diff options
| author | bbudge@chromium.org <bbudge@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-15 21:57:34 +0000 |
|---|---|---|
| committer | bbudge@chromium.org <bbudge@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-07-15 21:57:34 +0000 |
| commit | 620db17658bac3bd4a608fff6a0bcb2578baf0eb (patch) | |
| tree | ea1134bde47f6def2e4334b95fb24bf4b58cfaf5 | |
| parent | 819f753f39ac027fd71001273cafbc70aafe9fee (diff) | |
| download | chromium_src-620db17658bac3bd4a608fff6a0bcb2578baf0eb.zip chromium_src-620db17658bac3bd4a608fff6a0bcb2578baf0eb.tar.gz chromium_src-620db17658bac3bd4a608fff6a0bcb2578baf0eb.tar.bz2 | |
Add 'from_webstore' state to Extensions, so renderer code can enforce CWS restrictions.
Review URL: http://codereview.chromium.org/7384010
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@92752 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | chrome/browser/extensions/extension_service.cc | 8 | ||||
| -rw-r--r-- | chrome/browser/extensions/extension_service.h | 3 | ||||
| -rw-r--r-- | chrome/browser/extensions/extension_service_unittest.cc | 13 | ||||
| -rw-r--r-- | chrome/common/extensions/extension.cc | 5 | ||||
| -rw-r--r-- | chrome/common/extensions/extension.h | 8 |
5 files changed, 26 insertions, 11 deletions
diff --git a/chrome/browser/extensions/extension_service.cc b/chrome/browser/extensions/extension_service.cc index c0ce5ec..ec155ab 100644 --- a/chrome/browser/extensions/extension_service.cc +++ b/chrome/browser/extensions/extension_service.cc @@ -466,10 +466,6 @@ bool ExtensionService::IsDownloadFromGallery(const GURL& download_url, return (referrer_valid && download_valid); } -bool ExtensionService::IsFromWebStore(const std::string& id) const { - return extension_prefs_->IsFromWebStore(id); -} - bool ExtensionService::IsDownloadFromMiniGallery(const GURL& download_url) { return StartsWithASCII(download_url.spec(), extension_urls::kMiniGalleryDownloadPrefix, @@ -1106,6 +1102,8 @@ void ExtensionService::LoadAllExtensions() { flags |= Extension::STRICT_ERROR_CHECKS; if (extension_prefs_->AllowFileAccess(info->extension_id)) flags |= Extension::ALLOW_FILE_ACCESS; + if (extension_prefs_->IsFromWebStore(info->extension_id)) + flags |= Extension::FROM_WEBSTORE; std::string error; scoped_refptr<const Extension> extension( extension_file_util::LoadExtension( @@ -1257,6 +1255,8 @@ void ExtensionService::LoadInstalledExtension(const ExtensionInfo& info, flags |= Extension::STRICT_ERROR_CHECKS; if (extension_prefs_->AllowFileAccess(info.extension_id)) flags |= Extension::ALLOW_FILE_ACCESS; + if (extension_prefs_->IsFromWebStore(info.extension_id)) + flags |= Extension::FROM_WEBSTORE; extension = Extension::Create( info.extension_path, info.extension_location, diff --git a/chrome/browser/extensions/extension_service.h b/chrome/browser/extensions/extension_service.h index 611056a..491a80a 100644 --- a/chrome/browser/extensions/extension_service.h +++ b/chrome/browser/extensions/extension_service.h @@ -166,9 +166,6 @@ class ExtensionService bool IsDownloadFromGallery(const GURL& download_url, const GURL& referrer_url); - // Returns true if the extension was installed from the web store. - bool IsFromWebStore(const std::string& id) const; - // Determine if the downloaded extension came from the theme mini-gallery, // Used to test if we need to show the "Loading" dialog for themes. static bool IsDownloadFromMiniGallery(const GURL& download_url); diff --git a/chrome/browser/extensions/extension_service_unittest.cc b/chrome/browser/extensions/extension_service_unittest.cc index eb16e8e..a6b896d 100644 --- a/chrome/browser/extensions/extension_service_unittest.cc +++ b/chrome/browser/extensions/extension_service_unittest.cc @@ -1897,7 +1897,8 @@ TEST_F(ExtensionServiceTest, Reinstall) { ValidateIntegerPref(good_crx, "location", Extension::INTERNAL); } -// Test that extension prefs remember if .crx came from web store. +// Test that we can determine if extensions came from the +// Chrome web store. TEST_F(ExtensionServiceTest, FromWebStore) { InitializeEmptyExtensionService(); @@ -1911,7 +1912,9 @@ TEST_F(ExtensionServiceTest, FromWebStore) { ASSERT_EQ(0u, GetErrors().size()); ValidatePrefKeyCount(1); ValidateBooleanPref(good_crx, "from_webstore", false); - ASSERT_FALSE(service_->IsFromWebStore(good_crx)); + + const Extension* extension = service_->extensions()->at(0); + ASSERT_FALSE(extension->from_webstore()); installed_ = NULL; loaded_.clear(); @@ -1926,7 +1929,11 @@ TEST_F(ExtensionServiceTest, FromWebStore) { ASSERT_EQ(0u, GetErrors().size()); ValidatePrefKeyCount(1); ValidateBooleanPref(good_crx, "from_webstore", true); - ASSERT_TRUE(service_->IsFromWebStore(good_crx)); + + // Reload so extension gets reinitialized with new value. + service_->ReloadExtensions(); + extension = service_->extensions()->at(0); + ASSERT_TRUE(extension->from_webstore()); } // Test upgrading a signed extension. diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc index 2183469..767b1f2 100644 --- a/chrome/common/extensions/extension.cc +++ b/chrome/common/extensions/extension.cc @@ -1213,7 +1213,8 @@ Extension::Extension(const FilePath& path, Location location) launch_container_(extension_misc::LAUNCH_TAB), launch_width_(0), launch_height_(0), - wants_file_access_(false) { + wants_file_access_(false), + from_webstore_(false) { DCHECK(path.empty() || path.IsAbsolute()); path_ = MaybeNormalizePath(path); } @@ -1400,6 +1401,8 @@ bool Extension::InitFromValue(const DictionaryValue& source, int flags, } } + from_webstore_ = (flags & FROM_WEBSTORE) != 0; + // Make a copy of the manifest so we can store it in prefs. manifest_value_.reset(source.DeepCopy()); diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h index dcbcedc..96392ad 100644 --- a/chrome/common/extensions/extension.h +++ b/chrome/common/extensions/extension.h @@ -175,6 +175,10 @@ class Extension : public base::RefCountedThreadSafe<Extension> { // to have file access. If it's not present, then permissions and content // scripts that match file:/// URLs will be filtered out. ALLOW_FILE_ACCESS = 1 << 2, + + // |FROM_WEBSTORE| indicates that the extension was installed from the + // Chrome Web Store. + FROM_WEBSTORE = 1 << 3, }; static scoped_refptr<Extension> Create(const FilePath& path, @@ -503,6 +507,7 @@ class Extension : public base::RefCountedThreadSafe<Extension> { const std::vector<TtsVoice>& tts_voices() const { return tts_voices_; } bool wants_file_access() const { return wants_file_access_; } + bool from_webstore() const { return from_webstore_; } const std::string& content_security_policy() const { return content_security_policy_; @@ -789,6 +794,9 @@ class Extension : public base::RefCountedThreadSafe<Extension> { // granted it that access). bool wants_file_access_; + // Whether the extension was installed from the web store. + bool from_webstore_; + // The Content-Security-Policy for this extension. Extensions can use // Content-Security-Policies to mitigate cross-site scripting and other // vulnerabilities. |