extensions/renderer/extension_injection_host.cc

   1 // Copyright 2015 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "extensions/common/extension_set.h"
   6 #include "extensions/common/manifest_handlers/csp_info.h"
   7 #include "extensions/renderer/extension_injection_host.h"
   8
   9 namespace extensions {
  10
  11 ExtensionInjectionHost::ExtensionInjectionHost(
  12     const Extension* extension)
  13     : InjectionHost(HostID(HostID::EXTENSIONS, extension->id())),
  14       extension_(extension) {
  15 }
  16
  17 ExtensionInjectionHost::~ExtensionInjectionHost() {
  18 }
  19
  20 // static
  21 scoped_ptr<const InjectionHost> ExtensionInjectionHost::Create(
  22     const std::string& extension_id,
  23     const ExtensionSet* extensions) {
  24   const Extension* extension = extensions->GetByID(extension_id);
  25   if (!extension)
  26     return scoped_ptr<const ExtensionInjectionHost>();
  27   return scoped_ptr<const ExtensionInjectionHost>(
  28       new ExtensionInjectionHost(extension));
  29 }
  30
  31 std::string ExtensionInjectionHost::GetContentSecurityPolicy() const {
  32   return CSPInfo::GetContentSecurityPolicy(extension_);
  33 }
  34
  35 const GURL& ExtensionInjectionHost::url() const {
  36   return extension_->url();
  37 }
  38
  39 const std::string& ExtensionInjectionHost::name() const {
  40   return extension_->name();
  41 }
  42
  43 PermissionsData::AccessType ExtensionInjectionHost::CanExecuteOnFrame(
  44     const GURL& document_url,
  45     const GURL& top_frame_url,
  46     int tab_id,
  47     bool is_declarative) const {
  48   // If we don't have a tab id, we have no UI surface to ask for user consent.
  49   // For now, we treat this as an automatic allow.
  50   if (tab_id == -1)
  51     return PermissionsData::ACCESS_ALLOWED;
  52
  53   // Declarative user scripts use "page access" (from "permissions" section in
  54   // manifest) whereas non-declarative user scripts use custom
  55   // "content script access" logic.
  56   if (is_declarative) {
  57     return extension_->permissions_data()->GetPageAccess(
  58         extension_,
  59         document_url,
  60         top_frame_url,
  61         tab_id,
  62         -1,  // no process id
  63         nullptr /* ignore error */);
  64   } else {
  65     return extension_->permissions_data()->GetContentScriptAccess(
  66         extension_,
  67         document_url,
  68         top_frame_url,
  69         tab_id,
  70         -1,  // no process id
  71         nullptr /* ignore error */);
  72   }
  73 }
  74
  75 bool ExtensionInjectionHost::ShouldNotifyBrowserOfInjection() const {
  76   // We notify the browser of any injection if the extension has no withheld
  77   // permissions (i.e., the permissions weren't restricted), but would have
  78   // otherwise been affected by the scripts-require-action feature.
  79   return extension_->permissions_data()->withheld_permissions()->IsEmpty() &&
  80          PermissionsData::ScriptsMayRequireActionForExtension(
  81              extension_,
  82              extension_->permissions_data()->active_permissions().get());
  83 }
  84
  85 }  // namespace extensions