diff options
author | mek <mek@chromium.org> | 2014-09-08 16:55:57 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2014-09-09 00:28:25 +0000 |
commit | 7e1d745456f66b1d32df236e285a849c8d69db00 (patch) | |
tree | d0fddd508d27323418619bd5ee039c6f518f15a8 /chrome/renderer | |
parent | 1ce8e56ea17a7ec0af1683f3aa98ef73ea82d63f (diff) | |
download | chromium_src-7e1d745456f66b1d32df236e285a849c8d69db00.zip chromium_src-7e1d745456f66b1d32df236e285a849c8d69db00.tar.gz chromium_src-7e1d745456f66b1d32df236e285a849c8d69db00.tar.bz2 |
Respect the clipboardRead and clipboardWrite permissions in content scripts.
Added an extra "effective extension" property to ScriptContext for this to still work correctly in about:blank iframes inside extension pages.
BUG=395376
Review URL: https://codereview.chromium.org/498513002
Cr-Commit-Position: refs/heads/master@{#293818}
Diffstat (limited to 'chrome/renderer')
6 files changed, 52 insertions, 15 deletions
diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc index 57de075..8c9d8c6 100644 --- a/chrome/renderer/content_settings_observer.cc +++ b/chrome/renderer/content_settings_observer.cc @@ -26,6 +26,8 @@ #include "chrome/common/extensions/chrome_extension_messages.h" #include "extensions/common/constants.h" #include "extensions/common/extension.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/permissions_data.h" #include "extensions/renderer/dispatcher.h" #endif @@ -410,10 +412,15 @@ bool ContentSettingsObserver::allowStorage(bool local) { bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) { bool allowed = false; #if defined(ENABLE_EXTENSIONS) - WebFrame* frame = render_frame()->GetWebFrame(); - // TODO(dcheng): Should we consider a toURL() method on WebSecurityOrigin? - Send(new ChromeViewHostMsg_CanTriggerClipboardRead( - GURL(frame->document().securityOrigin().toString()), &allowed)); + extensions::ScriptContext* calling_context = + extension_dispatcher_->script_context_set().GetCalling(); + if (calling_context) { + const extensions::Extension* extension = + calling_context->effective_extension(); + allowed = extension && + extension->permissions_data()->HasAPIPermission( + extensions::APIPermission::kClipboardRead); + } #endif return allowed; } @@ -421,9 +428,22 @@ bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) { bool ContentSettingsObserver::allowWriteToClipboard(bool default_value) { bool allowed = false; #if defined(ENABLE_EXTENSIONS) - WebFrame* frame = render_frame()->GetWebFrame(); - Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( - GURL(frame->document().securityOrigin().toString()), &allowed)); + // All blessed extension pages could historically write to the clipboard, so + // preserve that for compatibility. + extensions::ScriptContext* calling_context = + extension_dispatcher_->script_context_set().GetCalling(); + if (calling_context) { + if (calling_context->effective_context_type() == + extensions::Feature::BLESSED_EXTENSION_CONTEXT) { + allowed = true; + } else { + const extensions::Extension* extension = + calling_context->effective_extension(); + allowed = extension && + extension->permissions_data()->HasAPIPermission( + extensions::APIPermission::kClipboardWrite); + } + } #endif return allowed; } diff --git a/chrome/renderer/content_settings_observer.h b/chrome/renderer/content_settings_observer.h index 1c79500..8b08ba8 100644 --- a/chrome/renderer/content_settings_observer.h +++ b/chrome/renderer/content_settings_observer.h @@ -111,7 +111,6 @@ class ContentSettingsObserver // Otherwise returns NULL. const extensions::Extension* GetExtension( const blink::WebSecurityOrigin& origin) const; - #endif // Helpers. diff --git a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc index 3b7bbbd..c01edba 100644 --- a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc +++ b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc @@ -63,9 +63,16 @@ ChromeExtensionsDispatcherDelegate::CreateScriptContext( const v8::Handle<v8::Context>& v8_context, blink::WebFrame* frame, const extensions::Extension* extension, - extensions::Feature::Context context_type) { - return scoped_ptr<extensions::ScriptContext>(new extensions::ChromeV8Context( - v8_context, frame, extension, context_type)); + extensions::Feature::Context context_type, + const extensions::Extension* effective_extension, + extensions::Feature::Context effective_context_type) { + return scoped_ptr<extensions::ScriptContext>( + new extensions::ChromeV8Context(v8_context, + frame, + extension, + context_type, + effective_extension, + effective_context_type)); } void ChromeExtensionsDispatcherDelegate::InitOriginPermissions( diff --git a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h index 89be8f4..0c0799f 100644 --- a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h +++ b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h @@ -21,7 +21,9 @@ class ChromeExtensionsDispatcherDelegate const v8::Handle<v8::Context>& v8_context, blink::WebFrame* frame, const extensions::Extension* extension, - extensions::Feature::Context context_type) OVERRIDE; + extensions::Feature::Context context_type, + const extensions::Extension* effective_extension, + extensions::Feature::Context effective_context_type) OVERRIDE; virtual void InitOriginPermissions(const extensions::Extension* extension, bool is_extension_active) OVERRIDE; virtual void RegisterNativeHandlers( diff --git a/chrome/renderer/extensions/chrome_v8_context.cc b/chrome/renderer/extensions/chrome_v8_context.cc index 40764e4..a893161 100644 --- a/chrome/renderer/extensions/chrome_v8_context.cc +++ b/chrome/renderer/extensions/chrome_v8_context.cc @@ -9,8 +9,15 @@ namespace extensions { ChromeV8Context::ChromeV8Context(const v8::Handle<v8::Context>& v8_context, blink::WebFrame* web_frame, const Extension* extension, - Feature::Context context_type) - : ScriptContext(v8_context, web_frame, extension, context_type) { + Feature::Context context_type, + const Extension* effective_extension, + Feature::Context effective_context_type) + : ScriptContext(v8_context, + web_frame, + extension, + context_type, + effective_extension, + effective_context_type) { } } // namespace extensions diff --git a/chrome/renderer/extensions/chrome_v8_context.h b/chrome/renderer/extensions/chrome_v8_context.h index 1b74453..49539cc 100644 --- a/chrome/renderer/extensions/chrome_v8_context.h +++ b/chrome/renderer/extensions/chrome_v8_context.h @@ -34,7 +34,9 @@ class ChromeV8Context : public ScriptContext { ChromeV8Context(const v8::Handle<v8::Context>& context, blink::WebFrame* frame, const Extension* extension, - Feature::Context context_type); + Feature::Context context_type, + const Extension* effective_extension, + Feature::Context effective_context_type); private: DISALLOW_COPY_AND_ASSIGN(ChromeV8Context); |