search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add python coverage module to third_party
[chromium-blink-merge.git] / chrome / common / extensions / chrome_extensions_client.cc
blob4f2fbc2d0ca94f5e13193f50a9c652feb4bbd183
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/chrome_extensions_client.h"
6
7 #include "base/command_line.h"
8 #include "base/files/file_path.h"
9 #include "base/strings/string_util.h"
10 #include "base/values.h"
11 #include "chrome/common/chrome_switches.h"
12 #include "chrome/common/chrome_version_info.h"
13 #include "chrome/common/extensions/api/extension_action/action_info.h"
14 #include "chrome/common/extensions/api/generated_schemas.h"
15 #include "chrome/common/extensions/chrome_manifest_handlers.h"
16 #include "chrome/common/extensions/extension_constants.h"
17 #include "chrome/common/extensions/features/chrome_channel_feature_filter.h"
18 #include "chrome/common/extensions/features/feature_channel.h"
19 #include "chrome/common/extensions/manifest_handlers/theme_handler.h"
20 #include "chrome/common/url_constants.h"
21 #include "chrome/grit/chromium_strings.h"
22 #include "chrome/grit/common_resources.h"
23 #include "chrome/grit/extensions_api_resources.h"
24 #include "chrome/grit/generated_resources.h"
25 #include "content/public/common/url_constants.h"
26 #include "extensions/common/api/generated_schemas.h"
27 #include "extensions/common/common_manifest_handlers.h"
28 #include "extensions/common/constants.h"
29 #include "extensions/common/extension.h"
30 #include "extensions/common/extension_api.h"
31 #include "extensions/common/extension_icon_set.h"
32 #include "extensions/common/extension_urls.h"
33 #include "extensions/common/features/api_feature.h"
34 #include "extensions/common/features/base_feature_provider.h"
35 #include "extensions/common/features/feature_provider.h"
36 #include "extensions/common/features/json_feature_provider_source.h"
37 #include "extensions/common/features/manifest_feature.h"
38 #include "extensions/common/features/permission_feature.h"
39 #include "extensions/common/features/simple_feature.h"
40 #include "extensions/common/manifest_constants.h"
41 #include "extensions/common/manifest_handler.h"
42 #include "extensions/common/manifest_handlers/icons_handler.h"
43 #include "extensions/common/permissions/api_permission_set.h"
44 #include "extensions/common/permissions/permission_message.h"
45 #include "extensions/common/permissions/permissions_info.h"
46 #include "extensions/common/url_pattern.h"
47 #include "extensions/common/url_pattern_set.h"
48 #include "extensions/grit/extensions_resources.h"
49 #include "ui/base/l10n/l10n_util.h"
50 #include "url/gurl.h"
51
52 namespace extensions {
53
54 namespace {
55
56 // TODO(battre): Delete the HTTP URL once the blacklist is downloaded via HTTPS.
57 const char kExtensionBlocklistUrlPrefix[] =
58 "http://www.gstatic.com/chrome/extensions/blacklist";
59 const char kExtensionBlocklistHttpsUrlPrefix[] =
60 "https://www.gstatic.com/chrome/extensions/blacklist";
61
62 const char kThumbsWhiteListedExtension[] = "khopmbdjffemhegeeobelklnbglcdgfh";
63
64 template <class FeatureClass>
65 SimpleFeature* CreateFeature() {
66 SimpleFeature* feature = new FeatureClass;
67 feature->AddFilter(
68 scoped_ptr<SimpleFeatureFilter>(new ChromeChannelFeatureFilter(feature)));
69 return feature;
70 }
71
72 // Add the image paths contained in the |icon_set| to |image_paths|.
73 void AddPathsFromIconSet(const ExtensionIconSet& icon_set,
74 std::set<base::FilePath>* image_paths) {
75 // TODO(viettrungluu): These |FilePath::FromUTF8Unsafe()| indicate that we're
76 // doing something wrong.
77 for (ExtensionIconSet::IconMap::const_iterator iter = icon_set.map().begin();
78 iter != icon_set.map().end(); ++iter) {
79 image_paths->insert(base::FilePath::FromUTF8Unsafe(iter->second));
80 }
81 }
82
83 } // namespace
84
85 static base::LazyInstance<ChromeExtensionsClient> g_client =
86 LAZY_INSTANCE_INITIALIZER;
87
88 ChromeExtensionsClient::ChromeExtensionsClient()
89 : chrome_api_permissions_(ChromeAPIPermissions()),
90 extensions_api_permissions_(ExtensionsAPIPermissions()) {
91 }
92
93 ChromeExtensionsClient::~ChromeExtensionsClient() {
94 }
95
96 void ChromeExtensionsClient::Initialize() {
97 // Registration could already be finalized in unit tests, where the utility
98 // thread runs in-process.
99 if (!ManifestHandler::IsRegistrationFinalized()) {
100 RegisterCommonManifestHandlers();
101 RegisterChromeManifestHandlers();
102 ManifestHandler::FinalizeRegistration();
103 }
104
105 // Set up permissions.
106 PermissionsInfo::GetInstance()->AddProvider(chrome_api_permissions_);
107 PermissionsInfo::GetInstance()->AddProvider(extensions_api_permissions_);
108
109 // Set up the scripting whitelist.
110 // Whitelist ChromeVox, an accessibility extension from Google that needs
111 // the ability to script webui pages. This is temporary and is not
112 // meant to be a general solution.
113 // TODO(dmazzoni): remove this once we have an extension API that
114 // allows any extension to request read-only access to webui pages.
115 scripting_whitelist_.push_back(extension_misc::kChromeVoxExtensionId);
116
117 // Whitelist "Discover DevTools Companion" extension from Google that
118 // needs the ability to script DevTools pages. Companion will assist
119 // online courses and will be needed while the online educational programs
120 // are in place.
121 scripting_whitelist_.push_back("angkfkebojeancgemegoedelbnjgcgme");
122 }
123
124 const PermissionMessageProvider&
125 ChromeExtensionsClient::GetPermissionMessageProvider() const {
126 return permission_message_provider_;
127 }
128
129 const std::string ChromeExtensionsClient::GetProductName() {
130 return l10n_util::GetStringUTF8(IDS_PRODUCT_NAME);
131 }
132
133 scoped_ptr<FeatureProvider> ChromeExtensionsClient::CreateFeatureProvider(
134 const std::string& name) const {
135 scoped_ptr<FeatureProvider> provider;
136 scoped_ptr<JSONFeatureProviderSource> source(
137 CreateFeatureProviderSource(name));
138 if (name == "api") {
139 provider.reset(new BaseFeatureProvider(source->dictionary(),
140 CreateFeature<APIFeature>));
141 } else if (name == "manifest") {
142 provider.reset(new BaseFeatureProvider(source->dictionary(),
143 CreateFeature<ManifestFeature>));
144 } else if (name == "permission") {
145 provider.reset(new BaseFeatureProvider(source->dictionary(),
146 CreateFeature<PermissionFeature>));
147 } else {
148 NOTREACHED();
149 }
150 return provider.Pass();
151 }
152
153 scoped_ptr<JSONFeatureProviderSource>
154 ChromeExtensionsClient::CreateFeatureProviderSource(
155 const std::string& name) const {
156 scoped_ptr<JSONFeatureProviderSource> source(
157 new JSONFeatureProviderSource(name));
158 if (name == "api") {
159 source->LoadJSON(IDR_EXTENSION_API_FEATURES);
160 source->LoadJSON(IDR_CHROME_EXTENSION_API_FEATURES);
161 } else if (name == "manifest") {
162 source->LoadJSON(IDR_EXTENSION_MANIFEST_FEATURES);
163 source->LoadJSON(IDR_CHROME_EXTENSION_MANIFEST_FEATURES);
164 } else if (name == "permission") {
165 source->LoadJSON(IDR_EXTENSION_PERMISSION_FEATURES);
166 source->LoadJSON(IDR_CHROME_EXTENSION_PERMISSION_FEATURES);
167 } else {
168 NOTREACHED();
169 source.reset();
170 }
171 return source.Pass();
172 }
173
174 void ChromeExtensionsClient::FilterHostPermissions(
175 const URLPatternSet& hosts,
176 URLPatternSet* new_hosts,
177 std::set<PermissionMessage>* messages) const {
178 for (URLPatternSet::const_iterator i = hosts.begin();
179 i != hosts.end(); ++i) {
180 // Filters out every URL pattern that matches chrome:// scheme.
181 if (i->scheme() == content::kChromeUIScheme) {
182 // chrome://favicon is the only URL for chrome:// scheme that we
183 // want to support. We want to deprecate the "chrome" scheme.
184 // We should not add any additional "host" here.
185 if (GURL(chrome::kChromeUIFaviconURL).host() != i->host())
186 continue;
187 messages->insert(PermissionMessage(
188 PermissionMessage::kFavicon,
189 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FAVICON)));
190 } else {
191 new_hosts->AddPattern(*i);
192 }
193 }
194 }
195
196 void ChromeExtensionsClient::SetScriptingWhitelist(
197 const ExtensionsClient::ScriptingWhitelist& whitelist) {
198 scripting_whitelist_ = whitelist;
199 }
200
201 const ExtensionsClient::ScriptingWhitelist&
202 ChromeExtensionsClient::GetScriptingWhitelist() const {
203 return scripting_whitelist_;
204 }
205
206 URLPatternSet ChromeExtensionsClient::GetPermittedChromeSchemeHosts(
207 const Extension* extension,
208 const APIPermissionSet& api_permissions) const {
209 URLPatternSet hosts;
210 // Regular extensions are only allowed access to chrome://favicon.
211 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
212 chrome::kChromeUIFaviconURL));
213
214 // Experimental extensions are also allowed chrome://thumb.
215 //
216 // TODO: A public API should be created for retrieving thumbnails.
217 // See http://crbug.com/222856. A temporary hack is implemented here to
218 // make chrome://thumbs available to NTP Russia extension as
219 // non-experimental.
220 if ((api_permissions.find(APIPermission::kExperimental) !=
221 api_permissions.end()) ||
222 (extension->id() == kThumbsWhiteListedExtension &&
223 extension->from_webstore())) {
224 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
225 chrome::kChromeUIThumbnailURL));
226 }
227 return hosts;
228 }
229
230 bool ChromeExtensionsClient::IsScriptableURL(
231 const GURL& url, std::string* error) const {
232 // The gallery is special-cased as a restricted URL for scripting to prevent
233 // access to special JS bindings we expose to the gallery (and avoid things
234 // like extensions removing the "report abuse" link).
235 // TODO(erikkay): This seems like the wrong test. Shouldn't we we testing
236 // against the store app extent?
237 GURL store_url(extension_urls::GetWebstoreLaunchURL());
238 if (url.host() == store_url.host()) {
239 if (error)
240 *error = manifest_errors::kCannotScriptGallery;
241 return false;
242 }
243 return true;
244 }
245
246 bool ChromeExtensionsClient::IsAPISchemaGenerated(
247 const std::string& name) const {
248 // Test from most common to least common.
249 return api::GeneratedSchemas::IsGenerated(name) ||
250 core_api::GeneratedSchemas::IsGenerated(name);
251 }
252
253 base::StringPiece ChromeExtensionsClient::GetAPISchema(
254 const std::string& name) const {
255 // Test from most common to least common.
256 if (api::GeneratedSchemas::IsGenerated(name))
257 return api::GeneratedSchemas::Get(name);
258
259 return core_api::GeneratedSchemas::Get(name);
260 }
261
262 void ChromeExtensionsClient::RegisterAPISchemaResources(
263 ExtensionAPI* api) const {
264 api->RegisterSchemaResource("accessibilityPrivate",
265 IDR_EXTENSION_API_JSON_ACCESSIBILITYPRIVATE);
266 api->RegisterSchemaResource("app", IDR_EXTENSION_API_JSON_APP);
267 api->RegisterSchemaResource("browserAction",
268 IDR_EXTENSION_API_JSON_BROWSERACTION);
269 api->RegisterSchemaResource("commands", IDR_EXTENSION_API_JSON_COMMANDS);
270 api->RegisterSchemaResource("declarativeContent",
271 IDR_EXTENSION_API_JSON_DECLARATIVE_CONTENT);
272 api->RegisterSchemaResource("fileBrowserHandler",
273 IDR_EXTENSION_API_JSON_FILEBROWSERHANDLER);
274 api->RegisterSchemaResource("inputMethodPrivate",
275 IDR_EXTENSION_API_JSON_INPUTMETHODPRIVATE);
276 api->RegisterSchemaResource("pageAction", IDR_EXTENSION_API_JSON_PAGEACTION);
277 api->RegisterSchemaResource("privacy", IDR_EXTENSION_API_JSON_PRIVACY);
278 api->RegisterSchemaResource("processes", IDR_EXTENSION_API_JSON_PROCESSES);
279 api->RegisterSchemaResource("proxy", IDR_EXTENSION_API_JSON_PROXY);
280 api->RegisterSchemaResource("scriptBadge",
281 IDR_EXTENSION_API_JSON_SCRIPTBADGE);
282 api->RegisterSchemaResource("ttsEngine", IDR_EXTENSION_API_JSON_TTSENGINE);
283 api->RegisterSchemaResource("tts", IDR_EXTENSION_API_JSON_TTS);
284 api->RegisterSchemaResource("types", IDR_EXTENSION_API_JSON_TYPES);
285 api->RegisterSchemaResource("types.private",
286 IDR_EXTENSION_API_JSON_TYPES_PRIVATE);
287 api->RegisterSchemaResource("webstore", IDR_EXTENSION_API_JSON_WEBSTORE);
288 }
289
290 bool ChromeExtensionsClient::ShouldSuppressFatalErrors() const {
291 // Suppress fatal errors only on beta and stable channels.
292 return GetCurrentChannel() > chrome::VersionInfo::CHANNEL_DEV;
293 }
294
295 std::string ChromeExtensionsClient::GetWebstoreBaseURL() const {
296 std::string gallery_prefix = extension_urls::kChromeWebstoreBaseURL;
297 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kAppsGalleryURL))
298 gallery_prefix = CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
299 switches::kAppsGalleryURL);
300 if (EndsWith(gallery_prefix, "/", true))
301 gallery_prefix = gallery_prefix.substr(0, gallery_prefix.length() - 1);
302 return gallery_prefix;
303 }
304
305 std::string ChromeExtensionsClient::GetWebstoreUpdateURL() const {
306 CommandLine* cmdline = CommandLine::ForCurrentProcess();
307 if (cmdline->HasSwitch(switches::kAppsGalleryUpdateURL))
308 return cmdline->GetSwitchValueASCII(switches::kAppsGalleryUpdateURL);
309 else
310 return extension_urls::GetDefaultWebstoreUpdateUrl().spec();
311 }
312
313 bool ChromeExtensionsClient::IsBlacklistUpdateURL(const GURL& url) const {
314 // The extension blacklist URL is returned from the update service and
315 // therefore not determined by Chromium. If the location of the blacklist file
316 // ever changes, we need to update this function. A DCHECK in the
317 // ExtensionUpdater ensures that we notice a change. This is the full URL
318 // of a blacklist:
319 // http://www.gstatic.com/chrome/extensions/blacklist/l_0_0_0_7.txt
320 return StartsWithASCII(url.spec(), kExtensionBlocklistUrlPrefix, true) ||
321 StartsWithASCII(url.spec(), kExtensionBlocklistHttpsUrlPrefix, true);
322 }
323
324 std::set<base::FilePath> ChromeExtensionsClient::GetBrowserImagePaths(
325 const Extension* extension) {
326 std::set<base::FilePath> image_paths;
327
328 AddPathsFromIconSet(extensions::IconsInfo::GetIcons(extension), &image_paths);
329
330 // Theme images
331 const base::DictionaryValue* theme_images =
332 extensions::ThemeInfo::GetImages(extension);
333 if (theme_images) {
334 for (base::DictionaryValue::Iterator it(*theme_images); !it.IsAtEnd();
335 it.Advance()) {
336 base::FilePath::StringType path;
337 if (it.value().GetAsString(&path))
338 image_paths.insert(base::FilePath(path));
339 }
340 }
341
342 const extensions::ActionInfo* page_action =
343 extensions::ActionInfo::GetPageActionInfo(extension);
344 if (page_action && !page_action->default_icon.empty())
345 AddPathsFromIconSet(page_action->default_icon, &image_paths);
346
347 const extensions::ActionInfo* browser_action =
348 extensions::ActionInfo::GetBrowserActionInfo(extension);
349 if (browser_action && !browser_action->default_icon.empty())
350 AddPathsFromIconSet(browser_action->default_icon, &image_paths);
351
352 return image_paths;
353 }
354
355 // static
356 ChromeExtensionsClient* ChromeExtensionsClient::GetInstance() {
357 return g_client.Pointer();
358 }
359
360 } // namespace extensions