1 files changed, 25 insertions, 25 deletions

diff --git a/chrome/browser/extensions/extension_function_dispatcher.cc b/chrome/browser/extensions/extension_function_dispatcher.cc
index 91c470e..dcec789 100644
--- a/chrome/browser/extensions/extension_function_dispatcher.cc
+++ b/chrome/browser/extensions/extension_function_dispatcher.cc
@@ -61,7 +61,6 @@
 #include "chrome/browser/ui/browser_window.h"
 #include "chrome/common/extensions/extension_messages.h"
 #include "chrome/common/url_constants.h"
-#include "content/browser/child_process_security_policy.h"
 #include "content/browser/renderer_host/render_process_host.h"
 #include "content/browser/renderer_host/render_view_host.h"
 #include "ipc/ipc_message.h"
@@ -518,9 +517,16 @@ void ExtensionFunctionDispatcher::DispatchOnIOThread(
   const Extension* extension =
       extension_info_map->extensions().GetByURL(params.source_url);
 
-  scoped_refptr<ExtensionFunction> function(
-      CreateExtensionFunction(params, extension, profile, render_process_id,
-                              ipc_sender, routing_id));
+  if (!extension_info_map->AreBindingsEnabledForProcess(render_process_id)) {
+    // TODO(aa): Allow content scripts access to low-threat extension APIs.
+    // See: crbug.com/80308.
+    LOG(ERROR) << "Extension API called from non-extension process.";
+    SendAccessDenied(ipc_sender, routing_id, params.request_id);
+    return;
+  }
+
+  scoped_refptr<ExtensionFunction> function(CreateExtensionFunction(
+      params, extension, profile, ipc_sender, routing_id));
   if (!function)
     return;
 
@@ -576,7 +582,9 @@ void ExtensionFunctionDispatcher::Dispatch(
     const ExtensionHostMsg_Request_Params& params,
     RenderViewHost* render_view_host) {
   ExtensionService* service = profile()->GetExtensionService();
-  if (!service)
+  ExtensionProcessManager* extension_process_manager =
+      profile()->GetExtensionProcessManager();
+  if (!service || !extension_process_manager)
     return;
 
   if (!service->ExtensionBindingsAllowed(params.source_url)) {
@@ -586,6 +594,15 @@ void ExtensionFunctionDispatcher::Dispatch(
                      params.request_id);
     return;
   }
+  if (!extension_process_manager->AreBindingsEnabledForProcess(
+      render_view_host->process()->id())) {
+    // TODO(aa): Allow content scripts access to low-threat extension APIs.
+    // See: crbug.com/80308.
+    LOG(ERROR) << "Extension API called from non-extension process.";
+    SendAccessDenied(render_view_host, render_view_host->routing_id(),
+                     params.request_id);
+    return;
+  }
 
   // TODO(aa): When we allow content scripts to call extension APIs, we will
   // have to pass the extension ID explicitly here, not use the source URL.
@@ -593,10 +610,9 @@ void ExtensionFunctionDispatcher::Dispatch(
   if (!extension)
     extension = service->GetExtensionByWebExtent(params.source_url);
 
-  scoped_refptr<ExtensionFunction> function(CreateExtensionFunction(
-      params, extension, profile_,
-      render_view_host->process()->id(),
-      render_view_host, render_view_host->routing_id()));
+  scoped_refptr<ExtensionFunction> function(
+      CreateExtensionFunction(params, extension, profile(), render_view_host,
+                              render_view_host->routing_id()));
   if (!function)
     return;
 
@@ -630,24 +646,8 @@ ExtensionFunction* ExtensionFunctionDispatcher::CreateExtensionFunction(
     const ExtensionHostMsg_Request_Params& params,
     const Extension* extension,
     void* profile,
-    int render_process_id,
     IPC::Message::Sender* ipc_sender,
     int routing_id) {
-  // TODO(aa): It would be cool to use ExtensionProcessManager to track which
-  // processes are extension processes rather than ChildProcessSecurityPolicy.
-  // EPM has richer information: it not only knows which processes contain
-  // at least one extension, but it knows which extensions are inside and what
-  // permissions the have. So we would be able to enforce permissions more
-  // granularly.
-  if (!ChildProcessSecurityPolicy::GetInstance()->HasExtensionBindings(
-          render_process_id)) {
-    // TODO(aa): Allow content scripts access to low-threat extension APIs.
-    // See: crbug.com/80308.
-    LOG(ERROR) << "Extension API called from non-extension process.";
-    SendAccessDenied(ipc_sender, routing_id, params.request_id);
-    return NULL;
-  }
-
   if (!extension) {
     LOG(ERROR) << "Extension does not exist for URL: "
                << params.source_url.spec();