diff options
| author | finnur@chromium.org <finnur@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-03 10:01:26 +0000 |
|---|---|---|
| committer | finnur@chromium.org <finnur@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-10-03 10:01:26 +0000 |
| commit | ab57a59d94280b432f728787fc2563227797d101 (patch) | |
| tree | 0bebabb8be797300add05b6673cafc824fc4a9b0 /chrome/common/extensions/extension.h | |
| parent | f979ce4f17143dc97f7bfbdc81759993fd283bc5 (diff) | |
| download | chromium_src-ab57a59d94280b432f728787fc2563227797d101.zip chromium_src-ab57a59d94280b432f728787fc2563227797d101.tar.gz chromium_src-ab57a59d94280b432f728787fc2563227797d101.tar.bz2 | |
Revert 61323 - Component extensions (and whitelisted extensions) specifying <all_urls> in their Extension match pattern should be allowed to run content scripts everywhere (including chrome://, chrome-extension://, about: and gallery pages.
The intent was to also allow these extensions to specify more granular permissions, such as about:version instead of <all_urls>, but that didn't make the cut this time.
This CL also enables <all_urls> for host permissions for regular extensions, which was disabled before. Note: That still doesn't give them permission to script the gallery and chrome:// pages, etc.
BUG=36275
TEST=New: ExtensionBrowserTest.AllUrlsWhitelistedExtension, ExtensionBrowserTest.AllUrlsRegularExtensions
Review URL: http://codereview.chromium.org/3440027
TBR=finnur@chromium.org
Review URL: http://codereview.chromium.org/3557006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@61327 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/common/extensions/extension.h')
| -rw-r--r-- | chrome/common/extensions/extension.h | 28 |
1 files changed, 2 insertions, 26 deletions
diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h index b1b00d3..f55ffe0 100644 --- a/chrome/common/extensions/extension.h +++ b/chrome/common/extensions/extension.h @@ -308,23 +308,6 @@ class Extension { // slash. static std::string ChromeStoreURL(); - // Helper function that consolidates the check for whether the script can - // execute into one location. |page_url| is the page that is the candidate - // for running the script, |can_execute_script_everywhere| specifies whether - // the extension is on the whitelist, |allowed_pages| is a vector of - // URLPatterns, listing what access the extension has, |script| is the script - // pointer (if content script) and |error| is an optional parameter, which - // will receive the error string listing why access was denied. - static bool CanExecuteScriptOnPage( - const GURL& page_url, - bool can_execute_script_everywhere, - const std::vector<URLPattern>* allowed_pages, - UserScript* script, - std::string* error); - - // Adds an extension to the scripting whitelist. Used for testing only. - static void SetScriptingWhitelist(const char** whitelist, size_t size); - // Initialize the extension from a parsed manifest. // Usually, the id of an extension is generated by the "key" property of // its manifest, but if |require_key| is |false|, a temporary ID will be @@ -379,7 +362,7 @@ class Extension { // the manifest. http, https, and chrome://favicon/ is allowed for all // extensions, while component extensions are allowed access to // chrome://resources. - bool CanSpecifyHostPermission(const URLPattern pattern) const; + bool CanAccessURL(const URLPattern pattern) const; // Whether the extension has access to the given URL. bool HasHostPermission(const GURL& url) const; @@ -479,10 +462,6 @@ class Extension { bool is_hosted_app() const { return is_app() && !web_extent().is_empty(); } bool is_packaged_app() const { return is_app() && web_extent().is_empty(); } - // Returns true if this extension is a COMPONENT extension, or if it is - // on the whitelist of extensions that can script all pages. - bool CanExecuteScriptEverywhere() const; - private: // We keep a cache of images loaded from extension resources based on their // path and a string representation of a size that may have been used to @@ -645,9 +624,6 @@ class Extension { // The type of container to launch into. extension_misc::LaunchContainer launch_container_; - // A whitelist of extensions that can script anywhere. - static char** scripting_whitelist_; - // The default size of the container when launching. Only respected for // containers like panels and windows. int launch_width_; @@ -656,7 +632,7 @@ class Extension { // Cached images for this extension. ImageCache image_cache_; - // The Omnibox keyword for this extension, or empty if there is none. + // The omnibox keyword for this extension, or empty if there is none. std::string omnibox_keyword_; // Runtime data: |