Use the first_party_for_cookies URL to filter which requests the WebRequest API sees

Merge of r144529.

BUG=134101
TEST=see bug report
TBR=battre@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10702079

git-svn-id: svn://svn.chromium.org/chrome/branches/1180/src@145285 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 48 insertions, 17 deletions

diff --git a/chrome/browser/extensions/api/web_request/web_request_api.cc b/chrome/browser/extensions/api/web_request/web_request_api.cc
index 6d6caf6..6a38e94 100644
--- a/chrome/browser/extensions/api/web_request/web_request_api.cc
+++ b/chrome/browser/extensions/api/web_request/web_request_api.cc
@@ -474,7 +474,7 @@ int ExtensionWebRequestEventRouter::OnBeforeRequest(
     const net::CompletionCallback& callback,
     GURL* new_url) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return net::OK;
 
   if (IsPageLoad(request))
@@ -532,7 +532,7 @@ int ExtensionWebRequestEventRouter::OnBeforeSendHeaders(
     const net::CompletionCallback& callback,
     net::HttpRequestHeaders* headers) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return net::OK;
 
   bool initialize_blocked_requests = false;
@@ -583,7 +583,7 @@ void ExtensionWebRequestEventRouter::OnSendHeaders(
     net::URLRequest* request,
     const net::HttpRequestHeaders& headers) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return;
 
   if (GetAndSetSignaled(request->identifier(), kOnSendHeaders))
@@ -616,7 +616,7 @@ int ExtensionWebRequestEventRouter::OnHeadersReceived(
     net::HttpResponseHeaders* original_response_headers,
     scoped_refptr<net::HttpResponseHeaders>* override_response_headers) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return net::OK;
 
   bool initialize_blocked_requests = false;
@@ -680,7 +680,7 @@ ExtensionWebRequestEventRouter::OnAuthRequired(
     net::AuthCredentials* credentials) {
   // No profile means that this is for authentication challenges in the
   // system context. Skip in that case. Also skip sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return net::NetworkDelegate::AUTH_REQUIRED_RESPONSE_NO_ACTION;
 
   int extra_info_spec = 0;
@@ -725,7 +725,7 @@ void ExtensionWebRequestEventRouter::OnBeforeRedirect(
     net::URLRequest* request,
     const GURL& new_location) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return;
 
   if (GetAndSetSignaled(request->identifier(), kOnBeforeRedirect))
@@ -770,7 +770,7 @@ void ExtensionWebRequestEventRouter::OnResponseStarted(
     ExtensionInfoMap* extension_info_map,
     net::URLRequest* request) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return;
 
   // OnResponseStarted is even triggered, when the request was cancelled.
@@ -813,7 +813,7 @@ void ExtensionWebRequestEventRouter::OnCompleted(
     ExtensionInfoMap* extension_info_map,
     net::URLRequest* request) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return;
 
   request_time_tracker_->LogRequestEndTime(request->identifier(),
@@ -862,7 +862,7 @@ void ExtensionWebRequestEventRouter::OnErrorOccurred(
     net::URLRequest* request,
     bool started) {
   // We hide events from the system context as well as sensitive requests.
-  if (!profile || helpers::HideRequestForURL(request->url()))
+  if (!profile || helpers::HideRequest(request))
     return;
 
   request_time_tracker_->LogRequestEndTime(request->identifier(),
diff --git a/chrome/browser/extensions/api/web_request/web_request_api_helpers.cc b/chrome/browser/extensions/api/web_request/web_request_api_helpers.cc
index 871f29a..5e29a4e 100644
--- a/chrome/browser/extensions/api/web_request/web_request_api_helpers.cc
+++ b/chrome/browser/extensions/api/web_request/web_request_api_helpers.cc
@@ -10,6 +10,7 @@
 #include "chrome/browser/extensions/api/web_request/web_request_api.h"
 #include "chrome/common/url_constants.h"
 #include "net/http/http_util.h"
+#include "net/url_request/url_request.h"
 
 namespace extension_web_request_api_helpers {
 
@@ -593,6 +594,8 @@ namespace {
 // modified/canceled by extensions, e.g. because it is targeted to the webstore
 // to check for updates, extension blacklisting, etc.
 bool IsSensitiveURL(const GURL& url) {
+  // TODO(battre) Merge this, CanExtensionAccessURL of web_request_api.cc and
+  // Extension::CanExecuteScriptOnPage into one function.
   bool is_webstore_gallery_url =
       StartsWithASCII(url.spec(), extension_urls::kGalleryBrowsePrefix, true);
   bool sensitive_chrome_url = false;
@@ -631,8 +634,17 @@ bool HasWebRequestScheme(const GURL& url) {
 
 }  // namespace
 
-bool HideRequestForURL(const GURL& url) {
-  return IsSensitiveURL(url) || !HasWebRequestScheme(url);
+bool HideRequest(net::URLRequest* request) {
+  const GURL& url = request->url();
+  const GURL& first_party_url = request->first_party_for_cookies();
+  bool hide = false;
+  if (first_party_url.is_valid()) {
+    hide = IsSensitiveURL(first_party_url) ||
+           !HasWebRequestScheme(first_party_url);
+  }
+  if (!hide)
+    hide = IsSensitiveURL(url) || !HasWebRequestScheme(url);
+  return hide;
 }
 
 #define ARRAYEND(array) (array + arraysize(array))
diff --git a/chrome/browser/extensions/api/web_request/web_request_api_helpers.h b/chrome/browser/extensions/api/web_request/web_request_api_helpers.h
index 9879657..eada375 100644
--- a/chrome/browser/extensions/api/web_request/web_request_api_helpers.h
+++ b/chrome/browser/extensions/api/web_request/web_request_api_helpers.h
@@ -28,6 +28,11 @@ class ListValue;
 class Value;
 }
 
+namespace net {
+class BoundNetLog;
+class URLRequest;
+}
+
 namespace extension_web_request_api_helpers {
 
 typedef std::pair<std::string, std::string> ResponseHeader;
@@ -179,8 +184,8 @@ bool MergeOnAuthRequiredResponses(
     std::set<std::string>* conflicting_extensions,
     EventLogEntries* event_log_entries);
 
-// Returns true if requests for |url| shall not be reported to extensions.
-bool HideRequestForURL(const GURL& url);
+// Returns true if the request shall not be reported to extensions.
+bool HideRequest(net::URLRequest* request);
 
 // Returns whether |type| is a ResourceType that is handled by the web request
 // API.
diff --git a/chrome/browser/extensions/api/web_request/web_request_api_unittest.cc b/chrome/browser/extensions/api/web_request/web_request_api_unittest.cc
index 1108e1b..2c78f1f 100644
--- a/chrome/browser/extensions/api/web_request/web_request_api_unittest.cc
+++ b/chrome/browser/extensions/api/web_request/web_request_api_unittest.cc
@@ -1485,6 +1485,7 @@ TEST(ExtensionWebRequestHelpersTest, TestMergeOnAuthRequiredResponses) {
 }
 
 TEST(ExtensionWebRequestHelpersTest, TestHideRequestForURL) {
+  MessageLoopForIO message_loop;
   const char* sensitive_urls[] = {
       "http://www.google.com/chrome",
       "https://www.google.com/chrome",
@@ -1505,12 +1506,25 @@ TEST(ExtensionWebRequestHelpersTest, TestHideRequestForURL) {
   const char* non_sensitive_urls[] = {
       "http://www.google.com/"
   };
+  // Check that requests are rejected based on the destination
   for (size_t i = 0; i < arraysize(sensitive_urls); ++i) {
-    EXPECT_TRUE(helpers::HideRequestForURL(GURL(sensitive_urls[i])))
-        << sensitive_urls[i];
+    GURL sensitive_url(sensitive_urls[i]);
+    TestURLRequest request(sensitive_url, NULL);
+    EXPECT_TRUE(helpers::HideRequest(&request)) << sensitive_urls[i];
   }
+  // Check that requests are accepted if they don't touch sensitive urls.
   for (size_t i = 0; i < arraysize(non_sensitive_urls); ++i) {
-    EXPECT_FALSE(helpers::HideRequestForURL(GURL(non_sensitive_urls[i])))
-        << non_sensitive_urls[i];
+    GURL non_sensitive_url(non_sensitive_urls[i]);
+    TestURLRequest request(non_sensitive_url, NULL);
+    EXPECT_FALSE(helpers::HideRequest(&request)) << non_sensitive_urls[i];
+  }
+  // Check that requests are rejected if their first party url is sensitive.
+  ASSERT_GE(arraysize(non_sensitive_urls), 1u);
+  GURL non_sensitive_url(non_sensitive_urls[0]);
+  for (size_t i = 0; i < arraysize(sensitive_urls); ++i) {
+    TestURLRequest request(non_sensitive_url, NULL);
+    GURL sensitive_url(sensitive_urls[i]);
+    request.set_first_party_for_cookies(sensitive_url);
+    EXPECT_TRUE(helpers::HideRequest(&request)) << sensitive_urls[i];
   }
 }