Roll src/third_party/WebKit d9c6159:8139f33 (svn 201974:201975)
[chromium-blink-merge.git] / chrome / common / extensions / chrome_extensions_client.cc
blob1213fcb0aa848095779e8f2ba1e2d58d916c8a5b
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/common/extensions/chrome_extensions_client.h"
7 #include "base/command_line.h"
8 #include "base/files/file_path.h"
9 #include "base/metrics/histogram_macros.h"
10 #include "base/strings/string_util.h"
11 #include "base/values.h"
12 #include "chrome/common/chrome_switches.h"
13 #include "chrome/common/extensions/api/extension_action/action_info.h"
14 #include "chrome/common/extensions/api/generated_schemas.h"
15 #include "chrome/common/extensions/chrome_manifest_handlers.h"
16 #include "chrome/common/extensions/extension_constants.h"
17 #include "chrome/common/extensions/features/chrome_channel_feature_filter.h"
18 #include "chrome/common/extensions/features/feature_channel.h"
19 #include "chrome/common/extensions/manifest_handlers/theme_handler.h"
20 #include "chrome/common/url_constants.h"
21 #include "chrome/grit/chromium_strings.h"
22 #include "chrome/grit/common_resources.h"
23 #include "chrome/grit/extensions_api_resources.h"
24 #include "chrome/grit/generated_resources.h"
25 #include "components/version_info/version_info.h"
26 #include "content/public/common/url_constants.h"
27 #include "extensions/common/api/generated_schemas.h"
28 #include "extensions/common/common_manifest_handlers.h"
29 #include "extensions/common/constants.h"
30 #include "extensions/common/extension.h"
31 #include "extensions/common/extension_api.h"
32 #include "extensions/common/extension_icon_set.h"
33 #include "extensions/common/extension_urls.h"
34 #include "extensions/common/features/api_feature.h"
35 #include "extensions/common/features/base_feature_provider.h"
36 #include "extensions/common/features/behavior_feature.h"
37 #include "extensions/common/features/feature_provider.h"
38 #include "extensions/common/features/json_feature_provider_source.h"
39 #include "extensions/common/features/manifest_feature.h"
40 #include "extensions/common/features/permission_feature.h"
41 #include "extensions/common/features/simple_feature.h"
42 #include "extensions/common/manifest_constants.h"
43 #include "extensions/common/manifest_handler.h"
44 #include "extensions/common/manifest_handlers/icons_handler.h"
45 #include "extensions/common/permissions/api_permission_set.h"
46 #include "extensions/common/permissions/permissions_info.h"
47 #include "extensions/common/url_pattern.h"
48 #include "extensions/common/url_pattern_set.h"
49 #include "extensions/grit/extensions_resources.h"
50 #include "ui/base/l10n/l10n_util.h"
51 #include "url/gurl.h"
53 namespace extensions {
55 namespace {
57 // TODO(battre): Delete the HTTP URL once the blacklist is downloaded via HTTPS.
58 const char kExtensionBlocklistUrlPrefix[] =
59 "http://www.gstatic.com/chrome/extensions/blacklist";
60 const char kExtensionBlocklistHttpsUrlPrefix[] =
61 "https://www.gstatic.com/chrome/extensions/blacklist";
63 const char kThumbsWhiteListedExtension[] = "khopmbdjffemhegeeobelklnbglcdgfh";
65 template <class FeatureClass>
66 SimpleFeature* CreateFeature() {
67 SimpleFeature* feature = new FeatureClass;
68 feature->AddFilter(
69 scoped_ptr<SimpleFeatureFilter>(new ChromeChannelFeatureFilter(feature)));
70 return feature;
73 // Mirrors version_info::Channel for histograms.
74 enum ChromeChannelForHistogram {
75 CHANNEL_UNKNOWN,
76 CHANNEL_CANARY,
77 CHANNEL_DEV,
78 CHANNEL_BETA,
79 CHANNEL_STABLE,
80 NUM_CHANNELS_FOR_HISTOGRAM
83 ChromeChannelForHistogram GetChromeChannelForHistogram(
84 version_info::Channel channel) {
85 switch (channel) {
86 case version_info::Channel::UNKNOWN:
87 return CHANNEL_UNKNOWN;
88 case version_info::Channel::CANARY:
89 return CHANNEL_CANARY;
90 case version_info::Channel::DEV:
91 return CHANNEL_DEV;
92 case version_info::Channel::BETA:
93 return CHANNEL_BETA;
94 case version_info::Channel::STABLE:
95 return CHANNEL_STABLE;
97 NOTREACHED() << static_cast<int>(channel);
98 return CHANNEL_UNKNOWN;
101 } // namespace
103 static base::LazyInstance<ChromeExtensionsClient> g_client =
104 LAZY_INSTANCE_INITIALIZER;
106 ChromeExtensionsClient::ChromeExtensionsClient()
107 : chrome_api_permissions_(ChromeAPIPermissions()),
108 extensions_api_permissions_(ExtensionsAPIPermissions()) {
111 ChromeExtensionsClient::~ChromeExtensionsClient() {
114 void ChromeExtensionsClient::Initialize() {
115 // Registration could already be finalized in unit tests, where the utility
116 // thread runs in-process.
117 if (!ManifestHandler::IsRegistrationFinalized()) {
118 RegisterCommonManifestHandlers();
119 RegisterChromeManifestHandlers();
120 ManifestHandler::FinalizeRegistration();
123 // Set up permissions.
124 PermissionsInfo::GetInstance()->AddProvider(chrome_api_permissions_);
125 PermissionsInfo::GetInstance()->AddProvider(extensions_api_permissions_);
127 // Set up the scripting whitelist.
128 // Whitelist ChromeVox, an accessibility extension from Google that needs
129 // the ability to script webui pages. This is temporary and is not
130 // meant to be a general solution.
131 // TODO(dmazzoni): remove this once we have an extension API that
132 // allows any extension to request read-only access to webui pages.
133 scripting_whitelist_.push_back(extension_misc::kChromeVoxExtensionId);
136 const PermissionMessageProvider&
137 ChromeExtensionsClient::GetPermissionMessageProvider() const {
138 return permission_message_provider_;
141 const std::string ChromeExtensionsClient::GetProductName() {
142 return l10n_util::GetStringUTF8(IDS_PRODUCT_NAME);
145 scoped_ptr<FeatureProvider> ChromeExtensionsClient::CreateFeatureProvider(
146 const std::string& name) const {
147 scoped_ptr<FeatureProvider> provider;
148 scoped_ptr<JSONFeatureProviderSource> source(
149 CreateFeatureProviderSource(name));
150 if (name == "api") {
151 provider.reset(new BaseFeatureProvider(source->dictionary(),
152 CreateFeature<APIFeature>));
153 } else if (name == "manifest") {
154 provider.reset(new BaseFeatureProvider(source->dictionary(),
155 CreateFeature<ManifestFeature>));
156 } else if (name == "permission") {
157 provider.reset(new BaseFeatureProvider(source->dictionary(),
158 CreateFeature<PermissionFeature>));
159 } else if (name == "behavior") {
160 provider.reset(new BaseFeatureProvider(source->dictionary(),
161 CreateFeature<BehaviorFeature>));
162 } else {
163 NOTREACHED();
165 return provider.Pass();
168 scoped_ptr<JSONFeatureProviderSource>
169 ChromeExtensionsClient::CreateFeatureProviderSource(
170 const std::string& name) const {
171 scoped_ptr<JSONFeatureProviderSource> source(
172 new JSONFeatureProviderSource(name));
173 if (name == "api") {
174 source->LoadJSON(IDR_EXTENSION_API_FEATURES);
175 source->LoadJSON(IDR_CHROME_EXTENSION_API_FEATURES);
176 } else if (name == "manifest") {
177 source->LoadJSON(IDR_EXTENSION_MANIFEST_FEATURES);
178 source->LoadJSON(IDR_CHROME_EXTENSION_MANIFEST_FEATURES);
179 } else if (name == "permission") {
180 source->LoadJSON(IDR_EXTENSION_PERMISSION_FEATURES);
181 source->LoadJSON(IDR_CHROME_EXTENSION_PERMISSION_FEATURES);
182 } else if (name == "behavior") {
183 source->LoadJSON(IDR_EXTENSION_BEHAVIOR_FEATURES);
184 } else {
185 NOTREACHED();
186 source.reset();
188 return source.Pass();
191 void ChromeExtensionsClient::FilterHostPermissions(
192 const URLPatternSet& hosts,
193 URLPatternSet* new_hosts,
194 PermissionIDSet* permissions) const {
195 // When editing this function, be sure to add the same functionality to
196 // FilterHostPermissions() above.
197 for (URLPatternSet::const_iterator i = hosts.begin(); i != hosts.end(); ++i) {
198 // Filters out every URL pattern that matches chrome:// scheme.
199 if (i->scheme() == content::kChromeUIScheme) {
200 // chrome://favicon is the only URL for chrome:// scheme that we
201 // want to support. We want to deprecate the "chrome" scheme.
202 // We should not add any additional "host" here.
203 if (GURL(chrome::kChromeUIFaviconURL).host() != i->host())
204 continue;
205 permissions->insert(APIPermission::kFavicon);
206 } else {
207 new_hosts->AddPattern(*i);
212 void ChromeExtensionsClient::SetScriptingWhitelist(
213 const ExtensionsClient::ScriptingWhitelist& whitelist) {
214 scripting_whitelist_ = whitelist;
217 const ExtensionsClient::ScriptingWhitelist&
218 ChromeExtensionsClient::GetScriptingWhitelist() const {
219 return scripting_whitelist_;
222 URLPatternSet ChromeExtensionsClient::GetPermittedChromeSchemeHosts(
223 const Extension* extension,
224 const APIPermissionSet& api_permissions) const {
225 URLPatternSet hosts;
226 // Regular extensions are only allowed access to chrome://favicon.
227 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
228 chrome::kChromeUIFaviconURL));
230 // Experimental extensions are also allowed chrome://thumb.
232 // TODO: A public API should be created for retrieving thumbnails.
233 // See http://crbug.com/222856. A temporary hack is implemented here to
234 // make chrome://thumbs available to NTP Russia extension as
235 // non-experimental.
236 if ((api_permissions.find(APIPermission::kExperimental) !=
237 api_permissions.end()) ||
238 (extension->id() == kThumbsWhiteListedExtension &&
239 extension->from_webstore())) {
240 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
241 chrome::kChromeUIThumbnailURL));
243 return hosts;
246 bool ChromeExtensionsClient::IsScriptableURL(
247 const GURL& url, std::string* error) const {
248 // The gallery is special-cased as a restricted URL for scripting to prevent
249 // access to special JS bindings we expose to the gallery (and avoid things
250 // like extensions removing the "report abuse" link).
251 // TODO(erikkay): This seems like the wrong test. Shouldn't we we testing
252 // against the store app extent?
253 GURL store_url(extension_urls::GetWebstoreLaunchURL());
254 if (url.host() == store_url.host()) {
255 if (error)
256 *error = manifest_errors::kCannotScriptGallery;
257 return false;
259 return true;
262 bool ChromeExtensionsClient::IsAPISchemaGenerated(
263 const std::string& name) const {
264 // Test from most common to least common.
265 return api::ChromeGeneratedSchemas::IsGenerated(name) ||
266 api::GeneratedSchemas::IsGenerated(name);
269 base::StringPiece ChromeExtensionsClient::GetAPISchema(
270 const std::string& name) const {
271 // Test from most common to least common.
272 if (api::ChromeGeneratedSchemas::IsGenerated(name))
273 return api::ChromeGeneratedSchemas::Get(name);
275 return api::GeneratedSchemas::Get(name);
278 void ChromeExtensionsClient::RegisterAPISchemaResources(
279 ExtensionAPI* api) const {
280 api->RegisterSchemaResource("accessibilityPrivate",
281 IDR_EXTENSION_API_JSON_ACCESSIBILITYPRIVATE);
282 api->RegisterSchemaResource("app", IDR_EXTENSION_API_JSON_APP);
283 api->RegisterSchemaResource("browserAction",
284 IDR_EXTENSION_API_JSON_BROWSERACTION);
285 api->RegisterSchemaResource("commands", IDR_EXTENSION_API_JSON_COMMANDS);
286 api->RegisterSchemaResource("declarativeContent",
287 IDR_EXTENSION_API_JSON_DECLARATIVE_CONTENT);
288 api->RegisterSchemaResource("fileBrowserHandler",
289 IDR_EXTENSION_API_JSON_FILEBROWSERHANDLER);
290 api->RegisterSchemaResource("inputMethodPrivate",
291 IDR_EXTENSION_API_JSON_INPUTMETHODPRIVATE);
292 api->RegisterSchemaResource("pageAction", IDR_EXTENSION_API_JSON_PAGEACTION);
293 api->RegisterSchemaResource("privacy", IDR_EXTENSION_API_JSON_PRIVACY);
294 api->RegisterSchemaResource("processes", IDR_EXTENSION_API_JSON_PROCESSES);
295 api->RegisterSchemaResource("proxy", IDR_EXTENSION_API_JSON_PROXY);
296 api->RegisterSchemaResource("ttsEngine", IDR_EXTENSION_API_JSON_TTSENGINE);
297 api->RegisterSchemaResource("tts", IDR_EXTENSION_API_JSON_TTS);
298 api->RegisterSchemaResource("types", IDR_EXTENSION_API_JSON_TYPES);
299 api->RegisterSchemaResource("types.private",
300 IDR_EXTENSION_API_JSON_TYPES_PRIVATE);
301 api->RegisterSchemaResource("webstore", IDR_EXTENSION_API_JSON_WEBSTORE);
304 bool ChromeExtensionsClient::ShouldSuppressFatalErrors() const {
305 // Suppress fatal everywhere until the cause of bugs like http://crbug/471599
306 // are fixed. This would typically be:
307 // return GetCurrentChannel() > version_info::Channel::DEV;
308 return true;
311 void ChromeExtensionsClient::RecordDidSuppressFatalError() {
312 UMA_HISTOGRAM_ENUMERATION("Extensions.DidSuppressJavaScriptException",
313 GetChromeChannelForHistogram(GetCurrentChannel()),
314 NUM_CHANNELS_FOR_HISTOGRAM);
317 std::string ChromeExtensionsClient::GetWebstoreBaseURL() const {
318 std::string gallery_prefix = extension_urls::kChromeWebstoreBaseURL;
319 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
320 switches::kAppsGalleryURL))
321 gallery_prefix =
322 base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
323 switches::kAppsGalleryURL);
324 if (base::EndsWith(gallery_prefix, "/", base::CompareCase::SENSITIVE))
325 gallery_prefix = gallery_prefix.substr(0, gallery_prefix.length() - 1);
326 return gallery_prefix;
329 std::string ChromeExtensionsClient::GetWebstoreUpdateURL() const {
330 base::CommandLine* cmdline = base::CommandLine::ForCurrentProcess();
331 if (cmdline->HasSwitch(switches::kAppsGalleryUpdateURL))
332 return cmdline->GetSwitchValueASCII(switches::kAppsGalleryUpdateURL);
333 else
334 return extension_urls::GetDefaultWebstoreUpdateUrl().spec();
337 bool ChromeExtensionsClient::IsBlacklistUpdateURL(const GURL& url) const {
338 // The extension blacklist URL is returned from the update service and
339 // therefore not determined by Chromium. If the location of the blacklist file
340 // ever changes, we need to update this function. A DCHECK in the
341 // ExtensionUpdater ensures that we notice a change. This is the full URL
342 // of a blacklist:
343 // http://www.gstatic.com/chrome/extensions/blacklist/l_0_0_0_7.txt
344 return base::StartsWith(url.spec(), kExtensionBlocklistUrlPrefix,
345 base::CompareCase::SENSITIVE) ||
346 base::StartsWith(url.spec(), kExtensionBlocklistHttpsUrlPrefix,
347 base::CompareCase::SENSITIVE);
350 std::set<base::FilePath> ChromeExtensionsClient::GetBrowserImagePaths(
351 const Extension* extension) {
352 std::set<base::FilePath> image_paths =
353 ExtensionsClient::GetBrowserImagePaths(extension);
355 // Theme images
356 const base::DictionaryValue* theme_images =
357 extensions::ThemeInfo::GetImages(extension);
358 if (theme_images) {
359 for (base::DictionaryValue::Iterator it(*theme_images); !it.IsAtEnd();
360 it.Advance()) {
361 base::FilePath::StringType path;
362 if (it.value().GetAsString(&path))
363 image_paths.insert(base::FilePath(path));
367 const extensions::ActionInfo* page_action =
368 extensions::ActionInfo::GetPageActionInfo(extension);
369 if (page_action && !page_action->default_icon.empty())
370 page_action->default_icon.GetPaths(&image_paths);
372 const extensions::ActionInfo* browser_action =
373 extensions::ActionInfo::GetBrowserActionInfo(extension);
374 if (browser_action && !browser_action->default_icon.empty())
375 browser_action->default_icon.GetPaths(&image_paths);
377 return image_paths;
380 // static
381 ChromeExtensionsClient* ChromeExtensionsClient::GetInstance() {
382 return g_client.Pointer();
385 } // namespace extensions