From 1cea23942dddeeb854a0f8120812e87b5c962d34 Mon Sep 17 00:00:00 2001 From: "aa@chromium.org" Date: Thu, 23 Sep 2010 22:55:00 +0000 Subject: Allow extensions to request the icons of hosted apps. BUG=53495 TEST= Review URL: http://codereview.chromium.org/3409004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@60371 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/browser/extensions/extension_protocols.cc | 12 ++++++++---- chrome/browser/net/chrome_url_request_context.cc | 16 +++++++++++++++- chrome/browser/net/chrome_url_request_context.h | 11 +++++++++-- chrome/browser/profile_impl.cc | 3 ++- 4 files changed, 34 insertions(+), 8 deletions(-) (limited to 'chrome/browser') diff --git a/chrome/browser/extensions/extension_protocols.cc b/chrome/browser/extensions/extension_protocols.cc index f281c74..874b759 100644 --- a/chrome/browser/extensions/extension_protocols.cc +++ b/chrome/browser/extensions/extension_protocols.cc @@ -88,11 +88,15 @@ bool AllowExtensionResourceLoad(URLRequest* request, return true; // Disallow loading of packaged resources for hosted apps. We don't allow - // hybrid hosted/packaged apps. + // hybrid hosted/packaged apps. The one exception is access to icons, since + // some extensions want to be able to do things like create their own + // launchers. if (context->ExtensionHasWebExtent(request->url().host())) { - LOG(ERROR) << "Denying load of " << request->url().spec() << " from " - << "hosted app."; - return false; + if (!context->URLIsForExtensionIcon(request->url())) { + LOG(ERROR) << "Denying load of " << request->url().spec() << " from " + << "hosted app."; + return false; + } } // Don't allow toplevel navigations to extension resources in incognito mode. diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc index 11a8796..e7811fc 100644 --- a/chrome/browser/net/chrome_url_request_context.cc +++ b/chrome/browser/net/chrome_url_request_context.cc @@ -867,6 +867,19 @@ bool ChromeURLRequestContext::CheckURLAccessToExtensionPermission( permission_name) != api_permissions.end(); } +bool ChromeURLRequestContext::URLIsForExtensionIcon(const GURL& url) { + DCHECK(url.SchemeIs(chrome::kExtensionScheme)); + + ExtensionInfoMap::iterator iter = extension_info_.find(url.host()); + if (iter == extension_info_.end()) + return false; + + std::string path = url.path(); + DCHECK(path.length() > 0 && path[0] == '/'); + path = path.substr(1); + return iter->second->icons.ContainsPath(path); +} + const std::string& ChromeURLRequestContext::GetUserAgent( const GURL& url) const { return webkit_glue::GetUserAgent(url); @@ -1002,7 +1015,8 @@ ChromeURLRequestContextFactory::ChromeURLRequestContextFactory(Profile* profile) (*iter)->incognito_split_mode(), (*iter)->web_extent(), (*iter)->GetEffectiveHostPermissions(), - (*iter)->api_permissions())); + (*iter)->api_permissions(), + (*iter)->icons())); } } diff --git a/chrome/browser/net/chrome_url_request_context.h b/chrome/browser/net/chrome_url_request_context.h index fb69ee8..cd4200c 100644 --- a/chrome/browser/net/chrome_url_request_context.h +++ b/chrome/browser/net/chrome_url_request_context.h @@ -20,6 +20,7 @@ #include "chrome/browser/net/chrome_cookie_policy.h" #include "chrome/browser/prefs/pref_service.h" #include "chrome/common/extensions/extension.h" +#include "chrome/common/extensions/extension_icon_set.h" #include "chrome/common/net/url_request_context_getter.h" #include "chrome/common/notification_registrar.h" #include "net/base/cookie_monster.h" @@ -57,14 +58,16 @@ class ChromeURLRequestContext : public URLRequestContext { bool incognito_split_mode, const ExtensionExtent& extent, const ExtensionExtent& effective_host_permissions, - const std::vector& api_permissions) + const std::vector& api_permissions, + const ExtensionIconSet& icons) : name(name), path(path), default_locale(default_locale), incognito_split_mode(incognito_split_mode), extent(extent), effective_host_permissions(effective_host_permissions), - api_permissions(api_permissions) { + api_permissions(api_permissions), + icons(icons) { } const std::string name; const FilePath path; @@ -73,6 +76,7 @@ class ChromeURLRequestContext : public URLRequestContext { const ExtensionExtent extent; const ExtensionExtent effective_host_permissions; std::vector api_permissions; + ExtensionIconSet icons; }; // Map of extension info by extension id. @@ -106,6 +110,9 @@ class ChromeURLRequestContext : public URLRequestContext { bool CheckURLAccessToExtensionPermission(const GURL& url, const char* permission_name); + // Returns true if the specified URL references the icon for an extension. + bool URLIsForExtensionIcon(const GURL& url); + // Gets the path to the directory user scripts are stored in. FilePath user_script_dir_path() const { return user_script_dir_path_; diff --git a/chrome/browser/profile_impl.cc b/chrome/browser/profile_impl.cc index cce9629..22c456a 100644 --- a/chrome/browser/profile_impl.cc +++ b/chrome/browser/profile_impl.cc @@ -182,7 +182,8 @@ void PostExtensionLoadedToContextGetter(ChromeURLRequestContextGetter* getter, extension->incognito_split_mode(), extension->web_extent(), extension->GetEffectiveHostPermissions(), - extension->api_permissions()))); + extension->api_permissions(), + extension->icons()))); } void PostExtensionUnloadedToContextGetter(ChromeURLRequestContextGetter* getter, -- cgit v1.1