diff options
| author | mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-06-24 17:49:08 +0000 |
|---|---|---|
| committer | mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-06-24 17:49:08 +0000 |
| commit | 05c82189519642144323493e1d0cd65c41ce81ce (patch) | |
| tree | abb760e7c2d610ab059eec1222fc3d15b6b30db5 /chrome/common | |
| parent | eb40bc39aafb7933251450019e5b4bcb805982f5 (diff) | |
| download | chromium_src-05c82189519642144323493e1d0cd65c41ce81ce.zip chromium_src-05c82189519642144323493e1d0cd65c41ce81ce.tar.gz chromium_src-05c82189519642144323493e1d0cd65c41ce81ce.tar.bz2 | |
Require user opt-in before allowing content script injection on file URLs.
BUG=47180
Review URL: http://codereview.chromium.org/2809034
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@50737 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/common')
| -rw-r--r-- | chrome/common/chrome_switches.cc | 5 | ||||
| -rw-r--r-- | chrome/common/chrome_switches.h | 1 | ||||
| -rw-r--r-- | chrome/common/extensions/extension.cc | 21 | ||||
| -rw-r--r-- | chrome/common/extensions/extension.h | 6 | ||||
| -rw-r--r-- | chrome/common/extensions/user_script.cc | 2 | ||||
| -rw-r--r-- | chrome/common/extensions/user_script.h | 9 | ||||
| -rw-r--r-- | chrome/common/notification_type.h | 4 |
7 files changed, 20 insertions, 28 deletions
diff --git a/chrome/common/chrome_switches.cc b/chrome/common/chrome_switches.cc index 9852c97..c6bb2fe 100644 --- a/chrome/common/chrome_switches.cc +++ b/chrome/common/chrome_switches.cc @@ -136,6 +136,11 @@ const char kDisableDevTools[] = "disable-dev-tools"; // Disable extensions. const char kDisableExtensions[] = "disable-extensions"; +// Disable checking for user opt-in for extensions that want to inject script +// into file URLs (ie, always allow it). This is used during automated testing. +const char kDisableExtensionsFileAccessCheck[] = + "disable-extensions-file-access-check"; + // Suppresses support for the Geolocation javascript API. const char kDisableGeolocation[] = "disable-geolocation"; diff --git a/chrome/common/chrome_switches.h b/chrome/common/chrome_switches.h index 80df849..6aa3b40 100644 --- a/chrome/common/chrome_switches.h +++ b/chrome/common/chrome_switches.h @@ -53,6 +53,7 @@ extern const char kDisableDatabases[]; extern const char kDisableDesktopNotifications[]; extern const char kDisableDevTools[]; extern const char kDisableExtensions[]; +extern const char kDisableExtensionsFileAccessCheck[]; extern const char kDisableGeolocation[]; extern const char kDisableHangMonitor[]; extern const char kDisableInternalFlash[]; diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc index 1460ac5..47216fc 100644 --- a/chrome/common/extensions/extension.cc +++ b/chrome/common/extensions/extension.cc @@ -1654,27 +1654,6 @@ bool Extension::HasHostPermission(const GURL& url) const { return false; } -bool Extension::CanExecuteScriptOnHost(const GURL& url, - std::string* error) const { - // No extensions are allowed to execute script on the gallery because that - // would allow extensions to manipulate their own install pages. - if (url.host() == GURL(ChromeStoreURL()).host()) { - if (error) - *error = errors::kCannotScriptGallery; - return false; - } - - if (HasHostPermission(url)) - return true; - - if (error) { - *error = ExtensionErrorUtils::FormatErrorMessage(errors::kCannotAccessPage, - url.spec()); - } - - return false; -} - const std::set<std::string> Extension::GetEffectiveHostPermissions() const { std::set<std::string> effective_hosts; diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h index d0642dc..1af1d23 100644 --- a/chrome/common/extensions/extension.h +++ b/chrome/common/extensions/extension.h @@ -253,12 +253,6 @@ class Extension { return host_permissions_; } - // Returns true if the extension has permission to execute script on a - // particular host. - // TODO(aa): Also use this in the renderer, for normal content script - // injection. Currently, that has its own copy of this code. - bool CanExecuteScriptOnHost(const GURL& url, std::string* error) const; - // Returns true if the extension has the specified API permission. bool HasApiPermission(const std::string& permission) const { return std::find(api_permissions_.begin(), api_permissions_.end(), diff --git a/chrome/common/extensions/user_script.cc b/chrome/common/extensions/user_script.cc index 5ed2040..b55a10c 100644 --- a/chrome/common/extensions/user_script.cc +++ b/chrome/common/extensions/user_script.cc @@ -81,6 +81,7 @@ void UserScript::Pickle(::Pickle* pickle) const { pickle->WriteBool(emulate_greasemonkey()); pickle->WriteBool(match_all_frames()); pickle->WriteBool(is_incognito_enabled()); + pickle->WriteBool(allow_file_access()); // Write globs. std::vector<std::string>::const_iterator glob; @@ -126,6 +127,7 @@ void UserScript::Unpickle(const ::Pickle& pickle, void** iter) { CHECK(pickle.ReadBool(iter, &emulate_greasemonkey_)); CHECK(pickle.ReadBool(iter, &match_all_frames_)); CHECK(pickle.ReadBool(iter, &incognito_enabled_)); + CHECK(pickle.ReadBool(iter, &allow_file_access_)); // Read globs. size_t num_globs = 0; diff --git a/chrome/common/extensions/user_script.h b/chrome/common/extensions/user_script.h index 6bf30ee..ac8f836 100644 --- a/chrome/common/extensions/user_script.h +++ b/chrome/common/extensions/user_script.h @@ -102,7 +102,8 @@ class UserScript { // Greasemonkey and probably more useful for typical scripts. UserScript() : run_location_(DOCUMENT_IDLE), emulate_greasemonkey_(false), - match_all_frames_(false), incognito_enabled_(false) { + match_all_frames_(false), incognito_enabled_(false), + allow_file_access_(false) { } const std::string& name_space() const { return name_space_; } @@ -170,6 +171,9 @@ class UserScript { bool is_incognito_enabled() const { return incognito_enabled_; } void set_incognito_enabled(bool enabled) { incognito_enabled_ = enabled; } + bool allow_file_access() const { return allow_file_access_; } + void set_allow_file_access(bool allowed) { allow_file_access_ = allowed; } + bool is_standalone() const { return extension_id_.empty(); } // Returns true if the script should be applied to the specified URL, false @@ -232,6 +236,9 @@ class UserScript { // True if the script should be injected into an incognito tab. bool incognito_enabled_; + + // True if the user agreed to allow this script access to file URLs. + bool allow_file_access_; }; typedef std::vector<UserScript> UserScriptList; diff --git a/chrome/common/notification_type.h b/chrome/common/notification_type.h index 464f629..3c96a1a 100644 --- a/chrome/common/notification_type.h +++ b/chrome/common/notification_type.h @@ -787,6 +787,10 @@ class NotificationType { // Same as above, but for a disabled extension. EXTENSION_UNLOADED_DISABLED, + // Sent when an extension has updated its user scripts. The details are an + // Extension, and the source is a Profile. + EXTENSION_USER_SCRIPTS_UPDATED, + // Sent after a new ExtensionFunctionDispatcher is created. The details are // an ExtensionFunctionDispatcher* and the source is a Profile*. This is // similar in timing to EXTENSION_HOST_CREATED, but also fires when an |