Restrict webRequest events to extensions with host permissions

for the URL of the request being made. This has the side effect of allowing extensions to see network requests made to their extension (chrome-extension://my-extension-id/*). BUG=92485,92395 TEST=no Review URL: http://codereview.chromium.org/8274014 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@105859 0039d316-1c4b-4281-b951-d872f2087c98
author: mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-10-17 18:39:26 +0000
committer: mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-10-17 18:39:26 +0000
commit: 35d5280876154e0dab2f472314e49dce2ced217b (patch)
tree: 397419e377486ebc7c6c776622970b2106846c68 /chrome/browser/extensions
parent: 71739aad68e647b360158e72cf4aeddf5f2490d0 (diff)
download: chromium_src-35d5280876154e0dab2f472314e49dce2ced217b.zip
chromium_src-35d5280876154e0dab2f472314e49dce2ced217b.tar.gz
chromium_src-35d5280876154e0dab2f472314e49dce2ced217b.tar.bz2
3 files changed, 18 insertions, 14 deletions
diff --git a/chrome/browser/extensions/extension_webrequest_api.cc b/chrome/browser/extensions/extension_webrequest_api.cc
index 0874731..e969c7a6 100644
--- a/chrome/browser/extensions/extension_webrequest_api.cc
+++ b/chrome/browser/extensions/extension_webrequest_api.cc
@@ -155,15 +155,23 @@ bool IsWebRequestEvent(const std::string& event_name) {
                    event_name) != ARRAYEND(kWebRequestEvents);
 }
 
-bool allow_extension_scheme = false;
+// Returns true if the scheme is one we want to allow extensions to have access
+// to. Extensions still need specific permissions for a given URL, which is
+// covered by CanExtensionAccessURL.
 bool HasWebRequestScheme(const GURL& url) {
-  if (allow_extension_scheme && url.SchemeIs(chrome::kExtensionScheme))
-    return true;
   return (url.SchemeIs(chrome::kAboutScheme) ||
           url.SchemeIs(chrome::kFileScheme) ||
           url.SchemeIs(chrome::kFtpScheme) ||
           url.SchemeIs(chrome::kHttpScheme) ||
-          url.SchemeIs(chrome::kHttpsScheme));
+          url.SchemeIs(chrome::kHttpsScheme) ||
+          url.SchemeIs(chrome::kExtensionScheme));
+}
+
+bool CanExtensionAccessURL(const Extension* extension, const GURL& url) {
+  // about: URLs are not covered in host permissions, but are allowed anyway.
+  return (url.SchemeIs(chrome::kAboutScheme) ||
+          extension->HasHostPermission(url) ||
+          url.GetOrigin() == extension->url());
 }
 
 const char* ResourceTypeToString(ResourceType::Type type) {
@@ -465,11 +473,6 @@ ExtensionWebRequestEventRouter::RequestFilter::~RequestFilter() {
 //
 
 // static
-void ExtensionWebRequestEventRouter::SetAllowChromeExtensionScheme() {
-  allow_extension_scheme = true;
-}
-
-// static
 ExtensionWebRequestEventRouter* ExtensionWebRequestEventRouter::GetInstance() {
   return Singleton<ExtensionWebRequestEventRouter>::get();
 }
@@ -1063,15 +1066,20 @@ void ExtensionWebRequestEventRouter::GetMatchingListenersImpl(
                   resource_type) == it->filter.types.end())
       continue;
 
-    // Check if this event crosses incognito boundaries when it shouldn't.
     // extension_info_map can be NULL if this is a system-level request.
     if (extension_info_map) {
       const Extension* extension =
           extension_info_map->extensions().GetByID(it->extension_id);
+
+      // Check if this event crosses incognito boundaries when it shouldn't.
       if (!extension ||
           (crosses_incognito &&
            !extension_info_map->CanCrossIncognito(extension)))
         continue;
+
+      // Only send webRequest events for URLs the extension has access to.
+      if (!CanExtensionAccessURL(extension, url))
+        continue;
     }
 
     matching_listeners->push_back(&(*it));
diff --git a/chrome/browser/extensions/extension_webrequest_api.h b/chrome/browser/extensions/extension_webrequest_api.h
index 5196818..3de36cb 100644
--- a/chrome/browser/extensions/extension_webrequest_api.h
+++ b/chrome/browser/extensions/extension_webrequest_api.h
@@ -150,9 +150,6 @@ class ExtensionWebRequestEventRouter {
 
   typedef std::list<linked_ptr<EventResponseDelta> > EventResponseDeltas;
 
-  // Used in testing to allow chrome-extension URLs to be intercepted.
-  static void SetAllowChromeExtensionScheme();
-
   static ExtensionWebRequestEventRouter* GetInstance();
 
   // Dispatches the OnBeforeRequest event to any extensions whose filters match
diff --git a/chrome/browser/extensions/extension_webrequest_apitest.cc b/chrome/browser/extensions/extension_webrequest_apitest.cc
index 204468b..c12f2da 100644
--- a/chrome/browser/extensions/extension_webrequest_apitest.cc
+++ b/chrome/browser/extensions/extension_webrequest_apitest.cc
@@ -44,7 +44,6 @@ class ExtensionWebRequestApiTest : public ExtensionApiTest {
  public:
   virtual void SetUpInProcessBrowserTestFixture() {
     ExtensionApiTest::SetUpInProcessBrowserTestFixture();
-    ExtensionWebRequestEventRouter::SetAllowChromeExtensionScheme();
     host_resolver()->AddRule("*", "127.0.0.1");
     ASSERT_TRUE(StartTestServer());
   }
author	mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-10-17 18:39:26 +0000
committer	mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-10-17 18:39:26 +0000
commit	35d5280876154e0dab2f472314e49dce2ced217b (patch)
tree	397419e377486ebc7c6c776622970b2106846c68 /chrome/browser/extensions
parent	71739aad68e647b360158e72cf4aeddf5f2490d0 (diff)
download	chromium_src-35d5280876154e0dab2f472314e49dce2ced217b.zip chromium_src-35d5280876154e0dab2f472314e49dce2ced217b.tar.gz chromium_src-35d5280876154e0dab2f472314e49dce2ced217b.tar.bz2