| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/extensions/dispatcher.h" | 5 #include "chrome/renderer/extensions/dispatcher.h" |
| 6 | 6 |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/string_piece.h" | 10 #include "base/string_piece.h" |
| (...skipping 1042 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1053 // 2. ScriptContext creation (which triggers bindings injection) happens | 1053 // 2. ScriptContext creation (which triggers bindings injection) happens |
| 1054 // before the SecurityContext is updated with the sandbox flags (after | 1054 // before the SecurityContext is updated with the sandbox flags (after |
| 1055 // reading the CSP header), so url_info.url().securityOrigin() is not | 1055 // reading the CSP header), so url_info.url().securityOrigin() is not |
| 1056 // unique yet. | 1056 // unique yet. |
| 1057 if (extensions_.IsSandboxedPage(url_info)) | 1057 if (extensions_.IsSandboxedPage(url_info)) |
| 1058 return Feature::WEB_PAGE_CONTEXT; | 1058 return Feature::WEB_PAGE_CONTEXT; |
| 1059 | 1059 |
| 1060 if (IsExtensionActive(extension_id)) | 1060 if (IsExtensionActive(extension_id)) |
| 1061 return Feature::BLESSED_EXTENSION_CONTEXT; | 1061 return Feature::BLESSED_EXTENSION_CONTEXT; |
| 1062 | 1062 |
| 1063 if (extensions_.ExtensionBindingsAllowed(url_info)) | 1063 if (extensions_.ExtensionBindingsAllowed(url_info)) { |
| 1064 return Feature::UNBLESSED_EXTENSION_CONTEXT; | 1064 return extensions_.Contains(extension_id) ? |
| 1065 Feature::UNBLESSED_EXTENSION_CONTEXT : Feature::UNSPECIFIED_CONTEXT; |
| 1066 } |
| 1065 | 1067 |
| 1066 if (url_info.url().is_valid()) | 1068 if (url_info.url().is_valid()) |
| 1067 return Feature::WEB_PAGE_CONTEXT; | 1069 return Feature::WEB_PAGE_CONTEXT; |
| 1068 | 1070 |
| 1069 return Feature::UNSPECIFIED_CONTEXT; | 1071 return Feature::UNSPECIFIED_CONTEXT; |
| 1070 } | 1072 } |
| 1071 | 1073 |
| 1072 void Dispatcher::OnExtensionResponse(int request_id, | 1074 void Dispatcher::OnExtensionResponse(int request_id, |
| 1073 bool success, | 1075 bool success, |
| 1074 const base::ListValue& response, | 1076 const base::ListValue& response, |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1128 // we should abort. | 1130 // we should abort. |
| 1129 WebKit::WebFrame* frame = context->web_frame(); | 1131 WebKit::WebFrame* frame = context->web_frame(); |
| 1130 ExtensionURLInfo url_info(frame->document().securityOrigin(), | 1132 ExtensionURLInfo url_info(frame->document().securityOrigin(), |
| 1131 UserScriptSlave::GetDataSourceURLForFrame(frame)); | 1133 UserScriptSlave::GetDataSourceURLForFrame(frame)); |
| 1132 CHECK(!extensions_.IsSandboxedPage(url_info)); | 1134 CHECK(!extensions_.IsSandboxedPage(url_info)); |
| 1133 | 1135 |
| 1134 return true; | 1136 return true; |
| 1135 } | 1137 } |
| 1136 | 1138 |
| 1137 } // namespace extensions | 1139 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10827239:
Check that extensions referenced in chrome-extension://id URLs for unprivileged (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src