Don't allow updating tabs to javascript URLs without host

permissions to that tab.

Cleaned up a few things along the way:

- added a GetExtension() method to
  ExtensionFunctionDispatcher and ExtensionFunction since it
  was used in more than one place.

- Removed first param from chrome.test.failCallback() since
  it wasn't used anywhere.

- Added a convenience CanAccessHost() method to Extension,
  since it seems likely to be commonly used.

- Refactored setup of mock host resolver in browsertest,
  since the way it was, you could only customize it at the
  testsuite level, not the test level.

Review URL: http://codereview.chromium.org/199074

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25971 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 25 insertions, 3 deletions

diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc
index df59fa1..2566d41 100644
--- a/chrome/common/extensions/extension.cc
+++ b/chrome/common/extensions/extension.cc
@@ -982,6 +982,10 @@ bool Extension::InitFromValue(const DictionaryValue& source, bool require_id,
         return false;
       }
 
+      // The path component is not used for host permissions, so we force it to
+      // match all paths.
+      pattern.set_path("/*");
+
       host_permissions_.push_back(pattern);
     }
   }
@@ -1087,6 +1091,16 @@ FilePath Extension::GetIconPath(Icons icon) {
   return GetResourcePath(iter->second);
 }
 
+bool Extension::CanAccessHost(const GURL& url) const {
+  for (HostPermissions::const_iterator host = host_permissions_.begin();
+       host != host_permissions_.end(); ++host) {
+    if (host->MatchesUrl(url))
+      return true;
+  }
+
+  return false;
+}
+
 const std::set<std::string> Extension::GetEffectiveHostPermissions() const {
   std::set<std::string> effective_hosts;
 
diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h
index e8cdd10..5116bd3 100644
--- a/chrome/common/extensions/extension.h
+++ b/chrome/common/extensions/extension.h
@@ -199,12 +199,16 @@ class Extension {
   const std::vector<PluginInfo>& plugins() const { return plugins_; }
   const GURL& background_url() const { return background_url_; }
   const std::vector<ToolstripInfo>& toolstrips() const { return toolstrips_; }
-  const HostPermissions& host_permissions() const {
-    return host_permissions_;
-  }
   const std::vector<std::string>& api_permissions() const {
     return api_permissions_;
   }
+  const HostPermissions& host_permissions() const {
+    return host_permissions_;
+  }
+
+  // Returns true if the extension has permission to access the host for the
+  // specified URL.
+  bool CanAccessHost(const GURL& url) const;
 
   // Returns the set of hosts that the extension effectively has access to. This
   // is used in the permissions UI and is a combination of the hosts accessible
diff --git a/chrome/common/extensions/url_pattern.h b/chrome/common/extensions/url_pattern.h
index f69cd7a..d952216 100644
--- a/chrome/common/extensions/url_pattern.h
+++ b/chrome/common/extensions/url_pattern.h
@@ -98,6 +98,10 @@ class URLPattern {
   // Gets the path the pattern matches with the leading slash. This can have
   // embedded asterisks which are interpreted using glob rules.
   std::string path() const { return path_; }
+  void set_path(const std::string& path) {
+    path_ = path;
+    path_escaped_ = "";
+  }
 
  private:
   // Returns true if |test| matches our host.