Revert 61323 - Component extensions (and whitelisted extensions) specifying <all_urls> in their Extension match pattern should be allowed to run content scripts everywhere (including chrome://, chrome-extension://, about: and gallery pages.

The intent was to also allow these extensions to specify more granular permissions, such as about:version instead of <all_urls>, but that didn't make the cut this time. This CL also enables <all_urls> for host permissions for regular extensions, which was disabled before. Note: That still doesn't give them permission to script the gallery and chrome:// pages, etc. BUG=36275 TEST=New: ExtensionBrowserTest.AllUrlsWhitelistedExtension, ExtensionBrowserTest.AllUrlsRegularExtensions Review URL: http://codereview.chromium.org/3440027 TBR=finnur@chromium.org Review URL: http://codereview.chromium.org/3557006 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61327 0039d316-1c4b-4281-b951-d872f2087c98
author: finnur@chromium.org <finnur@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-10-03 10:01:26 +0000
committer: finnur@chromium.org <finnur@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-10-03 10:01:26 +0000
commit: ab57a59d94280b432f728787fc2563227797d101 (patch)
tree: 0bebabb8be797300add05b6673cafc824fc4a9b0 /chrome/browser/extensions
parent: f979ce4f17143dc97f7bfbdc81759993fd283bc5 (diff)
download: chromium_src-ab57a59d94280b432f728787fc2563227797d101.zip
chromium_src-ab57a59d94280b432f728787fc2563227797d101.tar.gz
chromium_src-ab57a59d94280b432f728787fc2563227797d101.tar.bz2
6 files changed, 39 insertions, 134 deletions
diff --git a/chrome/browser/extensions/all_urls_apitest.cc b/chrome/browser/extensions/all_urls_apitest.cc
deleted file mode 100644
index 067eef0..0000000
--- a/chrome/browser/extensions/all_urls_apitest.cc
+++ /dev/null
@@ -1,112 +0,0 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-
-#include "chrome/browser/browser.h"
-#include "chrome/browser/extensions/extension_apitest.h"
-#include "chrome/browser/extensions/extension_test_message_listener.h"
-#include "chrome/browser/extensions/extensions_service.h"
-#include "chrome/browser/profile.h"
-#include "chrome/common/extensions/extension.h"
-#include "chrome/test/ui_test_utils.h"
-
-const std::string kAllUrlsTarget =
-    "files/extensions/uitests/component_all_urls/index.html";
-
-typedef ExtensionApiTest AllUrlsApiTest;
-
-#if !defined(OS_WIN)
-// Disabled, see http://crbug.com/57694.
-#define WhitelistedExtension DISABLED_WhitelistedExtension
-#endif
-
-IN_PROC_BROWSER_TEST_F(AllUrlsApiTest, WhitelistedExtension) {
-  // First add the two extensions we are going to load to the whitelist.
-  const char* kCanExecuteScriptsEverywhere[] = {
-    "fekpfaahmgnelcjpkefdnpiofglcgmgo",
-    "bpkfbiacjfimfmglhncgmibnddpnhmoj",
-  };
-  Extension::SetScriptingWhitelist(kCanExecuteScriptsEverywhere,
-                                   arraysize(kCanExecuteScriptsEverywhere));
-
-  // Then load the two extension.
-  FilePath extension_dir1 = test_data_dir_.AppendASCII("all_urls")
-                                          .AppendASCII("content_script");
-  FilePath extension_dir2 = test_data_dir_.AppendASCII("all_urls")
-                                          .AppendASCII("execute_script");
-
-  ExtensionsService* service = browser()->profile()->GetExtensionsService();
-  const size_t size_before = service->extensions()->size();
-  ASSERT_TRUE(LoadExtension(extension_dir1));
-  ASSERT_TRUE(LoadExtension(extension_dir2));
-  EXPECT_EQ(size_before + 2, service->extensions()->size());
-
-  std::string url;
-
-  // Now verify we run content scripts on chrome://newtab/.
-  url = "chrome://newtab/";
-  ExtensionTestMessageListener listener1a("content script: " + url);
-  ExtensionTestMessageListener listener1b("execute: " + url);
-  ui_test_utils::NavigateToURL(browser(), GURL(url));
-  ASSERT_TRUE(listener1a.WaitUntilSatisfied());
-  ASSERT_TRUE(listener1b.WaitUntilSatisfied());
-
-  // Now verify data: urls.
-  url = "data:text/html;charset=utf-8,<html>asdf</html>";
-  ExtensionTestMessageListener listener2a("content script: " + url);
-  ExtensionTestMessageListener listener2b("execute: " + url);
-  ui_test_utils::NavigateToURL(browser(), GURL(url));
-  ASSERT_TRUE(listener2a.WaitUntilSatisfied());
-  ASSERT_TRUE(listener2b.WaitUntilSatisfied());
-
-  // Now verify about:version.
-  url = "about:version";
-  ExtensionTestMessageListener listener3a("content script: " + url);
-  ExtensionTestMessageListener listener3b("execute: " + url);
-  ui_test_utils::NavigateToURL(browser(), GURL(url));
-  ASSERT_TRUE(listener3a.WaitUntilSatisfied());
-  ASSERT_TRUE(listener3b.WaitUntilSatisfied());
-
-  // Now verify about:blank.
-  url = "about:blank";
-  ExtensionTestMessageListener listener4a("content script: " + url);
-  ExtensionTestMessageListener listener4b("execute: " + url);
-  ui_test_utils::NavigateToURL(browser(), GURL(url));
-  ASSERT_TRUE(listener4a.WaitUntilSatisfied());
-  ASSERT_TRUE(listener4b.WaitUntilSatisfied());
-
-  // Now verify we can script a regular http page.
-  ASSERT_TRUE(test_server()->Start());
-  GURL page_url = test_server()->GetURL(kAllUrlsTarget);
-  ExtensionTestMessageListener listener5a("content script: " + page_url.spec());
-  ExtensionTestMessageListener listener5b("execute: " + page_url.spec());
-  ui_test_utils::NavigateToURL(browser(), page_url);
-  ASSERT_TRUE(listener5a.WaitUntilSatisfied());
-  ASSERT_TRUE(listener5b.WaitUntilSatisfied());
-}
-
-// Test that an extension NOT whitelisted for scripting can ask for <all_urls>
-// and run scripts on non-restricted all pages.
-IN_PROC_BROWSER_TEST_F(AllUrlsApiTest, RegularExtensions) {
-  // First load the two extension.
-  FilePath extension_dir1 = test_data_dir_.AppendASCII("all_urls")
-                                          .AppendASCII("content_script");
-  FilePath extension_dir2 = test_data_dir_.AppendASCII("all_urls")
-                                          .AppendASCII("execute_script");
-
-  ExtensionsService* service = browser()->profile()->GetExtensionsService();
-  const size_t size_before = service->extensions()->size();
-  ASSERT_TRUE(LoadExtension(extension_dir1));
-  ASSERT_TRUE(LoadExtension(extension_dir2));
-  EXPECT_EQ(size_before + 2, service->extensions()->size());
-
-  // Now verify we can script a regular http page.
-  ASSERT_TRUE(test_server()->Start());
-  GURL page_url = test_server()->GetURL(kAllUrlsTarget);
-  ExtensionTestMessageListener listener1a("content script: " + page_url.spec());
-  ExtensionTestMessageListener listener1b("execute: " + page_url.spec());
-  ui_test_utils::NavigateToURL(browser(), page_url);
-  ASSERT_TRUE(listener1a.WaitUntilSatisfied());
-  ASSERT_TRUE(listener1b.WaitUntilSatisfied());
-}
diff --git a/chrome/browser/extensions/execute_code_in_tab_function.cc b/chrome/browser/extensions/execute_code_in_tab_function.cc
index b7bf999..52f519d 100644
--- a/chrome/browser/extensions/execute_code_in_tab_function.cc
+++ b/chrome/browser/extensions/execute_code_in_tab_function.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -78,17 +78,9 @@ bool ExecuteCodeInTabFunction::RunImpl() {
 
   // NOTE: This can give the wrong answer due to race conditions, but it is OK,
   // we check again in the renderer.
-  Extension* extension = GetExtension();
-  const std::vector<URLPattern> host_permissions =
-      extension->host_permissions();
-  if (!Extension::CanExecuteScriptOnPage(
-        contents->GetURL(),
-        extension->CanExecuteScriptEverywhere(),
-        &host_permissions,
-        NULL,
-        &error_)) {
+  if (!profile()->GetExtensionsService()->CanExecuteScriptOnHost(
+          GetExtension(), contents->GetURL(), &error_))
     return false;
-  }
 
   if (script_info->HasKey(keys::kAllFramesKey)) {
     if (!script_info->GetBoolean(keys::kAllFramesKey, &all_frames_))
@@ -172,7 +164,8 @@ bool ExecuteCodeInTabFunction::Execute(const std::string& code_string) {
     DCHECK(false);
   }
   if (!contents->ExecuteCode(request_id(), extension->id(),
-                             is_js_code, code_string, all_frames_)) {
+                             extension->host_permissions(), is_js_code,
+                             code_string, all_frames_)) {
     SendResponse(false);
     return false;
   }
diff --git a/chrome/browser/extensions/extension_browsertests_misc.cc b/chrome/browser/extensions/extension_browsertests_misc.cc
index 8338a52..012420a 100644
--- a/chrome/browser/extensions/extension_browsertests_misc.cc
+++ b/chrome/browser/extensions/extension_browsertests_misc.cc
@@ -799,6 +799,7 @@ IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest, DISABLED_OptionsPage) {
 
 // Test window.chrome.app.isInstalled .
 IN_PROC_BROWSER_TEST_F(ExtensionBrowserTest, PropertyAppIsInstalled) {
+
   std::string app_host("app.com");
   std::string nonapp_host("nonapp.com");
 
diff --git a/chrome/browser/extensions/extension_tabs_module.cc b/chrome/browser/extensions/extension_tabs_module.cc
index 60160c2..016c3ec 100644
--- a/chrome/browser/extensions/extension_tabs_module.cc
+++ b/chrome/browser/extensions/extension_tabs_module.cc
@@ -661,17 +661,9 @@ bool UpdateTabFunction::RunImpl() {
     // JavaScript URLs can do the same kinds of things as cross-origin XHR, so
     // we need to check host permissions before allowing them.
     if (url.SchemeIs(chrome::kJavaScriptScheme)) {
-      Extension* extension = GetExtension();
-      const std::vector<URLPattern> host_permissions =
-          extension->host_permissions();
-      if (!Extension::CanExecuteScriptOnPage(
-              contents->GetURL(),
-              extension->CanExecuteScriptEverywhere(),
-              &host_permissions,
-              NULL,
-              &error_)) {
+      if (!profile()->GetExtensionsService()->CanExecuteScriptOnHost(
+          GetExtension(), contents->GetURL(), &error_))
         return false;
-      }
 
       // TODO(aa): How does controller queue URLs? Is there any chance that this
       // JavaScript URL will end up applying to something other than
diff --git a/chrome/browser/extensions/extensions_service.cc b/chrome/browser/extensions/extensions_service.cc
index ea47716..bffb732 100644
--- a/chrome/browser/extensions/extensions_service.cc
+++ b/chrome/browser/extensions/extensions_service.cc
@@ -1259,6 +1259,30 @@ void ExtensionsService::SetAllowFileAccess(Extension* extension, bool allow) {
       Details<Extension>(extension));
 }
 
+bool ExtensionsService::CanExecuteScriptOnHost(Extension* extension,
+                                               const GURL& url,
+                                               std::string* error) const {
+  // No extensions are allowed to execute script on the gallery because that
+  // would allow extensions to manipulate their own install pages.
+  if (url.host() == GURL(Extension::ChromeStoreURL()).host()
+      && !CommandLine::ForCurrentProcess()->HasSwitch(
+          switches::kAllowScriptingGallery)) {
+    if (error)
+      *error = errors::kCannotScriptGallery;
+    return false;
+  }
+
+  if (extension->HasHostPermission(url))
+      return true;
+
+  if (error) {
+    *error = ExtensionErrorUtils::FormatErrorMessage(errors::kCannotAccessPage,
+                                                     url.spec());
+  }
+
+  return false;
+}
+
 void ExtensionsService::CheckForExternalUpdates() {
   // This installs or updates externally provided extensions.
   // TODO(aa): Why pass this list into the provider, why not just filter it
diff --git a/chrome/browser/extensions/extensions_service.h b/chrome/browser/extensions/extensions_service.h
index 1cf9fd4..18ef1f3 100644
--- a/chrome/browser/extensions/extensions_service.h
+++ b/chrome/browser/extensions/extensions_service.h
@@ -178,6 +178,13 @@ class ExtensionsService
   bool AllowFileAccess(const Extension* extension);
   void SetAllowFileAccess(Extension* extension, bool allow);
 
+  // Returns true if the extension has permission to execute script on a
+  // particular host.
+  // TODO(aa): Also use this in the renderer, for normal content script
+  // injection. Currently, that has its own copy of this code.
+  bool CanExecuteScriptOnHost(Extension* extension,
+                              const GURL& url, std::string* error) const;
+
   const FilePath& install_directory() const { return install_directory_; }
 
   // Initialize and start all installed extensions.
author	finnur@chromium.org <finnur@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-10-03 10:01:26 +0000
committer	finnur@chromium.org <finnur@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-10-03 10:01:26 +0000
commit	ab57a59d94280b432f728787fc2563227797d101 (patch)
tree	0bebabb8be797300add05b6673cafc824fc4a9b0 /chrome/browser/extensions
parent	f979ce4f17143dc97f7bfbdc81759993fd283bc5 (diff)
download	chromium_src-ab57a59d94280b432f728787fc2563227797d101.zip chromium_src-ab57a59d94280b432f728787fc2563227797d101.tar.gz chromium_src-ab57a59d94280b432f728787fc2563227797d101.tar.bz2