diff options
author | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-18 21:43:34 +0000 |
---|---|---|
committer | aa@chromium.org <aa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-18 21:43:34 +0000 |
commit | 5c851620114bf518835e3ba723b595382d673425 (patch) | |
tree | 1f34e812fad9783c365a6a8f30b70008dae030ed /chrome | |
parent | 3f8bf470f51ae847a1fa97ad154cf4b3f244649a (diff) | |
download | chromium_src-5c851620114bf518835e3ba723b595382d673425.zip chromium_src-5c851620114bf518835e3ba723b595382d673425.tar.gz chromium_src-5c851620114bf518835e3ba723b595382d673425.tar.bz2 |
Force an app's orgin to be the origin of the URL the crx is
downloaded from. Added machinery to be able to switch this
behavior off, so that in the future, we can turn it off for
the gallery.
BUG=32361
Review URL: http://codereview.chromium.org/890002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@41994 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
-rw-r--r-- | chrome/browser/download/download_manager.cc | 1 | ||||
-rw-r--r-- | chrome/browser/extensions/crx_installer.cc | 5 | ||||
-rw-r--r-- | chrome/browser/extensions/crx_installer.h | 21 | ||||
-rw-r--r-- | chrome/browser/extensions/extension_updater.cc | 11 | ||||
-rw-r--r-- | chrome/browser/extensions/extension_updater.h | 3 | ||||
-rw-r--r-- | chrome/browser/extensions/extension_updater_unittest.cc | 13 | ||||
-rw-r--r-- | chrome/browser/extensions/extensions_service.cc | 5 | ||||
-rw-r--r-- | chrome/browser/extensions/extensions_service.h | 6 | ||||
-rw-r--r-- | chrome/browser/extensions/extensions_service_unittest.cc | 4 | ||||
-rw-r--r-- | chrome/browser/extensions/sandboxed_extension_unpacker.cc | 12 | ||||
-rw-r--r-- | chrome/browser/extensions/sandboxed_extension_unpacker.h | 27 |
11 files changed, 91 insertions, 17 deletions
diff --git a/chrome/browser/download/download_manager.cc b/chrome/browser/download/download_manager.cc index 2c45eb1..cc47bea 100644 --- a/chrome/browser/download/download_manager.cc +++ b/chrome/browser/download/download_manager.cc @@ -1457,6 +1457,7 @@ void DownloadManager::OpenChromeExtension(const FilePath& full_path, } else { installer->set_allow_privilege_increase(true); installer->set_original_url(download_url); + installer->set_force_app_origin_to_download_url(true); installer->InstallCrx(full_path); } } else { diff --git a/chrome/browser/extensions/crx_installer.cc b/chrome/browser/extensions/crx_installer.cc index 71397f4..02bc700 100644 --- a/chrome/browser/extensions/crx_installer.cc +++ b/chrome/browser/extensions/crx_installer.cc @@ -39,6 +39,7 @@ CrxInstaller::CrxInstaller(const FilePath& install_directory, install_source_(Extension::INTERNAL), delete_source_(false), allow_privilege_increase_(false), + force_app_origin_to_download_url_(false), create_app_shortcut_(false), frontend_(frontend), client_(client) { @@ -71,6 +72,10 @@ void CrxInstaller::InstallCrx(const FilePath& source_file) { g_browser_process->resource_dispatcher_host(), this)); + if (force_app_origin_to_download_url_ && original_url_.is_valid()) { + unpacker->set_app_origin_override(original_url_.GetOrigin()); + } + ChromeThread::PostTask( ChromeThread::FILE, FROM_HERE, NewRunnableMethod( diff --git a/chrome/browser/extensions/crx_installer.h b/chrome/browser/extensions/crx_installer.h index e2d4c02..9e4990e 100644 --- a/chrome/browser/extensions/crx_installer.h +++ b/chrome/browser/extensions/crx_installer.h @@ -64,25 +64,32 @@ class CrxInstaller virtual void InstallUIProceed(bool create_app_shortcut); virtual void InstallUIAbort(); - const GURL& original_url() { return original_url_; } + const GURL& original_url() const { return original_url_; } void set_original_url(const GURL& val) { original_url_ = val; } - Extension::Location install_source() { return install_source_; } + Extension::Location install_source() const { return install_source_; } void set_install_source(Extension::Location source) { install_source_ = source; } - const std::string& expected_id() { return expected_id_; } + const std::string& expected_id() const { return expected_id_; } void set_expected_id(const std::string& val) { expected_id_ = val; } - bool delete_source() { return delete_source_; } + bool delete_source() const { return delete_source_; } void set_delete_source(bool val) { delete_source_ = val; } - bool allow_privilege_increase() { return allow_privilege_increase_; } + bool allow_privilege_increase() const { return allow_privilege_increase_; } void set_allow_privilege_increase(bool val) { allow_privilege_increase_ = val; } + bool force_app_origin_to_download_url() const { + return force_app_origin_to_download_url_; + } + void set_force_app_origin_to_download_url(bool val) { + force_app_origin_to_download_url_ = val; + } + private: ~CrxInstaller(); @@ -146,6 +153,10 @@ class CrxInstaller // either. Defaults to false. bool allow_privilege_increase_; + // If true and the installed extension is an app, the origin of that app will + // be forced to the origin of |original_url_|. Defaults to false. + bool force_app_origin_to_download_url_; + // Whether to create an app shortcut after successful installation. This is // set based on the user's selection in the UI and can only ever be true for // apps. diff --git a/chrome/browser/extensions/extension_updater.cc b/chrome/browser/extensions/extension_updater.cc index 96e4282..de1ca96 100644 --- a/chrome/browser/extensions/extension_updater.cc +++ b/chrome/browser/extensions/extension_updater.cc @@ -144,6 +144,7 @@ class ExtensionUpdaterFileHandler public: // Writes crx file data into a tempfile, and calls back the updater. void WriteTempFile(const std::string& extension_id, const std::string& data, + const GURL& download_url, scoped_refptr<ExtensionUpdater> updater) { // Make sure we're running in the right thread. DCHECK(ChromeThread::CurrentlyOn(ChromeThread::FILE)); @@ -168,7 +169,7 @@ class ExtensionUpdaterFileHandler ChromeThread::UI, FROM_HERE, NewRunnableMethod( updater.get(), &ExtensionUpdater::OnCRXFileWritten, extension_id, - path)); + path, download_url)); } void DeleteFile(const FilePath& path) { @@ -460,7 +461,8 @@ void ExtensionUpdater::OnCRXFetchComplete(const GURL& url, ChromeThread::FILE, FROM_HERE, NewRunnableMethod( file_handler_.get(), &ExtensionUpdaterFileHandler::WriteTempFile, - current_extension_fetch_.id, data, make_scoped_refptr(this))); + current_extension_fetch_.id, data, url, + make_scoped_refptr(this))); } } else { // TODO(asargent) do things like exponential backoff, handling @@ -481,8 +483,9 @@ void ExtensionUpdater::OnCRXFetchComplete(const GURL& url, } void ExtensionUpdater::OnCRXFileWritten(const std::string& id, - const FilePath& path) { - service_->UpdateExtension(id, path); + const FilePath& path, + const GURL& download_url) { + service_->UpdateExtension(id, path, download_url); } void ExtensionUpdater::OnExtensionInstallFinished(const FilePath& path, diff --git a/chrome/browser/extensions/extension_updater.h b/chrome/browser/extensions/extension_updater.h index ae6d87c..ae7c488 100644 --- a/chrome/browser/extensions/extension_updater.h +++ b/chrome/browser/extensions/extension_updater.h @@ -168,7 +168,8 @@ class ExtensionUpdater // Called when a crx file has been written into a temp file, and is ready // to be installed. - void OnCRXFileWritten(const std::string& id, const FilePath& path); + void OnCRXFileWritten(const std::string& id, const FilePath& path, + const GURL& download_url); // Callback for when ExtensionsService::Install is finished. void OnExtensionInstallFinished(const FilePath& path, Extension* extension); diff --git a/chrome/browser/extensions/extension_updater_unittest.cc b/chrome/browser/extensions/extension_updater_unittest.cc index 3f89d07..8368364 100644 --- a/chrome/browser/extensions/extension_updater_unittest.cc +++ b/chrome/browser/extensions/extension_updater_unittest.cc @@ -51,7 +51,8 @@ class MockService : public ExtensionUpdateService { } virtual void UpdateExtension(const std::string& id, - const FilePath& extension_path) { + const FilePath& extension_path, + const GURL& download_url) { EXPECT_TRUE(false); } @@ -177,9 +178,11 @@ class ServiceForManifestTests : public MockService { class ServiceForDownloadTests : public MockService { public: virtual void UpdateExtension(const std::string& id, - const FilePath& extension_path) { + const FilePath& extension_path, + const GURL& download_url) { extension_id_ = id; install_path_ = extension_path; + download_url_ = download_url; } virtual Extension* GetExtensionById(const std::string& id, bool) { @@ -189,6 +192,7 @@ class ServiceForDownloadTests : public MockService { const std::string& extension_id() { return extension_id_; } const FilePath& install_path() { return install_path_; } + const GURL& download_url() { return download_url_; } const std::string& last_inquired_extension_id() { return last_inquired_extension_id_; } @@ -196,6 +200,8 @@ class ServiceForDownloadTests : public MockService { private: std::string extension_id_; FilePath install_path_; + GURL download_url_; + // The last extension_id that GetExtensionById was called with. std::string last_inquired_extension_id_; }; @@ -514,6 +520,7 @@ class ExtensionUpdaterTest : public testing::Test { EXPECT_EQ(id, service.extension_id()); FilePath tmpfile_path = service.install_path(); EXPECT_FALSE(tmpfile_path.empty()); + EXPECT_EQ(test_url, service.download_url()); std::string file_contents; EXPECT_TRUE(file_util::ReadFileToString(tmpfile_path, &file_contents)); EXPECT_TRUE(extension_data == file_contents); @@ -613,6 +620,7 @@ class ExtensionUpdaterTest : public testing::Test { FilePath tmpfile_path = service.install_path(); EXPECT_FALSE(tmpfile_path.empty()); EXPECT_EQ(id1, service.extension_id()); + EXPECT_EQ(url1, service.download_url()); message_loop.RunAllPending(); file_util::Delete(tmpfile_path, false); @@ -627,6 +635,7 @@ class ExtensionUpdaterTest : public testing::Test { extension_data2); message_loop.RunAllPending(); EXPECT_EQ(id2, service.extension_id()); + EXPECT_EQ(url2, service.download_url()); EXPECT_FALSE(service.install_path().empty()); // Make sure the correct crx contents were passed for the update call. diff --git a/chrome/browser/extensions/extensions_service.cc b/chrome/browser/extensions/extensions_service.cc index 8870a06..62432b5 100644 --- a/chrome/browser/extensions/extensions_service.cc +++ b/chrome/browser/extensions/extensions_service.cc @@ -202,7 +202,8 @@ void ExtensionsService::InstallExtension(const FilePath& extension_path) { } void ExtensionsService::UpdateExtension(const std::string& id, - const FilePath& extension_path) { + const FilePath& extension_path, + const GURL& download_url) { if (!GetExtensionByIdInternal(id, true, true)) { LOG(WARNING) << "Will not update extension " << id << " because it is not " << "installed"; @@ -215,6 +216,8 @@ void ExtensionsService::UpdateExtension(const std::string& id, NULL)); // no client (silent install) installer->set_expected_id(id); installer->set_delete_source(true); + installer->set_force_app_origin_to_download_url(true); + installer->set_original_url(download_url); installer->InstallCrx(extension_path); } diff --git a/chrome/browser/extensions/extensions_service.h b/chrome/browser/extensions/extensions_service.h index e9e8128..ff832aa 100644 --- a/chrome/browser/extensions/extensions_service.h +++ b/chrome/browser/extensions/extensions_service.h @@ -45,7 +45,8 @@ class ExtensionUpdateService { public: virtual ~ExtensionUpdateService() {} virtual const ExtensionList* extensions() const = 0; - virtual void UpdateExtension(const std::string& id, const FilePath& path) = 0; + virtual void UpdateExtension(const std::string& id, const FilePath& path, + const GURL& download_url) = 0; virtual Extension* GetExtensionById(const std::string& id, bool include_disabled) = 0; virtual void UpdateExtensionBlacklist( @@ -154,7 +155,8 @@ class ExtensionsService // TODO(aa): This method can be removed. ExtensionUpdater could use // CrxInstaller directly instead. virtual void UpdateExtension(const std::string& id, - const FilePath& extension_path); + const FilePath& extension_path, + const GURL& download_url); // Reloads the specified extension. void ReloadExtension(const std::string& extension_id); diff --git a/chrome/browser/extensions/extensions_service_unittest.cc b/chrome/browser/extensions/extensions_service_unittest.cc index 5de4f3e..a142ca4 100644 --- a/chrome/browser/extensions/extensions_service_unittest.cc +++ b/chrome/browser/extensions/extensions_service_unittest.cc @@ -402,7 +402,7 @@ class ExtensionsServiceTest path = path.Append(in_path.BaseName()); ASSERT_TRUE(file_util::CopyFile(in_path, path)); - service_->UpdateExtension(id, path); + service_->UpdateExtension(id, path, GURL()); loop_.RunAllPending(); std::vector<std::string> errors = GetErrors(); @@ -1055,7 +1055,7 @@ TEST_F(ExtensionsServiceTest, UpdateNotInstalledExtension) { extensions_path = extensions_path.AppendASCII("extensions"); FilePath path = extensions_path.AppendASCII("good.crx"); - service_->UpdateExtension(good_crx, path); + service_->UpdateExtension(good_crx, path, GURL()); loop_.RunAllPending(); ASSERT_EQ(0u, service_->extensions()->size()); diff --git a/chrome/browser/extensions/sandboxed_extension_unpacker.cc b/chrome/browser/extensions/sandboxed_extension_unpacker.cc index 1fcfaaf..1cbd932 100644 --- a/chrome/browser/extensions/sandboxed_extension_unpacker.cc +++ b/chrome/browser/extensions/sandboxed_extension_unpacker.cc @@ -255,6 +255,18 @@ DictionaryValue* SandboxedExtensionUnpacker::RewriteManifestFile( static_cast<DictionaryValue*>(manifest.DeepCopy())); final_manifest->SetString(extension_manifest_keys::kPublicKey, public_key_); + // Override the app origin if appropriate. + DictionaryValue* app = NULL; + if (final_manifest->GetDictionary(extension_manifest_keys::kApp, &app) && + !app_origin_override_.is_empty()) { + if (app->HasKey(extension_manifest_keys::kAppOrigin)) { + ReportFailure("Unexpected 'origin' key in manifest."); + return NULL; + } + app->SetString(extension_manifest_keys::kAppOrigin, + app_origin_override_.spec()); + } + std::string manifest_json; JSONStringValueSerializer serializer(&manifest_json); serializer.set_pretty_print(true); diff --git a/chrome/browser/extensions/sandboxed_extension_unpacker.h b/chrome/browser/extensions/sandboxed_extension_unpacker.h index fd44a6a..25d77b6 100644 --- a/chrome/browser/extensions/sandboxed_extension_unpacker.h +++ b/chrome/browser/extensions/sandboxed_extension_unpacker.h @@ -96,6 +96,11 @@ class SandboxedExtensionUnpacker : public UtilityProcessHost::Client { ResourceDispatcherHost* rdh, SandboxedExtensionUnpackerClient* cilent); + const GURL& app_origin_override() const { return app_origin_override_; } + void set_app_origin_override(const GURL& val) { + app_origin_override_ = val; + } + // Start unpacking the extension. The client is called with the results. void Start(); @@ -137,15 +142,37 @@ class SandboxedExtensionUnpacker : public UtilityProcessHost::Client { bool RewriteImageFiles(); bool RewriteCatalogFiles(); + // The path to the CRX to unpack. FilePath crx_path_; + + // Our client's thread. This is the thread we respond on. ChromeThread::ID thread_identifier_; + + // ResourceDispatcherHost to pass to the utility process. ResourceDispatcherHost* rdh_; + + // Our client. scoped_refptr<SandboxedExtensionUnpackerClient> client_; + + // A temporary directory to use for unpacking. ScopedTempDir temp_dir_; + + // The root directory of the unpacked extension. This is a child of temp_dir_. FilePath extension_root_; + + // Represents the extension we're unpacking. scoped_ptr<Extension> extension_; + + // Whether we've received a response from the utility process yet. bool got_response_; + + // The public key that was extracted from the CRX header. std::string public_key_; + + // If the unpacked extension is an app, its origin will be forced to this + // value. This is used when an app is self-hosted. The only valid origin + // is the origin it is served from. + GURL app_origin_override_; }; #endif // CHROME_BROWSER_EXTENSIONS_SANDBOXED_EXTENSION_UNPACKER_H_ |