diff options
| author | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 17:38:56 +0000 |
|---|---|---|
| committer | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-08-11 17:38:56 +0000 |
| commit | e6ba241000ba3d0ba7335cf6ffb0b1c9fcf9bdd1 (patch) | |
| tree | a6bd0c41fa4e558a6b774367b870341d54800b65 /chrome/common | |
| parent | 1c99edc8d48f94702ac085197779ea22b820549b (diff) | |
| download | chromium_src-e6ba241000ba3d0ba7335cf6ffb0b1c9fcf9bdd1.zip chromium_src-e6ba241000ba3d0ba7335cf6ffb0b1c9fcf9bdd1.tar.gz chromium_src-e6ba241000ba3d0ba7335cf6ffb0b1c9fcf9bdd1.tar.bz2 | |
Forbid hybrid apps.
BUG=49234
Review URL: http://codereview.chromium.org/3123004
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55750 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/common')
| -rw-r--r-- | chrome/common/extensions/extension.cc | 68 | ||||
| -rw-r--r-- | chrome/common/extensions/extension.h | 1 | ||||
| -rw-r--r-- | chrome/common/extensions/extension_constants.cc | 2 | ||||
| -rw-r--r-- | chrome/common/extensions/extension_constants.h | 1 | ||||
| -rw-r--r-- | chrome/common/extensions/extension_manifests_unittest.cc | 7 |
5 files changed, 52 insertions, 27 deletions
diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc index 902eab4..f0e9683 100644 --- a/chrome/common/extensions/extension.cc +++ b/chrome/common/extensions/extension.cc @@ -71,28 +71,37 @@ static void ConvertHexadecimalToIDAlphabet(std::string* id) { const int kValidWebExtentSchemes = URLPattern::SCHEME_HTTP | URLPattern::SCHEME_HTTPS; -} // namespace - -const FilePath::CharType Extension::kManifestFilename[] = - FILE_PATH_LITERAL("manifest.json"); -const FilePath::CharType Extension::kLocaleFolder[] = - FILE_PATH_LITERAL("_locales"); -const FilePath::CharType Extension::kMessagesFilename[] = - FILE_PATH_LITERAL("messages.json"); - -// A list of all the keys allowed by themes. -static const wchar_t* kValidThemeKeys[] = { +// These keys are allowed by all crx files (apps, extensions, themes, etc). +static const wchar_t* kBaseCrxKeys[] = { keys::kCurrentLocale, keys::kDefaultLocale, keys::kDescription, + keys::kIcons, keys::kName, keys::kPublicKey, keys::kSignature, - keys::kTheme, keys::kVersion, keys::kUpdateURL }; +bool IsBaseCrxKey(const std::wstring& key) { + for (size_t i = 0; i < arraysize(kBaseCrxKeys); ++i) { + if (key == kBaseCrxKeys[i]) + return true; + } + + return false; +} + +} // namespace + +const FilePath::CharType Extension::kManifestFilename[] = + FILE_PATH_LITERAL("manifest.json"); +const FilePath::CharType Extension::kLocaleFolder[] = + FILE_PATH_LITERAL("_locales"); +const FilePath::CharType Extension::kMessagesFilename[] = + FILE_PATH_LITERAL("messages.json"); + #if defined(OS_WIN) const char* Extension::kExtensionRegistryPath = "Software\\Google\\Chrome\\Extensions"; @@ -514,23 +523,10 @@ ExtensionAction* Extension::LoadExtensionActionHelper( } bool Extension::ContainsNonThemeKeys(const DictionaryValue& source) { - // Generate a map of allowable keys - static std::map<std::string, bool> theme_keys; - static bool theme_key_mapped = false; - if (!theme_key_mapped) { - for (size_t i = 0; i < arraysize(kValidThemeKeys); ++i) { - // TODO(viettrungluu): Make the constants |char*|s and avoid converting. - theme_keys[WideToUTF8(kValidThemeKeys[i])] = true; - } - theme_key_mapped = true; - } - - // Go through all the root level keys and verify that they're in the map - // of keys allowable by themes. If they're not, then make a not of it for - // later. for (DictionaryValue::key_iterator iter = source.begin_keys(); iter != source.end_keys(); ++iter) { - if (theme_keys.find(*iter) == theme_keys.end()) + std::wstring key = ASCIIToWide(*iter); + if (!IsBaseCrxKey(key) && key != keys::kTheme) return true; } return false; @@ -725,6 +721,23 @@ bool Extension::LoadLaunchFullscreen(const DictionaryValue* manifest, return true; } +bool Extension::EnsureNotHybridApp(const DictionaryValue* manifest, + std::string* error) { + if (web_extent().is_empty()) + return true; + + for (DictionaryValue::key_iterator iter = manifest->begin_keys(); + iter != manifest->end_keys(); ++iter) { + std::wstring key = ASCIIToWide(*iter); + if (!IsBaseCrxKey(key) && key != keys::kApp && key != keys::kPermissions) { + *error = errors::kHostedAppsCannotIncludeExtensionFeatures; + return false; + } + } + + return true; +} + Extension::Extension(const FilePath& path) : converted_from_user_script_(false), is_theme_(false), @@ -1506,6 +1519,7 @@ bool Extension::InitFromValue(const DictionaryValue& source, bool require_key, !LoadExtent(manifest_value_.get(), keys::kBrowseURLs, &browse_extent_, errors::kInvalidBrowseURLs, errors::kInvalidBrowseURL, error) || + !EnsureNotHybridApp(manifest_value_.get(), error) || !LoadLaunchURL(manifest_value_.get(), error) || !LoadLaunchContainer(manifest_value_.get(), error) || !LoadLaunchFullscreen(manifest_value_.get(), error)) { diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h index 9f3ca6c..432e82c 100644 --- a/chrome/common/extensions/extension.h +++ b/chrome/common/extensions/extension.h @@ -424,6 +424,7 @@ class Extension { bool LoadLaunchFullscreen(const DictionaryValue* manifest, std::string* error); bool LoadLaunchURL(const DictionaryValue* manifest, std::string* error); + bool EnsureNotHybridApp(const DictionaryValue* manifest, std::string* error); // Helper method to load an ExtensionAction from the page_action or // browser_action entries in the manifest. diff --git a/chrome/common/extensions/extension_constants.cc b/chrome/common/extensions/extension_constants.cc index ce4d74f..8fdeb2e 100644 --- a/chrome/common/extensions/extension_constants.cc +++ b/chrome/common/extensions/extension_constants.cc @@ -97,6 +97,8 @@ const char* kDisabledByPolicy = const char* kDevToolsExperimental = "You must request the 'experimental' permission in order to use the" " DevTools API."; +const char* kHostedAppsCannotIncludeExtensionFeatures = + "Hosted apps cannot use extension features."; const char* kInvalidAllFrames = "Invalid value for 'content_scripts[*].all_frames'."; const char* kInvalidBackground = diff --git a/chrome/common/extensions/extension_constants.h b/chrome/common/extensions/extension_constants.h index bc85b3c..4027737 100644 --- a/chrome/common/extensions/extension_constants.h +++ b/chrome/common/extensions/extension_constants.h @@ -89,6 +89,7 @@ namespace extension_manifest_errors { extern const char* kCannotScriptGallery; extern const char* kChromeVersionTooLow; extern const char* kDevToolsExperimental; + extern const char* kHostedAppsCannotIncludeExtensionFeatures; extern const char* kInvalidAllFrames; extern const char* kInvalidBackground; extern const char* kInvalidBrowserAction; diff --git a/chrome/common/extensions/extension_manifests_unittest.cc b/chrome/common/extensions/extension_manifests_unittest.cc index 36c4b89..df2dad0 100644 --- a/chrome/common/extensions/extension_manifests_unittest.cc +++ b/chrome/common/extensions/extension_manifests_unittest.cc @@ -263,3 +263,10 @@ TEST_F(ManifestTest, DevToolsExtensions) { extension->devtools_url().spec()); *CommandLine::ForCurrentProcess() = old_command_line; } + +TEST_F(ManifestTest, DisallowHybridApps) { + LoadAndExpectError("disallow_hybrid_1.json", + errors::kHostedAppsCannotIncludeExtensionFeatures); + LoadAndExpectError("disallow_hybrid_2.json", + errors::kHostedAppsCannotIncludeExtensionFeatures); +} |