Respect the clipboardRead and clipboardWrite permissions in content scripts.

Added an extra "effective extension" property to ScriptContext for this to still work correctly in about:blank iframes inside extension pages.

BUG=395376

Review URL: https://codereview.chromium.org/498513002

Cr-Commit-Position: refs/heads/master@{#293818}

6 files changed, 52 insertions, 15 deletions

diff --git a/chrome/renderer/content_settings_observer.cc b/chrome/renderer/content_settings_observer.cc
index 57de075..8c9d8c6 100644
--- a/chrome/renderer/content_settings_observer.cc
+++ b/chrome/renderer/content_settings_observer.cc
@@ -26,6 +26,8 @@
 #include "chrome/common/extensions/chrome_extension_messages.h"
 #include "extensions/common/constants.h"
 #include "extensions/common/extension.h"
+#include "extensions/common/permissions/api_permission.h"
+#include "extensions/common/permissions/permissions_data.h"
 #include "extensions/renderer/dispatcher.h"
 #endif
 
@@ -410,10 +412,15 @@ bool ContentSettingsObserver::allowStorage(bool local) {
 bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) {
   bool allowed = false;
 #if defined(ENABLE_EXTENSIONS)
-  WebFrame* frame = render_frame()->GetWebFrame();
-  // TODO(dcheng): Should we consider a toURL() method on WebSecurityOrigin?
-  Send(new ChromeViewHostMsg_CanTriggerClipboardRead(
-      GURL(frame->document().securityOrigin().toString()), &allowed));
+  extensions::ScriptContext* calling_context =
+      extension_dispatcher_->script_context_set().GetCalling();
+  if (calling_context) {
+    const extensions::Extension* extension =
+        calling_context->effective_extension();
+    allowed = extension &&
+              extension->permissions_data()->HasAPIPermission(
+                  extensions::APIPermission::kClipboardRead);
+  }
 #endif
   return allowed;
 }
@@ -421,9 +428,22 @@ bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) {
 bool ContentSettingsObserver::allowWriteToClipboard(bool default_value) {
   bool allowed = false;
 #if defined(ENABLE_EXTENSIONS)
-  WebFrame* frame = render_frame()->GetWebFrame();
-  Send(new ChromeViewHostMsg_CanTriggerClipboardWrite(
-      GURL(frame->document().securityOrigin().toString()), &allowed));
+  // All blessed extension pages could historically write to the clipboard, so
+  // preserve that for compatibility.
+  extensions::ScriptContext* calling_context =
+      extension_dispatcher_->script_context_set().GetCalling();
+  if (calling_context) {
+    if (calling_context->effective_context_type() ==
+        extensions::Feature::BLESSED_EXTENSION_CONTEXT) {
+      allowed = true;
+    } else {
+      const extensions::Extension* extension =
+          calling_context->effective_extension();
+      allowed = extension &&
+                extension->permissions_data()->HasAPIPermission(
+                    extensions::APIPermission::kClipboardWrite);
+    }
+  }
 #endif
   return allowed;
 }
diff --git a/chrome/renderer/content_settings_observer.h b/chrome/renderer/content_settings_observer.h
index 1c79500..8b08ba8 100644
--- a/chrome/renderer/content_settings_observer.h
+++ b/chrome/renderer/content_settings_observer.h
@@ -111,7 +111,6 @@ class ContentSettingsObserver
   // Otherwise returns NULL.
   const extensions::Extension* GetExtension(
       const blink::WebSecurityOrigin& origin) const;
-
 #endif
 
   // Helpers.
diff --git a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc
index 3b7bbbd..c01edba 100644
--- a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc
+++ b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.cc
@@ -63,9 +63,16 @@ ChromeExtensionsDispatcherDelegate::CreateScriptContext(
     const v8::Handle<v8::Context>& v8_context,
     blink::WebFrame* frame,
     const extensions::Extension* extension,
-    extensions::Feature::Context context_type) {
-  return scoped_ptr<extensions::ScriptContext>(new extensions::ChromeV8Context(
-      v8_context, frame, extension, context_type));
+    extensions::Feature::Context context_type,
+    const extensions::Extension* effective_extension,
+    extensions::Feature::Context effective_context_type) {
+  return scoped_ptr<extensions::ScriptContext>(
+      new extensions::ChromeV8Context(v8_context,
+                                      frame,
+                                      extension,
+                                      context_type,
+                                      effective_extension,
+                                      effective_context_type));
 }
 
 void ChromeExtensionsDispatcherDelegate::InitOriginPermissions(
diff --git a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h
index 89be8f4..0c0799f 100644
--- a/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h
+++ b/chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h
@@ -21,7 +21,9 @@ class ChromeExtensionsDispatcherDelegate
       const v8::Handle<v8::Context>& v8_context,
       blink::WebFrame* frame,
       const extensions::Extension* extension,
-      extensions::Feature::Context context_type) OVERRIDE;
+      extensions::Feature::Context context_type,
+      const extensions::Extension* effective_extension,
+      extensions::Feature::Context effective_context_type) OVERRIDE;
   virtual void InitOriginPermissions(const extensions::Extension* extension,
                                      bool is_extension_active) OVERRIDE;
   virtual void RegisterNativeHandlers(
diff --git a/chrome/renderer/extensions/chrome_v8_context.cc b/chrome/renderer/extensions/chrome_v8_context.cc
index 40764e4..a893161 100644
--- a/chrome/renderer/extensions/chrome_v8_context.cc
+++ b/chrome/renderer/extensions/chrome_v8_context.cc
@@ -9,8 +9,15 @@ namespace extensions {
 ChromeV8Context::ChromeV8Context(const v8::Handle<v8::Context>& v8_context,
                                  blink::WebFrame* web_frame,
                                  const Extension* extension,
-                                 Feature::Context context_type)
-    : ScriptContext(v8_context, web_frame, extension, context_type) {
+                                 Feature::Context context_type,
+                                 const Extension* effective_extension,
+                                 Feature::Context effective_context_type)
+    : ScriptContext(v8_context,
+                    web_frame,
+                    extension,
+                    context_type,
+                    effective_extension,
+                    effective_context_type) {
 }
 
 }  // namespace extensions
diff --git a/chrome/renderer/extensions/chrome_v8_context.h b/chrome/renderer/extensions/chrome_v8_context.h
index 1b74453..49539cc 100644
--- a/chrome/renderer/extensions/chrome_v8_context.h
+++ b/chrome/renderer/extensions/chrome_v8_context.h
@@ -34,7 +34,9 @@ class ChromeV8Context : public ScriptContext {
   ChromeV8Context(const v8::Handle<v8::Context>& context,
                   blink::WebFrame* frame,
                   const Extension* extension,
-                  Feature::Context context_type);
+                  Feature::Context context_type,
+                  const Extension* effective_extension,
+                  Feature::Context effective_context_type);
 
  private:
   DISALLOW_COPY_AND_ASSIGN(ChromeV8Context);