diff options
| author | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-23 22:55:00 +0000 |
|---|---|---|
| committer | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-09-23 22:55:00 +0000 |
| commit | 1cea23942dddeeb854a0f8120812e87b5c962d34 (patch) | |
| tree | 8b957aaf4e349bd100791ac1c7d8e4c9edbc8dd3 /chrome/browser | |
| parent | 088ee1afadb121aaf01cb033c373ade1d35456ac (diff) | |
| download | chromium_src-1cea23942dddeeb854a0f8120812e87b5c962d34.zip chromium_src-1cea23942dddeeb854a0f8120812e87b5c962d34.tar.gz chromium_src-1cea23942dddeeb854a0f8120812e87b5c962d34.tar.bz2 | |
Allow extensions to request the icons of hosted apps.
BUG=53495
TEST=
Review URL: http://codereview.chromium.org/3409004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@60371 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser')
| -rw-r--r-- | chrome/browser/extensions/extension_protocols.cc | 12 | ||||
| -rw-r--r-- | chrome/browser/net/chrome_url_request_context.cc | 16 | ||||
| -rw-r--r-- | chrome/browser/net/chrome_url_request_context.h | 11 | ||||
| -rw-r--r-- | chrome/browser/profile_impl.cc | 3 |
4 files changed, 34 insertions, 8 deletions
diff --git a/chrome/browser/extensions/extension_protocols.cc b/chrome/browser/extensions/extension_protocols.cc index f281c74..874b759 100644 --- a/chrome/browser/extensions/extension_protocols.cc +++ b/chrome/browser/extensions/extension_protocols.cc @@ -88,11 +88,15 @@ bool AllowExtensionResourceLoad(URLRequest* request, return true; // Disallow loading of packaged resources for hosted apps. We don't allow - // hybrid hosted/packaged apps. + // hybrid hosted/packaged apps. The one exception is access to icons, since + // some extensions want to be able to do things like create their own + // launchers. if (context->ExtensionHasWebExtent(request->url().host())) { - LOG(ERROR) << "Denying load of " << request->url().spec() << " from " - << "hosted app."; - return false; + if (!context->URLIsForExtensionIcon(request->url())) { + LOG(ERROR) << "Denying load of " << request->url().spec() << " from " + << "hosted app."; + return false; + } } // Don't allow toplevel navigations to extension resources in incognito mode. diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc index 11a8796..e7811fc 100644 --- a/chrome/browser/net/chrome_url_request_context.cc +++ b/chrome/browser/net/chrome_url_request_context.cc @@ -867,6 +867,19 @@ bool ChromeURLRequestContext::CheckURLAccessToExtensionPermission( permission_name) != api_permissions.end(); } +bool ChromeURLRequestContext::URLIsForExtensionIcon(const GURL& url) { + DCHECK(url.SchemeIs(chrome::kExtensionScheme)); + + ExtensionInfoMap::iterator iter = extension_info_.find(url.host()); + if (iter == extension_info_.end()) + return false; + + std::string path = url.path(); + DCHECK(path.length() > 0 && path[0] == '/'); + path = path.substr(1); + return iter->second->icons.ContainsPath(path); +} + const std::string& ChromeURLRequestContext::GetUserAgent( const GURL& url) const { return webkit_glue::GetUserAgent(url); @@ -1002,7 +1015,8 @@ ChromeURLRequestContextFactory::ChromeURLRequestContextFactory(Profile* profile) (*iter)->incognito_split_mode(), (*iter)->web_extent(), (*iter)->GetEffectiveHostPermissions(), - (*iter)->api_permissions())); + (*iter)->api_permissions(), + (*iter)->icons())); } } diff --git a/chrome/browser/net/chrome_url_request_context.h b/chrome/browser/net/chrome_url_request_context.h index fb69ee8..cd4200c 100644 --- a/chrome/browser/net/chrome_url_request_context.h +++ b/chrome/browser/net/chrome_url_request_context.h @@ -20,6 +20,7 @@ #include "chrome/browser/net/chrome_cookie_policy.h" #include "chrome/browser/prefs/pref_service.h" #include "chrome/common/extensions/extension.h" +#include "chrome/common/extensions/extension_icon_set.h" #include "chrome/common/net/url_request_context_getter.h" #include "chrome/common/notification_registrar.h" #include "net/base/cookie_monster.h" @@ -57,14 +58,16 @@ class ChromeURLRequestContext : public URLRequestContext { bool incognito_split_mode, const ExtensionExtent& extent, const ExtensionExtent& effective_host_permissions, - const std::vector<std::string>& api_permissions) + const std::vector<std::string>& api_permissions, + const ExtensionIconSet& icons) : name(name), path(path), default_locale(default_locale), incognito_split_mode(incognito_split_mode), extent(extent), effective_host_permissions(effective_host_permissions), - api_permissions(api_permissions) { + api_permissions(api_permissions), + icons(icons) { } const std::string name; const FilePath path; @@ -73,6 +76,7 @@ class ChromeURLRequestContext : public URLRequestContext { const ExtensionExtent extent; const ExtensionExtent effective_host_permissions; std::vector<std::string> api_permissions; + ExtensionIconSet icons; }; // Map of extension info by extension id. @@ -106,6 +110,9 @@ class ChromeURLRequestContext : public URLRequestContext { bool CheckURLAccessToExtensionPermission(const GURL& url, const char* permission_name); + // Returns true if the specified URL references the icon for an extension. + bool URLIsForExtensionIcon(const GURL& url); + // Gets the path to the directory user scripts are stored in. FilePath user_script_dir_path() const { return user_script_dir_path_; diff --git a/chrome/browser/profile_impl.cc b/chrome/browser/profile_impl.cc index cce9629..22c456a 100644 --- a/chrome/browser/profile_impl.cc +++ b/chrome/browser/profile_impl.cc @@ -182,7 +182,8 @@ void PostExtensionLoadedToContextGetter(ChromeURLRequestContextGetter* getter, extension->incognito_split_mode(), extension->web_extent(), extension->GetEffectiveHostPermissions(), - extension->api_permissions()))); + extension->api_permissions(), + extension->icons()))); } void PostExtensionUnloadedToContextGetter(ChromeURLRequestContextGetter* getter, |