Index: extensions/browser/renderer_startup_helper.cc |
diff --git a/extensions/browser/renderer_startup_helper.cc b/extensions/browser/renderer_startup_helper.cc |
index 4a309faa66b52703b07cf139612d261f59dc6701..30bd75ee9f641ef9e29e2208b8fd765c09ea7777 100644 |
--- a/extensions/browser/renderer_startup_helper.cc |
+++ b/extensions/browser/renderer_startup_helper.cc |
@@ -9,11 +9,13 @@ |
#include "base/strings/string_util.h" |
#include "base/values.h" |
#include "components/keyed_service/content/browser_context_dependency_manager.h" |
+#include "content/public/browser/browser_context.h" |
#include "content/public/browser/notification_service.h" |
#include "content/public/browser/notification_types.h" |
#include "content/public/browser/render_process_host.h" |
#include "extensions/browser/extension_function_dispatcher.h" |
#include "extensions/browser/extension_registry.h" |
+#include "extensions/browser/extension_util.h" |
#include "extensions/browser/extensions_browser_client.h" |
#include "extensions/browser/guest_view/web_view/web_view_guest.h" |
#include "extensions/common/extension_messages.h" |
@@ -27,6 +29,27 @@ using content::BrowserContext; |
namespace extensions { |
+namespace { |
+ |
+// Returns whether the |extension| should be loaded in the given |
+// |browser_context|. |
+bool IsExtensionVisibleToContext(const Extension& extension, |
+ content::BrowserContext* browser_context) { |
+ // Renderers don't need to know about themes. |
+ if (extension.is_theme()) |
+ return false; |
+ |
+ // Only extensions enabled in incognito mode should be loaded in an incognito |
+ // renderer. However extensions which can't be enabled in the incognito mode |
+ // (e.g. platform apps) should also be loaded in an incognito renderer to |
+ // ensure connections from incognito tabs to such extensions work. |
+ return !browser_context->IsOffTheRecord() || |
+ !util::CanBeIncognitoEnabled(&extension) || |
+ util::IsIncognitoEnabled(extension.id(), browser_context); |
+} |
+ |
+} // namespace |
+ |
RendererStartupHelper::RendererStartupHelper(BrowserContext* browser_context) |
: browser_context_(browser_context) { |
DCHECK(browser_context); |
@@ -102,6 +125,7 @@ void RendererStartupHelper::InitializeProcess( |
// Loaded extensions. |
std::vector<ExtensionMsg_Loaded_Params> loaded_extensions; |
+ BrowserContext* renderer_context = process->GetBrowserContext(); |
const ExtensionSet& extensions = |
ExtensionRegistry::Get(browser_context_)->enabled_extensions(); |
for (const auto& ext : extensions) { |
@@ -109,18 +133,20 @@ void RendererStartupHelper::InitializeProcess( |
DCHECK(base::ContainsKey(extension_process_map_, ext->id())); |
DCHECK(!base::ContainsKey(extension_process_map_[ext->id()], process)); |
- // Renderers don't need to know about themes. |
- if (!ext->is_theme()) { |
- // TODO(kalman): Only include tab specific permissions for extension |
- // processes, no other process needs it, so it's mildly wasteful. |
- // I am not sure this is possible to know this here, at such a low |
- // level of the stack. Perhaps site isolation can help. |
- bool include_tab_permissions = true; |
- loaded_extensions.push_back( |
- ExtensionMsg_Loaded_Params(ext.get(), include_tab_permissions)); |
- extension_process_map_[ext->id()].insert(process); |
- } |
+ if (!IsExtensionVisibleToContext(*ext, renderer_context)) |
+ continue; |
+ |
+ // TODO(kalman): Only include tab specific permissions for extension |
+ // processes, no other process needs it, so it's mildly wasteful. |
+ // I am not sure this is possible to know this here, at such a low |
+ // level of the stack. Perhaps site isolation can help. |
+ bool include_tab_permissions = true; |
+ loaded_extensions.push_back( |
+ ExtensionMsg_Loaded_Params(ext.get(), include_tab_permissions)); |
+ extension_process_map_[ext->id()].insert(process); |
} |
+ |
+ // Activate pending extensions. |
process->Send(new ExtensionMsg_Loaded(loaded_extensions)); |
auto iter = pending_active_extensions_.find(process); |
if (iter != pending_active_extensions_.end()) { |
@@ -165,10 +191,7 @@ void RendererStartupHelper::ActivateExtensionInProcess( |
#endif |
} |
- // Renderers don't need to know about themes. We also don't normally |
- // "activate" themes, but this could happen if someone tries to open a tab |
- // to the e.g. theme's manifest. |
- if (extension.is_theme()) |
+ if (!IsExtensionVisibleToContext(extension, process->GetBrowserContext())) |
return; |
if (base::ContainsKey(initialized_processes_, process)) { |
@@ -190,7 +213,8 @@ void RendererStartupHelper::OnExtensionLoaded(const Extension& extension) { |
std::set<content::RenderProcessHost*>& loaded_process_set = |
extension_process_map_[extension.id()]; |
- // Renderers don't need to know about themes. |
+ // IsExtensionVisibleToContext() would filter out themes, but we choose to |
+ // return early for performance reasons. |
if (extension.is_theme()) |
return; |
@@ -202,6 +226,8 @@ void RendererStartupHelper::OnExtensionLoaded(const Extension& extension) { |
1, |
ExtensionMsg_Loaded_Params(&extension, false /* no tab permissions */)); |
for (content::RenderProcessHost* process : initialized_processes_) { |
+ if (!IsExtensionVisibleToContext(extension, process->GetBrowserContext())) |
+ continue; |
process->Send(new ExtensionMsg_Loaded(params)); |
loaded_process_set.insert(process); |
} |