diff options
| author | mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-21 23:29:15 +0000 |
|---|---|---|
| committer | mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-21 23:29:15 +0000 |
| commit | 5e212edaf84b2695da04a8d6d7cb701e85ca9e2e (patch) | |
| tree | 8648e2d89057cda56dda35293d76da1c8de45008 /chrome/browser/extensions/extension_protocols.cc | |
| parent | 8f57812b0d7cfc918708444efceb39d8caccbbff (diff) | |
| download | chromium_src-5e212edaf84b2695da04a8d6d7cb701e85ca9e2e.zip chromium_src-5e212edaf84b2695da04a8d6d7cb701e85ca9e2e.tar.gz chromium_src-5e212edaf84b2695da04a8d6d7cb701e85ca9e2e.tar.bz2 | |
Fix bug where we'd allow chrome-extension URLs to be loaded in incognito mode
as subresources, even though the extension is not allowed in incognito.
BUG=118721
TEST=see bug for repro; try the proof of concept in incognito mode with adblock installed but not allowed in incognito. adblock should not be detected.
Review URL: http://codereview.chromium.org/9726025
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@128097 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/extensions/extension_protocols.cc')
| -rw-r--r-- | chrome/browser/extensions/extension_protocols.cc | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/chrome/browser/extensions/extension_protocols.cc b/chrome/browser/extensions/extension_protocols.cc index 55f4354..4b55153 100644 --- a/chrome/browser/extensions/extension_protocols.cc +++ b/chrome/browser/extensions/extension_protocols.cc @@ -165,12 +165,22 @@ class URLRequestExtensionJob : public net::URLRequestFileJob { net::HttpResponseInfo response_info_; }; -bool ExtensionCanLoadInIncognito(const std::string& extension_id, +bool ExtensionCanLoadInIncognito(const ResourceRequestInfo* info, + const std::string& extension_id, ExtensionInfoMap* extension_info_map) { - const Extension* extension = - extension_info_map->extensions().GetByID(extension_id); - // Only split-mode extensions can load in incognito profiles. - return extension && extension->incognito_split_mode(); + if (!extension_info_map->IsIncognitoEnabled(extension_id)) + return false; + + // Only allow incognito toplevel navigations to extension resources in + // split mode. In spanning mode, the extension must run in a single process, + // and an incognito tab prevents that. + if (info->GetResourceType() == ResourceType::MAIN_FRAME) { + const Extension* extension = + extension_info_map->extensions().GetByID(extension_id); + return extension && extension->incognito_split_mode(); + } + + return true; } // Returns true if an chrome-extension:// resource should be allowed to load. @@ -189,14 +199,8 @@ bool AllowExtensionResourceLoad(net::URLRequest* request, return true; } - // Don't allow toplevel navigations to extension resources in incognito mode. - // This is because an extension must run in a single process, and an - // incognito tab prevents that. - if (is_incognito && - info->GetResourceType() == ResourceType::MAIN_FRAME && - !ExtensionCanLoadInIncognito(request->url().host(), extension_info_map)) { - LOG(ERROR) << "Denying load of " << request->url().spec() << " from " - << "incognito tab."; + if (is_incognito && !ExtensionCanLoadInIncognito(info, request->url().host(), + extension_info_map)) { return false; } @@ -242,7 +246,6 @@ ExtensionProtocolHandler::MaybeCreateJob(net::URLRequest* request) const { // TODO(mpcomplete): better error code. if (!AllowExtensionResourceLoad( request, is_incognito_, extension_info_map_)) { - LOG(ERROR) << "disallowed in extension protocols"; return new net::URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE); } |