome/renderer/extensions/extension_dispatcher.cc

@@ -77,6 +77,7 @@ using WebKit::WebView;

using content::RenderThread;

using content::RenderView;

using extensions::APIPermission;

+using extensions::APIPermissionSet;

using extensions::ApiDefinitionsNatives;

using extensions::AppWindowCustomBindings;

using extensions::ContextMenusCustomBindings;

@@ -993,7 +994,9 @@ void ExtensionDispatcher::OnUpdateTabSpecificPermissions(

if (!extension)

return;

- extension->SetTabSpecificHostPermissions(tab_id, origin_set);

+ extension->UpdateTabSpecificPermissions(

+ tab_id,

+ new PermissionSet(APIPermissionSet(), origin_set, URLPatternSet()));

}

void ExtensionDispatcher::OnClearTabSpecificPermissions(

@@ -1003,7 +1006,7 @@ void ExtensionDispatcher::OnClearTabSpecificPermissions(

it != extension_ids.end(); ++it) {

const Extension* extension = extensions_.GetByID(*it);

if (extension)

- extension->ClearTabSpecificHostPermissions(tab_id);

+ extension->ClearTabSpecificPermissions(tab_id);

}

@@ -1112,7 +1115,24 @@ bool ExtensionDispatcher::CheckCurrentContextAccessToExtensionAPI(

return false;

}

- if (!context->extension() ||

+ if (!context->extension()) {

+ v8::ThrowException(

+ v8::Exception::Error(v8::String::New("Not in an extension.")));

+ return false;

+ }

+ // We need to whitelist tabs.executeScript and tabs.insertCSS because they

+ // are granted under special circumstances with the activeTab permission

+ // (note that the browser checks too, so this isn't a security problem).

+ //

+ // Only the browser knows which tab this call will be sent to... sometimes we

+ // *could* figure it out (if the extension gives an explicit tab ID in the

+ // call), but the expected case will be the extension passing through -1,

+ // meaning the active tab, and only the browser safely knows what this is.

+ bool skip_permission_check = (function_name == "tabs.executeScript") ||

+ (function_name == "tabs.insertCSS");

+ if (!skip_permission_check &&

!context->extension()->HasAPIPermission(function_name)) {

static const char kMessage[] =

"You do not have permission to use '%s'. Be sure to declare"

« no previous file with comments | « chrome/common/extensions/permissions/permission_set.h ('k') | chrome/renderer/resources/extensions/apitest.js » ('j') | no next file with comments »