1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "extensions/browser/api/web_request/web_request_permissions.h"
7 #include "base/strings/string_util.h"
8 #include "base/strings/stringprintf.h"
9 #include "content/public/browser/resource_request_info.h"
10 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h"
11 #include "extensions/browser/info_map.h"
12 #include "extensions/common/constants.h"
13 #include "extensions/common/extension.h"
14 #include "extensions/common/extension_urls.h"
15 #include "extensions/common/permissions/permissions_data.h"
16 #include "net/url_request/url_request.h"
19 using content::ResourceRequestInfo
;
23 // Returns true if the URL is sensitive and requests to this URL must not be
24 // modified/canceled by extensions, e.g. because it is targeted to the webstore
25 // to check for updates, extension blacklisting, etc.
26 bool IsSensitiveURL(const GURL
& url
) {
27 // TODO(battre) Merge this, CanExtensionAccessURL and
28 // PermissionsData::CanAccessPage into one function.
29 bool sensitive_chrome_url
= false;
30 const std::string host
= url
.host();
31 const char kGoogleCom
[] = ".google.com";
32 const char kClient
[] = "clients";
33 if (base::EndsWith(host
, kGoogleCom
, base::CompareCase::SENSITIVE
)) {
34 // Check for "clients[0-9]*.google.com" hosts.
35 // This protects requests to several internal services such as sync,
36 // extension update pings, captive portal detection, fraudulent certificate
37 // reporting, autofill and others.
38 if (base::StartsWith(host
, kClient
, base::CompareCase::SENSITIVE
)) {
40 for (std::string::const_iterator i
= host
.begin() + strlen(kClient
),
41 end
= host
.end() - strlen(kGoogleCom
); i
!= end
; ++i
) {
47 sensitive_chrome_url
= sensitive_chrome_url
|| match
;
49 // This protects requests to safe browsing, link doctor, and possibly
51 sensitive_chrome_url
=
52 sensitive_chrome_url
||
53 base::EndsWith(url
.host(), ".clients.google.com",
54 base::CompareCase::SENSITIVE
) ||
55 url
.host() == "sb-ssl.google.com" ||
56 (url
.host() == "chrome.google.com" &&
57 base::StartsWith(url
.path(), "/webstore",
58 base::CompareCase::SENSITIVE
));
60 GURL::Replacements replacements
;
61 replacements
.ClearQuery();
62 replacements
.ClearRef();
63 GURL url_without_query
= url
.ReplaceComponents(replacements
);
64 return sensitive_chrome_url
||
65 extension_urls::IsWebstoreUpdateUrl(url_without_query
) ||
66 extension_urls::IsBlacklistUpdateUrl(url
);
69 // Returns true if the scheme is one we want to allow extensions to have access
70 // to. Extensions still need specific permissions for a given URL, which is
71 // covered by CanExtensionAccessURL.
72 bool HasWebRequestScheme(const GURL
& url
) {
73 return (url
.SchemeIs(url::kAboutScheme
) || url
.SchemeIs(url::kFileScheme
) ||
74 url
.SchemeIs(url::kFileSystemScheme
) ||
75 url
.SchemeIs(url::kFtpScheme
) || url
.SchemeIs(url::kHttpScheme
) ||
76 url
.SchemeIs(url::kHttpsScheme
) ||
77 url
.SchemeIs(extensions::kExtensionScheme
));
83 bool WebRequestPermissions::HideRequest(
84 const extensions::InfoMap
* extension_info_map
,
85 const net::URLRequest
* request
) {
86 // Hide requests from the Chrome WebStore App or signin process.
87 const ResourceRequestInfo
* info
= ResourceRequestInfo::ForRequest(request
);
89 int process_id
= info
->GetChildID();
90 // Never hide requests from guest processes.
91 if (extensions::WebViewRendererState::GetInstance()->IsGuest(process_id
))
94 if (extension_info_map
&&
95 extension_info_map
->process_map().Contains(extensions::kWebStoreAppId
,
101 const GURL
& url
= request
->url();
102 return IsSensitiveURL(url
) || !HasWebRequestScheme(url
);
106 bool WebRequestPermissions::CanExtensionAccessURL(
107 const extensions::InfoMap
* extension_info_map
,
108 const std::string
& extension_id
,
110 bool crosses_incognito
,
111 HostPermissionsCheck host_permissions_check
) {
112 // extension_info_map can be NULL in testing.
113 if (!extension_info_map
)
116 const extensions::Extension
* extension
=
117 extension_info_map
->extensions().GetByID(extension_id
);
121 // Check if this event crosses incognito boundaries when it shouldn't.
122 if (crosses_incognito
&& !extension_info_map
->CanCrossIncognito(extension
))
125 switch (host_permissions_check
) {
126 case DO_NOT_CHECK_HOST
:
128 case REQUIRE_HOST_PERMISSION
:
129 // about: URLs are not covered in host permissions, but are allowed
131 if (!((url
.SchemeIs(url::kAboutScheme
) ||
132 extension
->permissions_data()->HasHostPermission(url
) ||
133 url
.GetOrigin() == extension
->url()))) {
137 case REQUIRE_ALL_URLS
:
138 if (!extension
->permissions_data()->HasEffectiveAccessToAllHosts())