diff options
| author | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 18:47:01 +0000 |
|---|---|---|
| committer | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 18:47:01 +0000 |
| commit | 48db7e044852d7858f3eee3ea395d1670bbfeffc (patch) | |
| tree | b654b317338579c24ab922deafa37c9c8e2b0082 /chrome/browser/extensions/extension_protocols.cc | |
| parent | aa42765cac1851ce275ceae6dddf7ef00774ee00 (diff) | |
| download | chromium_src-48db7e044852d7858f3eee3ea395d1670bbfeffc.zip chromium_src-48db7e044852d7858f3eee3ea395d1670bbfeffc.tar.gz chromium_src-48db7e044852d7858f3eee3ea395d1670bbfeffc.tar.bz2 | |
Revert r55750
TBR=mirandac@chromium.org
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55761 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/extensions/extension_protocols.cc')
| -rw-r--r-- | chrome/browser/extensions/extension_protocols.cc | 71 |
1 files changed, 27 insertions, 44 deletions
diff --git a/chrome/browser/extensions/extension_protocols.cc b/chrome/browser/extensions/extension_protocols.cc index f1b09eb..d88e045 100644 --- a/chrome/browser/extensions/extension_protocols.cc +++ b/chrome/browser/extensions/extension_protocols.cc @@ -65,61 +65,44 @@ class URLRequestResourceBundleJob : public URLRequestSimpleJob { int resource_id_; }; -// Returns true if an chrome-extension:// resource should be allowed to load. -bool AllowExtensionResourceLoad(URLRequest* request, - ChromeURLRequestContext* context, - const std::string& scheme) { - const ResourceDispatcherHostRequestInfo* info = - ResourceDispatcherHost::InfoForRequest(request); - - GURL origin_url(info->frame_origin()); - - // chrome:// URLs are always allowed to load chrome-extension:// resources. - // The app launcher in the NTP uses this feature, as does dev tools. - if (origin_url.SchemeIs(chrome::kChromeUIScheme)) - return true; +} // namespace - // Disallow loading of packaged resources for hosted apps. We don't allow - // hybrid hosted/packaged apps. - if (context->ExtensionHasWebExtent(request->url().host())) - return false; +// Factory registered with URLRequest to create URLRequestJobs for extension:// +// URLs. +static URLRequestJob* CreateExtensionURLRequestJob(URLRequest* request, + const std::string& scheme) { + ChromeURLRequestContext* context = + static_cast<ChromeURLRequestContext*>(request->context()); - // chrome-extension:// pages can load resources from extensions and packaged - // apps. This is allowed for legacy reasons. - if (origin_url.SchemeIs(chrome::kExtensionScheme)) - return true; + const ResourceDispatcherHostRequestInfo* info = + ResourceDispatcherHost::InfoForRequest(request); // Extension resources should only be loadable from web pages which the // extension has host permissions to (and therefore could be running script // in, which might need access to the extension resources). - ExtensionExtent host_permissions = - context->GetEffectiveHostPermissionsForExtension(request->url().host()); - if (!origin_url.is_empty() && !host_permissions.ContainsURL(origin_url)) - return false; + // + // chrome:// pages are exempt. We allow them to load any extension resource. + // This is used for, eg, the app launcher in the NTP. + // + // chrome-extension:// pages are also exempt, mostly for legacy reasons. Some + // extensions did this to integrate with each other before we added this code. + GURL origin_url(info->frame_origin()); + if (!origin_url.is_empty() && + !origin_url.SchemeIs(chrome::kChromeUIScheme) && + !origin_url.SchemeIs(chrome::kExtensionScheme)) { + ExtensionExtent host_permissions = + context->GetEffectiveHostPermissionsForExtension( + request->url().host()); + if (!host_permissions.ContainsURL(GURL(info->frame_origin()))) + return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE); + } // Don't allow toplevel navigations to extension resources in incognito mode. // This is because an extension must run in a single process, and an // incognito tab prevents that. - if (context->is_off_the_record() && - info->resource_type() == ResourceType::MAIN_FRAME) { - return false; - } - - // Otherwise, the resource load is allowed. - return true; -} - -} // namespace - -// Factory registered with URLRequest to create URLRequestJobs for extension:// -// URLs. -static URLRequestJob* CreateExtensionURLRequestJob(URLRequest* request, - const std::string& scheme) { - ChromeURLRequestContext* context = - static_cast<ChromeURLRequestContext*>(request->context()); - // TODO(mpcomplete): better error code. - if (!AllowExtensionResourceLoad(request, context, scheme)) + if (context->is_off_the_record() && + info && info->resource_type() == ResourceType::MAIN_FRAME) return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE); // chrome-extension://extension-id/resource/path.js |