search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Suppress tabs permission warning if there is already a browsingHistory warning.
[chromium-blink-merge.git] / chrome / common / extensions / chrome_extensions_client.cc
blob8bda78350df31f1238c48b1eef33d2f86fea62bf
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/chrome_extensions_client.h"
6
7 #include "apps/common/api/generated_schemas.h"
8 #include "base/command_line.h"
9 #include "chrome/common/chrome_version_info.h"
10 #include "chrome/common/extensions/api/generated_schemas.h"
11 #include "chrome/common/extensions/chrome_manifest_handlers.h"
12 #include "chrome/common/extensions/extension_constants.h"
13 #include "chrome/common/extensions/features/chrome_channel_feature_filter.h"
14 #include "chrome/common/extensions/features/feature_channel.h"
15 #include "chrome/common/url_constants.h"
16 #include "content/public/common/url_constants.h"
17 #include "extensions/common/api/generated_schemas.h"
18 #include "extensions/common/common_manifest_handlers.h"
19 #include "extensions/common/extension.h"
20 #include "extensions/common/features/base_feature_provider.h"
21 #include "extensions/common/manifest_constants.h"
22 #include "extensions/common/manifest_handler.h"
23 #include "extensions/common/permissions/api_permission_set.h"
24 #include "extensions/common/permissions/permission_message.h"
25 #include "extensions/common/switches.h"
26 #include "extensions/common/url_pattern.h"
27 #include "extensions/common/url_pattern_set.h"
28 #include "grit/generated_resources.h"
29 #include "ui/base/l10n/l10n_util.h"
30 #include "url/gurl.h"
31
32 namespace {
33 const char kThumbsWhiteListedExtension[] = "khopmbdjffemhegeeobelklnbglcdgfh";
34 } // namespace
35
36 namespace extensions {
37
38 static base::LazyInstance<ChromeExtensionsClient> g_client =
39 LAZY_INSTANCE_INITIALIZER;
40
41 ChromeExtensionsClient::ChromeExtensionsClient()
42 : chrome_api_permissions_(ChromeAPIPermissions()) {
43 }
44
45 ChromeExtensionsClient::~ChromeExtensionsClient() {
46 }
47
48 void ChromeExtensionsClient::Initialize() {
49 // Registration could already be finalized in unit tests, where the utility
50 // thread runs in-process.
51 if (!ManifestHandler::IsRegistrationFinalized()) {
52 RegisterCommonManifestHandlers();
53 RegisterChromeManifestHandlers();
54 ManifestHandler::FinalizeRegistration();
55 }
56
57 // Set up the scripting whitelist.
58 // Whitelist ChromeVox, an accessibility extension from Google that needs
59 // the ability to script webui pages. This is temporary and is not
60 // meant to be a general solution.
61 // TODO(dmazzoni): remove this once we have an extension API that
62 // allows any extension to request read-only access to webui pages.
63 scripting_whitelist_.push_back(extension_misc::kChromeVoxExtensionId);
64
65 // Whitelist "Discover DevTools Companion" extension from Google that
66 // needs the ability to script DevTools pages. Companion will assist
67 // online courses and will be needed while the online educational programs
68 // are in place.
69 scripting_whitelist_.push_back("angkfkebojeancgemegoedelbnjgcgme");
70 }
71
72 const PermissionsProvider&
73 ChromeExtensionsClient::GetPermissionsProvider() const {
74 return chrome_api_permissions_;
75 }
76
77 const PermissionMessageProvider&
78 ChromeExtensionsClient::GetPermissionMessageProvider() const {
79 return permission_message_provider_;
80 }
81
82 FeatureProvider* ChromeExtensionsClient::GetFeatureProviderByName(
83 const std::string& name) const {
84 return BaseFeatureProvider::GetByName(name);
85 }
86
87 void ChromeExtensionsClient::FilterHostPermissions(
88 const URLPatternSet& hosts,
89 URLPatternSet* new_hosts,
90 std::set<PermissionMessage>* messages) const {
91 for (URLPatternSet::const_iterator i = hosts.begin();
92 i != hosts.end(); ++i) {
93 // Filters out every URL pattern that matches chrome:// scheme.
94 if (i->scheme() == content::kChromeUIScheme) {
95 // chrome://favicon is the only URL for chrome:// scheme that we
96 // want to support. We want to deprecate the "chrome" scheme.
97 // We should not add any additional "host" here.
98 if (GURL(chrome::kChromeUIFaviconURL).host() != i->host())
99 continue;
100 messages->insert(PermissionMessage(
101 PermissionMessage::kFavicon,
102 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FAVICON)));
103 } else {
104 new_hosts->AddPattern(*i);
105 }
106 }
107 }
108
109 void ChromeExtensionsClient::SetScriptingWhitelist(
110 const ExtensionsClient::ScriptingWhitelist& whitelist) {
111 scripting_whitelist_ = whitelist;
112 }
113
114 const ExtensionsClient::ScriptingWhitelist&
115 ChromeExtensionsClient::GetScriptingWhitelist() const {
116 return scripting_whitelist_;
117 }
118
119 URLPatternSet ChromeExtensionsClient::GetPermittedChromeSchemeHosts(
120 const Extension* extension,
121 const APIPermissionSet& api_permissions) const {
122 URLPatternSet hosts;
123 // Regular extensions are only allowed access to chrome://favicon.
124 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
125 chrome::kChromeUIFaviconURL));
126
127 // Experimental extensions are also allowed chrome://thumb.
128 //
129 // TODO: A public API should be created for retrieving thumbnails.
130 // See http://crbug.com/222856. A temporary hack is implemented here to
131 // make chrome://thumbs available to NTP Russia extension as
132 // non-experimental.
133 if ((api_permissions.find(APIPermission::kExperimental) !=
134 api_permissions.end()) ||
135 (extension->id() == kThumbsWhiteListedExtension &&
136 extension->from_webstore())) {
137 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
138 chrome::kChromeUIThumbnailURL));
139 }
140 return hosts;
141 }
142
143 bool ChromeExtensionsClient::IsScriptableURL(
144 const GURL& url, std::string* error) const {
145 // The gallery is special-cased as a restricted URL for scripting to prevent
146 // access to special JS bindings we expose to the gallery (and avoid things
147 // like extensions removing the "report abuse" link).
148 // TODO(erikkay): This seems like the wrong test. Shouldn't we we testing
149 // against the store app extent?
150 GURL store_url(extension_urls::GetWebstoreLaunchURL());
151 if (url.host() == store_url.host()) {
152 if (error)
153 *error = manifest_errors::kCannotScriptGallery;
154 return false;
155 }
156 return true;
157 }
158
159 bool ChromeExtensionsClient::IsAPISchemaGenerated(
160 const std::string& name) const {
161 // Test from most common to least common.
162 return extensions::api::GeneratedSchemas::IsGenerated(name) ||
163 extensions::core_api::GeneratedSchemas::IsGenerated(name) ||
164 apps::api::GeneratedSchemas::IsGenerated(name);
165 }
166
167 base::StringPiece ChromeExtensionsClient::GetAPISchema(
168 const std::string& name) const {
169 // Test from most common to least common.
170 if (extensions::api::GeneratedSchemas::IsGenerated(name))
171 return extensions::api::GeneratedSchemas::Get(name);
172
173 if (extensions::core_api::GeneratedSchemas::IsGenerated(name))
174 return extensions::core_api::GeneratedSchemas::Get(name);
175
176 return apps::api::GeneratedSchemas::Get(name);
177 }
178
179 void ChromeExtensionsClient::AddExtraFeatureFilters(
180 SimpleFeature* feature) const {
181 feature->AddFilter(
182 scoped_ptr<SimpleFeatureFilter>(new ChromeChannelFeatureFilter(feature)));
183 }
184
185 bool ChromeExtensionsClient::ShouldSuppressFatalErrors() const {
186 // <= dev means dev, canary, and trunk.
187 return GetCurrentChannel() <= chrome::VersionInfo::CHANNEL_DEV;
188 }
189
190 // static
191 ChromeExtensionsClient* ChromeExtensionsClient::GetInstance() {
192 return g_client.Pointer();
193 }
194
195 } // namespace extensions