| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/pepper_permission_util.h" | 5 #include "chrome/common/pepper_permission_util.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/sha1.h" | 10 #include "base/sha1.h" |
| (...skipping 19 matching lines...) Expand all Loading... |
| 30 | 30 |
| 31 bool HostIsInSet(const std::string& host, const std::set<std::string>& set) { | 31 bool HostIsInSet(const std::string& host, const std::set<std::string>& set) { |
| 32 return set.count(host) > 0 || set.count(HashHost(host)) > 0; | 32 return set.count(host) > 0 || set.count(HashHost(host)) > 0; |
| 33 } | 33 } |
| 34 | 34 |
| 35 } // namespace | 35 } // namespace |
| 36 | 36 |
| 37 bool IsExtensionOrSharedModuleWhitelisted( | 37 bool IsExtensionOrSharedModuleWhitelisted( |
| 38 const GURL& url, | 38 const GURL& url, |
| 39 const ExtensionSet* extension_set, | 39 const ExtensionSet* extension_set, |
| 40 const std::set<std::string>& whitelist, | 40 const std::set<std::string>& whitelist) { |
| 41 const char* command_line_switch) { | 41 if (!url.is_valid() || !url.SchemeIs(extensions::kExtensionScheme)) |
| 42 const std::string host = url.host(); | |
| 43 if (!url.is_valid()) | |
| 44 return false; | 42 return false; |
| 45 | 43 |
| 46 if (url.SchemeIs(extensions::kExtensionScheme) && | 44 const std::string host = url.host(); |
| 47 HostIsInSet(host, whitelist)) { | 45 if (HostIsInSet(host, whitelist)) |
| 48 return true; | 46 return true; |
| 49 } | |
| 50 | 47 |
| 51 // Check the modules that are imported by this extension to see if any of them | 48 // Check the modules that are imported by this extension to see if any of them |
| 52 // is whitelisted. | 49 // is whitelisted. |
| 53 const Extension* extension = extension_set ? extension_set->GetByID(host) | 50 const Extension* extension = extension_set ? extension_set->GetByID(host) |
| 54 : NULL; | 51 : NULL; |
| 55 if (extension) { | 52 if (extension) { |
| 56 typedef std::vector<extensions::SharedModuleInfo::ImportInfo> | 53 typedef std::vector<extensions::SharedModuleInfo::ImportInfo> |
| 57 ImportInfoVector; | 54 ImportInfoVector; |
| 58 const ImportInfoVector& imports = | 55 const ImportInfoVector& imports = |
| 59 extensions::SharedModuleInfo::GetImports(extension); | 56 extensions::SharedModuleInfo::GetImports(extension); |
| 60 for (ImportInfoVector::const_iterator it = imports.begin(); | 57 for (ImportInfoVector::const_iterator it = imports.begin(); |
| 61 it != imports.end(); ++it) { | 58 it != imports.end(); ++it) { |
| 62 const Extension* imported_extension = extension_set->GetByID( | 59 const Extension* imported_extension = extension_set->GetByID( |
| 63 it->extension_id); | 60 it->extension_id); |
| 64 if (imported_extension && | 61 if (imported_extension && |
| 65 extensions::SharedModuleInfo::IsSharedModule(imported_extension) && | 62 extensions::SharedModuleInfo::IsSharedModule(imported_extension) && |
| 66 HostIsInSet(it->extension_id, whitelist)) { | 63 HostIsInSet(it->extension_id, whitelist)) { |
| 67 return true; | 64 return true; |
| 68 } | 65 } |
| 69 } | 66 } |
| 70 } | 67 } |
| 71 | 68 |
| 69 return false; |
| 70 } |
| 71 |
| 72 bool IsHostAllowedByCommandLine(const GURL& url, |
| 73 const ExtensionSet* extension_set, |
| 74 const char* command_line_switch) { |
| 75 if (!url.is_valid()) |
| 76 return false; |
| 77 |
| 72 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); | 78 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); |
| 73 const std::string allowed_list = | 79 const std::string allowed_list = |
| 74 command_line.GetSwitchValueASCII(command_line_switch); | 80 command_line.GetSwitchValueASCII(command_line_switch); |
| 81 if (allowed_list.empty()) |
| 82 return false; |
| 83 |
| 84 const std::string host = url.host(); |
| 75 if (allowed_list == "*") { | 85 if (allowed_list == "*") { |
| 76 // For now, we only allow packaged and platform apps in this wildcard. | 86 // For now, we only allow packaged and platform apps in this wildcard. |
| 87 if (!extension_set || !url.SchemeIs(extensions::kExtensionScheme)) |
| 88 return false; |
| 89 |
| 90 const Extension* extension = extension_set->GetByID(host); |
| 77 return extension && | 91 return extension && |
| 78 (extension->GetType() == Manifest::TYPE_LEGACY_PACKAGED_APP || | 92 (extension->GetType() == Manifest::TYPE_LEGACY_PACKAGED_APP || |
| 79 extension->GetType() == Manifest::TYPE_PLATFORM_APP); | 93 extension->GetType() == Manifest::TYPE_PLATFORM_APP); |
| 80 } | 94 } |
| 81 | 95 |
| 82 if (!allowed_list.empty()) { | 96 base::StringTokenizer t(allowed_list, ","); |
| 83 base::StringTokenizer t(allowed_list, ","); | 97 while (t.GetNext()) { |
| 84 while (t.GetNext()) { | 98 if (t.token() == host) |
| 85 if (t.token() == host) | 99 return true; |
| 86 return true; | |
| 87 } | |
| 88 } | 100 } |
| 89 | 101 |
| 90 return false; | 102 return false; |
| 91 } | 103 } |
| 92 | 104 |
| 93 } // namespace chrome | 105 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 17029002:
Change the permission check for Pepper socket API to support both the public and private APIs. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src