summaryrefslogtreecommitdiffstats
path: root/chrome
diff options
context:
space:
mode:
Diffstat (limited to 'chrome')
-rw-r--r--chrome/browser/extensions/content_security_policy_apitest.cc10
-rw-r--r--chrome/common/extensions/extension.cc24
-rw-r--r--chrome/common/extensions/extension.h9
-rw-r--r--chrome/common/extensions/extension_constants.cc3
-rw-r--r--chrome/common/extensions/extension_constants.h2
-rw-r--r--chrome/test/data/extensions/api_test/content_security_policy/test.js4
-rw-r--r--chrome/test/data/extensions/api_test/default_content_security_policy/manifest.json7
-rw-r--r--chrome/test/data/extensions/api_test/default_content_security_policy/test.html4
-rw-r--r--chrome/test/data/extensions/api_test/default_content_security_policy/test.js25
9 files changed, 84 insertions, 4 deletions
diff --git a/chrome/browser/extensions/content_security_policy_apitest.cc b/chrome/browser/extensions/content_security_policy_apitest.cc
index 208bb74..1740e2e 100644
--- a/chrome/browser/extensions/content_security_policy_apitest.cc
+++ b/chrome/browser/extensions/content_security_policy_apitest.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -7,8 +7,12 @@
#include "net/base/mock_host_resolver.h"
IN_PROC_BROWSER_TEST_F(ExtensionApiTest, ContentSecurityPolicy) {
- CommandLine::ForCurrentProcess()->AppendSwitch(
- switches::kEnableExperimentalExtensionApis);
ASSERT_TRUE(StartTestServer());
ASSERT_TRUE(RunExtensionTest("content_security_policy")) << message_;
}
+
+IN_PROC_BROWSER_TEST_F(ExtensionApiTest, DefaultContentSecurityPolicy) {
+ ASSERT_TRUE(StartTestServer());
+ ASSERT_TRUE(RunExtensionTest("default_content_security_policy")) <<
+ message_;
+}
diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc
index f898a52..1ea3041d 100644
--- a/chrome/common/extensions/extension.cc
+++ b/chrome/common/extensions/extension.cc
@@ -63,6 +63,9 @@ const char kPrivate[] = "PRIVATE";
const int kRSAKeySize = 1024;
+const char kDefaultContentSecurityPolicy[] =
+ "script-src 'self'; object-src 'self'";
+
// Converts a normal hexadecimal string into the alphabet used by extensions.
// We use the characters 'a'-'p' instead of '0'-'f' to avoid ever having a
// completely numeric host, since some software interprets that as an IP
@@ -1275,7 +1278,8 @@ bool Extension::IsTrustedId(const std::string& id) {
}
Extension::Extension(const FilePath& path, Location location)
- : incognito_split_mode_(false),
+ : manifest_version_(0),
+ incognito_split_mode_(false),
offline_enabled_(false),
location_(location),
converted_from_user_script_(false),
@@ -1454,6 +1458,19 @@ bool Extension::InitFromValue(const DictionaryValue& source, int flags,
optional_permission_set_ = new ExtensionPermissionSet();
required_permission_set_ = new ExtensionPermissionSet();
+ if (source.HasKey(keys::kManifestVersion)) {
+ int manifest_version = 0;
+ if (!source.GetInteger(keys::kManifestVersion, &manifest_version) ||
+ manifest_version < 1) {
+ *error = errors::kInvalidManifestVersion;
+ return false;
+ }
+ manifest_version_ = manifest_version;
+ } else {
+ // Version 1 was the original version, which lacked a version indicator.
+ manifest_version_ = 1;
+ }
+
if (source.HasKey(keys::kPublicKey)) {
std::string public_key_bytes;
if (!source.GetString(keys::kPublicKey,
@@ -2217,6 +2234,11 @@ bool Extension::InitFromValue(const DictionaryValue& source, int flags,
return false;
}
content_security_policy_ = content_security_policy;
+ } else if (manifest_version_ >= 2) {
+ // Manifest version 2 introduced a default Content-Security-Policy.
+ // TODO(abarth): Should we continue to let extensions override the
+ // default Content-Security-Policy?
+ content_security_policy_ = kDefaultContentSecurityPolicy;
}
// Initialize devtools page url (optional).
diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h
index 9aefb4c..146c534 100644
--- a/chrome/common/extensions/extension.h
+++ b/chrome/common/extensions/extension.h
@@ -494,6 +494,7 @@ class Extension : public base::RefCountedThreadSafe<Extension> {
const std::string& name() const { return name_; }
const std::string& public_key() const { return public_key_; }
const std::string& description() const { return description_; }
+ int manifest_version() const { return manifest_version_; }
bool converted_from_user_script() const {
return converted_from_user_script_;
}
@@ -714,6 +715,14 @@ class Extension : public base::RefCountedThreadSafe<Extension> {
// The absolute path to the directory the extension is stored in.
FilePath path_;
+ // The version of this extension's manifest. We increase the manifest
+ // version when making breaking changes to the extension system.
+ // Version 1 was the first manifest version (implied by a lack of a
+ // manifest_version attribute in the extension's manifest). We initialize
+ // this member variable to 0 to distinguish the "uninitialized" case from
+ // the case when we know the manifest version actually is 1.
+ int manifest_version_;
+
// Default locale for fall back. Can be empty if extension is not localized.
std::string default_locale_;
diff --git a/chrome/common/extensions/extension_constants.cc b/chrome/common/extensions/extension_constants.cc
index b0bb370..85bfd52 100644
--- a/chrome/common/extensions/extension_constants.cc
+++ b/chrome/common/extensions/extension_constants.cc
@@ -53,6 +53,7 @@ const char* kLaunchLocalPath = "app.launch.local_path";
const char* kLaunchWebURL = "app.launch.web_url";
const char* kLaunchWidth = "app.launch.width";
const char* kLayouts = "layouts";
+const char* kManifestVersion = "manifest_version";
const char* kMatches = "matches";
const char* kMinimumChromeVersion = "minimum_chrome_version";
const char* kName = "name";
@@ -271,6 +272,8 @@ const char* kInvalidLaunchWidthContainer =
"Invalid container type for 'app.launch.width'.";
const char* kInvalidManifest =
"Manifest file is invalid.";
+const char* kInvalidManifestVersion =
+ "Invalid value for 'manifest_version'.";
const char* kInvalidMatch =
"Invalid value for 'content_scripts[*].matches[*]': *";
const char* kInvalidMatchCount =
diff --git a/chrome/common/extensions/extension_constants.h b/chrome/common/extensions/extension_constants.h
index 1f47f8f..ecdb13d 100644
--- a/chrome/common/extensions/extension_constants.h
+++ b/chrome/common/extensions/extension_constants.h
@@ -55,6 +55,7 @@ namespace extension_manifest_keys {
extern const char* kLaunchWebURL;
extern const char* kLaunchWidth;
extern const char* kLayouts;
+ extern const char* kManifestVersion;
extern const char* kMatches;
extern const char* kMinimumChromeVersion;
extern const char* kNaClModules;
@@ -203,6 +204,7 @@ namespace extension_manifest_errors {
extern const char* kInvalidLaunchWidth;
extern const char* kInvalidLaunchWidthContainer;
extern const char* kInvalidManifest;
+ extern const char* kInvalidManifestVersion;
extern const char* kInvalidMatch;
extern const char* kInvalidMatchCount;
extern const char* kInvalidMatches;
diff --git a/chrome/test/data/extensions/api_test/content_security_policy/test.js b/chrome/test/data/extensions/api_test/content_security_policy/test.js
index 26aa4ca..be250bd 100644
--- a/chrome/test/data/extensions/api_test/content_security_policy/test.js
+++ b/chrome/test/data/extensions/api_test/content_security_policy/test.js
@@ -1,3 +1,7 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
window.externalCanary = "Alive";
chrome.test.getConfig(function(config) {
diff --git a/chrome/test/data/extensions/api_test/default_content_security_policy/manifest.json b/chrome/test/data/extensions/api_test/default_content_security_policy/manifest.json
new file mode 100644
index 0000000..a2efd05
--- /dev/null
+++ b/chrome/test/data/extensions/api_test/default_content_security_policy/manifest.json
@@ -0,0 +1,7 @@
+{
+ "name": "default content security policy tests",
+ "version": "0.1",
+ "manifest_version": 2,
+ "description": "Checks that extensions with version 2 manifests have a default Content-Security-Policy.",
+ "background_page": "test.html"
+}
diff --git a/chrome/test/data/extensions/api_test/default_content_security_policy/test.html b/chrome/test/data/extensions/api_test/default_content_security_policy/test.html
new file mode 100644
index 0000000..b4a0461
--- /dev/null
+++ b/chrome/test/data/extensions/api_test/default_content_security_policy/test.html
@@ -0,0 +1,4 @@
+<script>
+window.inlineCanary = "FAIL: This script should not run!";
+</script>
+<script src="test.js"></script>
diff --git a/chrome/test/data/extensions/api_test/default_content_security_policy/test.js b/chrome/test/data/extensions/api_test/default_content_security_policy/test.js
new file mode 100644
index 0000000..be250bd
--- /dev/null
+++ b/chrome/test/data/extensions/api_test/default_content_security_policy/test.js
@@ -0,0 +1,25 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+window.externalCanary = "Alive";
+
+chrome.test.getConfig(function(config) {
+
+ function inlineScriptDoesNotRun() {
+ chrome.test.assertEq(window.inlineCanary, undefined);
+ chrome.test.runNextTest();
+ }
+
+ function externalScriptDoesRun() {
+ // This test is somewhat zen in the sense that if external scripts are
+ // blocked, we don't be able to even execute the test harness...
+ chrome.test.assertEq(window.externalCanary, "Alive");
+ chrome.test.runNextTest();
+ }
+
+ chrome.test.runTests([
+ inlineScriptDoesNotRun,
+ externalScriptDoesRun
+ ]);
+});
generated by cgit v1.1 at 2025-01-19 17:51:17 +0000