diff options
| author | rafaelw@chromium.org <rafaelw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-12-07 04:52:55 +0000 |
|---|---|---|
| committer | rafaelw@chromium.org <rafaelw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-12-07 04:52:55 +0000 |
| commit | b281ab6e72be9b1df735395da6979c21712a8e5d (patch) | |
| tree | 083a068bf5056e4c37790b793afe04c26d60a44e /chrome/browser/child_process_security_policy.h | |
| parent | b792af76625e5f3d9801277b628352243fdcbb18 (diff) | |
| download | chromium_src-b281ab6e72be9b1df735395da6979c21712a8e5d.zip chromium_src-b281ab6e72be9b1df735395da6979c21712a8e5d.tar.gz chromium_src-b281ab6e72be9b1df735395da6979c21712a8e5d.tar.bz2 | |
Allow silent extension installations from the extensions gallery - Part 1.
In this episode we:
-Create a new ChildProcess privilege (SILENT_INSTALL_EXTENSION) which is granted to the extension gallery pages.
-Ensure that extension gallery pages are isolated into their own process which is never shared with other urls.
Important: The SILENT_INSTALL_EXTENSION privilege is never granted any additional abilities in this patch, so this patch only has the effect of grouping gallery URLs into a separate process.
In subsequent patch(es) we plan to (a) observe this new privilege and allow gallery urls to install extensions bypassing the normal prompts, (b) polish this UI flow [in particular, do not show the black "loading" dilaog, (c) check the id of the extension to be installed (from the crx) matches the expected id (from gallery url).
BUG=27431
Review URL: http://codereview.chromium.org/400018
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33952 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/child_process_security_policy.h')
| -rw-r--r-- | chrome/browser/child_process_security_policy.h | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/chrome/browser/child_process_security_policy.h b/chrome/browser/child_process_security_policy.h index 9cde10a..20ff53b 100644 --- a/chrome/browser/child_process_security_policy.h +++ b/chrome/browser/child_process_security_policy.h @@ -80,6 +80,11 @@ class ChildProcessSecurityPolicy { // Grant this renderer the ability to use extension Bindings. void GrantExtensionBindings(int renderer_id); + // Grant bindings to this renderer for the ability to silently install + // extensions. Granting this permission to a renderer requires that the + // renderer ONLY be used for gallery URLS. + void GrantInstallExtensionsSilently(int renderer_id); + // Grant this renderer the ability to read raw cookies. void GrantReadRawCookies(int renderer_id); @@ -101,11 +106,17 @@ class ChildProcessSecurityPolicy { // allowed to use DOMUIBindings. bool HasDOMUIBindings(int renderer_id); - // Returns true if the specified renderer_id has been granted DOMUIBindings. - // The browser should check this property before assuming the renderer is - // allowed to use extension bindings. + // Returns true if the specified renderer_id has been granted extension + // bindings. The browser should check this property before assuming the + // renderer is allowed to use extension bindings. bool HasExtensionBindings(int renderer_id); + // Returns true if the specified renderer_id has been granted + // InstallExtensionsSilently. The browser should check this property before + // allowing an extension to be installed without prompting the user + // for confirmation. + bool CanInstallExtensionsSilently(int renderer_id); + // Returns true if the specified renderer_id has been granted ReadRawCookies. bool CanReadRawCookies(int renderer_id); |