Extensions: run "custom bindings" v8-extensions in content scripts.

chrome/renderer/extensions/extension_dispatcher.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/extensions/extension_dispatcher.h"
 
 #include "base/command_line.h"
 #include "chrome/common/child_process_logging.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/extensions/extension.h"
@@ skipping 17 matching lines @@
 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h"
 #include "third_party/WebKit/Source/WebKit/chromium/public/WebFrame.h"
 #include "third_party/WebKit/Source/WebKit/chromium/public/WebSecurityPolicy.h"
 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebString.h"
 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebURLRequest.h"
 #include "third_party/WebKit/Source/WebKit/chromium/public/WebView.h"
 #include "ui/base/resource/resource_bundle.h"
 #include "v8/include/v8.h"
 
 namespace {
+
 static const int64 kInitialExtensionIdleHandlerDelayMs = 5*1000;
 static const int64 kMaxExtensionIdleHandlerDelayMs = 5*60*1000;
+
+ChromeV8Context::ContextType ExtensionGroupToContextType(int extension_group) {
+  if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS)
+    return ChromeV8Context::CONTENT_SCRIPT;
+  return ChromeV8Context::OTHER;
+}
+
 }
 
 using namespace extensions;
 
 using WebKit::WebDataSource;
 using WebKit::WebDocument;
 using WebKit::WebFrame;
 using WebKit::WebSecurityPolicy;
 using WebKit::WebString;
 using WebKit::WebVector;
@@ skipping 215 matching lines @@
       active_extension_ids_.end();
 }
 
 bool ExtensionDispatcher::AllowScriptExtension(
     WebFrame* frame,
     const std::string& v8_extension_name,
     int extension_group) {
   return AllowScriptExtension(frame, v8_extension_name, extension_group, 0);
 }
 
+namespace {
+
+// This is what the extension_group variable will be when DidCreateScriptContext
+// is called. We know because it's the same as what AllowScriptExtension gets
+// passed, and the two functions are called sequentially from WebKit.
+//
+// TODO(koz): Plumb extension_group through to AllowScriptExtension() from
+// WebKit.
+static int hack_DidCreateScriptContext_extension_group = 0;
+
+}
+
 bool ExtensionDispatcher::AllowScriptExtension(
     WebFrame* frame,
     const std::string& v8_extension_name,
     int extension_group,
     int world_id) {
+  hack_DidCreateScriptContext_extension_group = extension_group;
+
   // NULL in unit tests.
   if (!RenderThread::Get())
     return true;
 
   // If we don't know about it, it was added by WebCore, so we should allow it.
   if (!RenderThread::Get()->IsRegisteredExtension(v8_extension_name))
     return true;
 
   // If the V8 extension is not restricted, allow it to run anywhere.
   if (!restricted_v8_extensions_.count(v8_extension_name))
     return true;
 
   // Extension-only bindings should be restricted to content scripts and
   // extension-blessed URLs.
-  if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS ||
+  ChromeV8Context::ContextType context_type =
+      ExtensionGroupToContextType(extension_group);
+
+  if (context_type == ChromeV8Context::CONTENT_SCRIPT ||
       extensions_.ExtensionBindingsAllowed(ExtensionURLInfo(
           frame->document().securityOrigin(),
           UserScriptSlave::GetDataSourceURLForFrame(frame)))) {
     // If the extension is a custom API binding, only allow if the extension
     // has permission to use the API.
     std::string custom_binding_api_name =
         custom_bindings_util::GetAPIName(v8_extension_name);
     if (!custom_binding_api_name.empty()) {
       std::string extension_id = GetExtensionID(frame, world_id);
       const Extension* extension = extensions_.GetByID(extension_id);
       if (!extension) {
         // This can happen when a resource is blocked due to CSP; a valid
         // chrome-extension:// URL is navigated to, so it passes the initial
         // checks, but the URL gets changed to "chrome-extension://invalid"
         // afterwards (see chrome_content_renderer_client.cc). An extension
         // page still gets loaded, just for the extension with ID "invalid",
         // which of course isn't found so GetById extension will be NULL.
         //
         // Reference: http://crbug.com/111614.
         CHECK_EQ("invalid", extension_id);
         return false;
       }
       return custom_bindings_util::AllowAPIInjection(
-          custom_binding_api_name, *extension);
+          custom_binding_api_name, *extension, context_type);
     }
 
     return true;
   }
 
   return false;
 }
 
 void ExtensionDispatcher::DidCreateScriptContext(
     WebFrame* frame, v8::Handle<v8::Context> v8_context, int world_id) {
   ChromeV8Context* context =
-      new ChromeV8Context(v8_context, frame, GetExtensionID(frame, world_id));
+      new ChromeV8Context(
+          v8_context,
+          frame,
+          GetExtensionID(frame, world_id),
+          ExtensionGroupToContextType(
+              hack_DidCreateScriptContext_extension_group));
   v8_context_set_.Add(context);
 
   const Extension* extension = extensions_.GetByID(context->extension_id());
   int manifest_version = 1;
   if (extension)
     manifest_version = extension->manifest_version();
 
   context->DispatchOnLoadEvent(
       is_extension_process_,
       ChromeRenderProcessObserver::is_incognito_process(),
@@ skipping 157 matching lines @@
 
   RenderThread::Get()->RegisterExtension(extension);
 }
 
 void ExtensionDispatcher::OnUsingWebRequestAPI(
     bool adblock, bool adblock_plus, bool other) {
   webrequest_adblock_ = adblock;
   webrequest_adblock_plus_ = adblock_plus;
   webrequest_other_ = other;
 }