Fix regression introduced by

http://src.chromium.org/viewvc/chrome?view=rev&revision=57788 Add a delegate interface so that chromium have more fine-grained control over whether a V8 extension is injected into a script context. This is the chromium-side change of webkit bug https://bugs.webkit.org/show_bug.cgi?id=45721 BUG=37290 TEST=covered by unit tests Review URL: http://codereview.chromium.org/3398001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@59889 0039d316-1c4b-4281-b951-d872f2087c98
author: mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-09-18 01:02:38 +0000
committer: mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-09-18 01:02:38 +0000
commit: 25ec8f6027e4a2b004b226371136517b6b673077 (patch)
tree: 3948779e2f71b11e8b6e918a794aa26979b5a3ea /chrome/renderer/render_thread.cc
parent: a558e8d49949e1aa5dd17d38d4c45e4a83f5cc1b (diff)
download: chromium_src-25ec8f6027e4a2b004b226371136517b6b673077.zip
chromium_src-25ec8f6027e4a2b004b226371136517b6b673077.tar.gz
chromium_src-25ec8f6027e4a2b004b226371136517b6b673077.tar.bz2
1 files changed, 49 insertions, 61 deletions
diff --git a/chrome/renderer/render_thread.cc b/chrome/renderer/render_thread.cc
index a067435..37f170e 100644
--- a/chrome/renderer/render_thread.cc
+++ b/chrome/renderer/render_thread.cc
@@ -848,80 +848,40 @@ void RenderThread::EnsureWebKitInitialized() {
 
 #if defined(OS_WIN)
   // We don't yet support Gears on non-Windows, so don't tell pages that we do.
-  WebScriptController::registerExtension(extensions_v8::GearsExtension::Get());
+  RegisterExtension(extensions_v8::GearsExtension::Get(), false);
 #endif
-  WebScriptController::registerExtension(
-      extensions_v8::LoadTimesExtension::Get());
-  WebScriptController::registerExtension(
-      extensions_v8::ChromeAppExtension::Get());
-  WebScriptController::registerExtension(
-      extensions_v8::ExternalExtension::Get());
+  RegisterExtension(extensions_v8::LoadTimesExtension::Get(), false);
+  RegisterExtension(extensions_v8::ChromeAppExtension::Get(), false);
+  RegisterExtension(extensions_v8::ExternalExtension::Get(), false);
   v8::Extension* search_extension = extensions_v8::SearchExtension::Get();
   // search_extension is null if not enabled.
   if (search_extension)
-    WebScriptController::registerExtension(search_extension);
-
-  // TODO(rafaelw). Note that extension-related v8 extensions are being
-  // bound currently based on is_extension_process_. This means that
-  // non-extension renderers that slip into an extension process (for example,
-  // an extension page opening an iframe) will be extension bindings setup.
-  // This should be relatively rare, and the offending page won't be able to
-  // make extension API requests because it'll be denied on both sides of
-  // the renderer by a permission check. However, this is still fairly lame
-  // and we should consider implementing a V8Proxy delegate that calls out
-  // to the render thread and makes a decision as to whether to bind these
-  // extensions based on the frame's url.
-  // See: crbug.com/53610.
-
-  if (is_extension_process_)
-    WebScriptController::registerExtension(ExtensionProcessBindings::Get());
-
-  WebScriptController::registerExtension(
-      BaseJsV8Extension::Get(), EXTENSION_GROUP_CONTENT_SCRIPTS);
-  if (is_extension_process_)
-    WebScriptController::registerExtension(BaseJsV8Extension::Get());
-
-  WebScriptController::registerExtension(
-      JsonSchemaJsV8Extension::Get(), EXTENSION_GROUP_CONTENT_SCRIPTS);
-  if (is_extension_process_)
-    WebScriptController::registerExtension(JsonSchemaJsV8Extension::Get());
-
-  WebScriptController::registerExtension(
-      EventBindings::Get(), EXTENSION_GROUP_CONTENT_SCRIPTS);
-  if (is_extension_process_)
-    WebScriptController::registerExtension(EventBindings::Get());
-
-  WebScriptController::registerExtension(
-      RendererExtensionBindings::Get(), EXTENSION_GROUP_CONTENT_SCRIPTS);
-  if (is_extension_process_)
-    WebScriptController::registerExtension(RendererExtensionBindings::Get());
-
-  WebScriptController::registerExtension(
-      ExtensionApiTestV8Extension::Get(), EXTENSION_GROUP_CONTENT_SCRIPTS);
-  if (is_extension_process_)
-      WebScriptController::registerExtension(
-          ExtensionApiTestV8Extension::Get());
-
-  web_database_observer_impl_.reset(new WebDatabaseObserverImpl(this));
-  WebKit::WebDatabase::setObserver(web_database_observer_impl_.get());
+    RegisterExtension(search_extension, false);
 
   const CommandLine& command_line = *CommandLine::ForCurrentProcess();
 
-  if (command_line.HasSwitch(switches::kEnableBenchmarking)) {
-    WebScriptController::registerExtension(
-        extensions_v8::BenchmarkingExtension::Get());
-  }
+  if (command_line.HasSwitch(switches::kEnableBenchmarking))
+    RegisterExtension(extensions_v8::BenchmarkingExtension::Get(), false);
 
   if (command_line.HasSwitch(switches::kPlaybackMode) ||
       command_line.HasSwitch(switches::kRecordMode) ||
       command_line.HasSwitch(switches::kNoJsRandomness)) {
-    WebScriptController::registerExtension(
-        extensions_v8::PlaybackExtension::Get());
+    RegisterExtension(extensions_v8::PlaybackExtension::Get(), false);
   }
 
-  if (command_line.HasSwitch(switches::kDomAutomationController)) {
-    WebScriptController::registerExtension(DomAutomationV8Extension::Get());
-  }
+  if (command_line.HasSwitch(switches::kDomAutomationController))
+    RegisterExtension(DomAutomationV8Extension::Get(), false);
+
+  // Add v8 extensions related to chrome extensions.
+  RegisterExtension(ExtensionProcessBindings::Get(), true);
+  RegisterExtension(BaseJsV8Extension::Get(), true);
+  RegisterExtension(JsonSchemaJsV8Extension::Get(), true);
+  RegisterExtension(EventBindings::Get(), true);
+  RegisterExtension(RendererExtensionBindings::Get(), true);
+  RegisterExtension(ExtensionApiTestV8Extension::Get(), true);
+
+  web_database_observer_impl_.reset(new WebDatabaseObserverImpl(this));
+  WebKit::WebDatabase::setObserver(web_database_observer_impl_.get());
 
   WebRuntimeFeatures::enableMediaPlayer(
       RenderProcess::current()->HasInitializedMediaLibrary());
@@ -1113,3 +1073,31 @@ RenderThread::GetFileThreadMessageLoopProxy() {
   }
   return file_thread_->message_loop_proxy();
 }
+
+bool RenderThread::AllowScriptExtension(const std::string& v8_extension_name,
+                                        const GURL& url,
+                                        int extension_group) {
+  // If we don't know about it, it was added by WebCore, so we should allow it.
+  if (v8_extensions_.find(v8_extension_name) == v8_extensions_.end())
+    return true;
+
+  // If the V8 extension is not restricted, allow it to run anywhere.
+  bool restrict_to_extensions = v8_extensions_[v8_extension_name];
+  if (!restrict_to_extensions)
+    return true;
+
+  // Extension-only bindings should be restricted to content scripts and
+  // extension-blessed URLs.
+  if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS ||
+      ExtensionRendererInfo::ExtensionBindingsAllowed(url)) {
+    return true;
+  }
+
+  return false;
+}
+
+void RenderThread::RegisterExtension(v8::Extension* extension,
+                                     bool restrict_to_extensions) {
+  WebScriptController::registerExtension(extension);
+  v8_extensions_[extension->name()] = restrict_to_extensions;
+}
author	mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-09-18 01:02:38 +0000
committer	mpcomplete@chromium.org <mpcomplete@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-09-18 01:02:38 +0000
commit	25ec8f6027e4a2b004b226371136517b6b673077 (patch)
tree	3948779e2f71b11e8b6e918a794aa26979b5a3ea /chrome/renderer/render_thread.cc
parent	a558e8d49949e1aa5dd17d38d4c45e4a83f5cc1b (diff)
download	chromium_src-25ec8f6027e4a2b004b226371136517b6b673077.zip chromium_src-25ec8f6027e4a2b004b226371136517b6b673077.tar.gz chromium_src-25ec8f6027e4a2b004b226371136517b6b673077.tar.bz2