chrome/common/extensions/chrome_extensions_client.cc - platform/external/chromium_org - Git at Google

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "chrome/common/extensions/chrome_extensions_client.h"

 #include "chrome/common/extensions/chrome_manifest_handlers.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_constants.h"
 #include "chrome/common/extensions/features/base_feature_provider.h"
 #include "chrome/common/url_constants.h"
 #include "content/public/common/url_constants.h"
 #include "extensions/common/permissions/api_permission_set.h"
 #include "extensions/common/permissions/permission_message.h"
 #include "extensions/common/url_pattern.h"
 #include "extensions/common/url_pattern_set.h"
 #include "grit/generated_resources.h"
 #include "ui/base/l10n/l10n_util.h"
 #include "url/gurl.h"

 namespace {
 const char kThumbsWhiteListedExtension[] = "khopmbdjffemhegeeobelklnbglcdgfh";
 }  // namespace

 namespace extensions {

 static base::LazyInstance<ChromeExtensionsClient> g_client =
     LAZY_INSTANCE_INITIALIZER;

 ChromeExtensionsClient::ChromeExtensionsClient()
     :  chrome_api_permissions_(ChromeAPIPermissions()) {
 }

 ChromeExtensionsClient::~ChromeExtensionsClient() {
 }

 void ChromeExtensionsClient::Initialize() {
   RegisterChromeManifestHandlers();

   // Set up the scripting whitelist.
   // Whitelist ChromeVox, an accessibility extension from Google that needs
   // the ability to script webui pages. This is temporary and is not
   // meant to be a general solution.
   // TODO(dmazzoni): remove this once we have an extension API that
   // allows any extension to request read-only access to webui pages.
   scripting_whitelist_.push_back(extension_misc::kChromeVoxExtensionId);

   // Whitelist "Discover DevTools Companion" extension from Google that
   // needs the ability to script DevTools pages. Companion will assist
   // online courses and will be needed while the online educational programs
   // are in place.
   scripting_whitelist_.push_back("angkfkebojeancgemegoedelbnjgcgme");
 }

 const PermissionsProvider&
 ChromeExtensionsClient::GetPermissionsProvider() const {
   return chrome_api_permissions_;
 }

 const PermissionMessageProvider&
 ChromeExtensionsClient::GetPermissionMessageProvider() const {
   return permission_message_provider_;
 }

 FeatureProvider* ChromeExtensionsClient::GetFeatureProviderByName(
     const std::string& name) const {
   return BaseFeatureProvider::GetByName(name);
 }

 void ChromeExtensionsClient::FilterHostPermissions(
     const URLPatternSet& hosts,
     URLPatternSet* new_hosts,
     std::set<PermissionMessage>* messages) const {
   for (URLPatternSet::const_iterator i = hosts.begin();
        i != hosts.end(); ++i) {
     // Filters out every URL pattern that matches chrome:// scheme.
     if (i->scheme() == chrome::kChromeUIScheme) {
       // chrome://favicon is the only URL for chrome:// scheme that we
       // want to support. We want to deprecate the "chrome" scheme.
       // We should not add any additional "host" here.
       if (GURL(chrome::kChromeUIFaviconURL).host() != i->host())
         continue;
       messages->insert(PermissionMessage(
           PermissionMessage::kFavicon,
           l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FAVICON)));
     } else {
       new_hosts->AddPattern(*i);
     }
   }
 }

 void ChromeExtensionsClient::SetScriptingWhitelist(
     const ExtensionsClient::ScriptingWhitelist& whitelist) {
   scripting_whitelist_ = whitelist;
 }

 const ExtensionsClient::ScriptingWhitelist&
 ChromeExtensionsClient::GetScriptingWhitelist() const {
   return scripting_whitelist_;
 }

 URLPatternSet ChromeExtensionsClient::GetPermittedChromeSchemeHosts(
       const Extension* extension,
       const APIPermissionSet& api_permissions) const {
   URLPatternSet hosts;
   // Regular extensions are only allowed access to chrome://favicon.
   hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
                               chrome::kChromeUIFaviconURL));

   // Experimental extensions are also allowed chrome://thumb.
   //
   // TODO: A public API should be created for retrieving thumbnails.
   // See http://crbug.com/222856. A temporary hack is implemented here to
   // make chrome://thumbs available to NTP Russia extension as
   // non-experimental.
   if ((api_permissions.find(APIPermission::kExperimental) !=
        api_permissions.end()) ||
       (extension->id() == kThumbsWhiteListedExtension &&
        extension->from_webstore())) {
     hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
                                 chrome::kChromeUIThumbnailURL));
   }
   return hosts;
 }

 // static
 ChromeExtensionsClient* ChromeExtensionsClient::GetInstance() {
   return g_client.Pointer();
 }

 }  // namespace extensions
	// Copyright 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "chrome/common/extensions/chrome_extensions_client.h"

	#include "chrome/common/extensions/chrome_manifest_handlers.h"
	#include "chrome/common/extensions/extension.h"
	#include "chrome/common/extensions/extension_constants.h"
	#include "chrome/common/extensions/features/base_feature_provider.h"
	#include "chrome/common/url_constants.h"
	#include "content/public/common/url_constants.h"
	#include "extensions/common/permissions/api_permission_set.h"
	#include "extensions/common/permissions/permission_message.h"
	#include "extensions/common/url_pattern.h"
	#include "extensions/common/url_pattern_set.h"
	#include "grit/generated_resources.h"
	#include "ui/base/l10n/l10n_util.h"
	#include "url/gurl.h"

	namespace {
	const char kThumbsWhiteListedExtension[] = "khopmbdjffemhegeeobelklnbglcdgfh";
	} // namespace

	namespace extensions {

	static base::LazyInstance<ChromeExtensionsClient> g_client =
	LAZY_INSTANCE_INITIALIZER;

	ChromeExtensionsClient::ChromeExtensionsClient()
	: chrome_api_permissions_(ChromeAPIPermissions()) {
	}

	ChromeExtensionsClient::~ChromeExtensionsClient() {
	}

	void ChromeExtensionsClient::Initialize() {
	RegisterChromeManifestHandlers();

	// Set up the scripting whitelist.
	// Whitelist ChromeVox, an accessibility extension from Google that needs
	// the ability to script webui pages. This is temporary and is not
	// meant to be a general solution.
	// TODO(dmazzoni): remove this once we have an extension API that
	// allows any extension to request read-only access to webui pages.
	scripting_whitelist_.push_back(extension_misc::kChromeVoxExtensionId);

	// Whitelist "Discover DevTools Companion" extension from Google that
	// needs the ability to script DevTools pages. Companion will assist
	// online courses and will be needed while the online educational programs
	// are in place.
	scripting_whitelist_.push_back("angkfkebojeancgemegoedelbnjgcgme");
	}

	const PermissionsProvider&
	ChromeExtensionsClient::GetPermissionsProvider() const {
	return chrome_api_permissions_;
	}

	const PermissionMessageProvider&
	ChromeExtensionsClient::GetPermissionMessageProvider() const {
	return permission_message_provider_;
	}

	FeatureProvider* ChromeExtensionsClient::GetFeatureProviderByName(
	const std::string& name) const {
	return BaseFeatureProvider::GetByName(name);
	}

	void ChromeExtensionsClient::FilterHostPermissions(
	const URLPatternSet& hosts,
	URLPatternSet* new_hosts,
	std::set<PermissionMessage>* messages) const {
	for (URLPatternSet::const_iterator i = hosts.begin();
	i != hosts.end(); ++i) {
	// Filters out every URL pattern that matches chrome:// scheme.
	if (i->scheme() == chrome::kChromeUIScheme) {
	// chrome://favicon is the only URL for chrome:// scheme that we
	// want to support. We want to deprecate the "chrome" scheme.
	// We should not add any additional "host" here.
	if (GURL(chrome::kChromeUIFaviconURL).host() != i->host())
	continue;
	messages->insert(PermissionMessage(
	PermissionMessage::kFavicon,
	l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_FAVICON)));
	} else {
	new_hosts->AddPattern(*i);
	}
	}
	}

	void ChromeExtensionsClient::SetScriptingWhitelist(
	const ExtensionsClient::ScriptingWhitelist& whitelist) {
	scripting_whitelist_ = whitelist;
	}

	const ExtensionsClient::ScriptingWhitelist&
	ChromeExtensionsClient::GetScriptingWhitelist() const {
	return scripting_whitelist_;
	}

	URLPatternSet ChromeExtensionsClient::GetPermittedChromeSchemeHosts(
	const Extension* extension,
	const APIPermissionSet& api_permissions) const {
	URLPatternSet hosts;
	// Regular extensions are only allowed access to chrome://favicon.
	hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
	chrome::kChromeUIFaviconURL));

	// Experimental extensions are also allowed chrome://thumb.
	//
	// TODO: A public API should be created for retrieving thumbnails.
	// See http://crbug.com/222856. A temporary hack is implemented here to
	// make chrome://thumbs available to NTP Russia extension as
	// non-experimental.
	if ((api_permissions.find(APIPermission::kExperimental) !=
	api_permissions.end()) \|\|
	(extension->id() == kThumbsWhiteListedExtension &&
	extension->from_webstore())) {
	hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
	chrome::kChromeUIThumbnailURL));
	}
	return hosts;
	}

	// static
	ChromeExtensionsClient* ChromeExtensionsClient::GetInstance() {
	return g_client.Pointer();
	}

	} // namespace extensions