Google Git
Sign in
chromium / chromium / src / 7a33a5423fd1e6beab05c08cae24a6fc9dee2999
commit7a33a5423fd1e6beab05c08cae24a6fc9dee2999[log] [tgz]
authorKaran Bhatia <karandeepb@chromium.org>Thu Apr 05 00:41:12 2018
committerCommit Bot <commit-bot@chromium.org>Thu Apr 05 00:41:12 2018
tree3179eba34cc2412c65f07d971db74343801954e1
parent8dbfcb6298b91627b3f545f7dc35f85376764250 [diff]
Extensions: Gate activeTab with file urls on having explicit file access.

When an extension is granted tab permission using activeTab (in response to say
clicking on its browser action), the extension is granted permission to the
tab's origin for the duration of the tab lifetime.

When this happens for a tab with a file url loaded, the extension gets
permission to the file scheme on the tab. This allows, for example, the
extension to read the contents of the page using apis like
chrome.tabs.executeScript. For file urls, this is not ideal since this does not
respect the "Allow access to file URLs" extension setting.

This CL changes this behavior, gating the access to the file scheme on the tab,
on the extension having explicit file access. This CL also adds extensive test
coverage for the behavior of tabs.executeScript on pages with file urls loaded
into them.

BUG=816685

Change-Id: I9175bb1883006fe594a93262c6825a962c285037
Reviewed-on: https://chromium-review.googlesource.com/994264
Commit-Queue: Karan Bhatia <karandeepb@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#548269}
6 files changed
tree: 3179eba34cc2412c65f07d971db74343801954e1
  1. android_webview/
  2. apps/
  3. ash/
  4. base/
  5. blink/
  6. build/
  7. build_overrides/
  8. cc/
  9. chrome/
  10. chrome_cleaner/
  11. chrome_elf/
  12. chromecast/
  13. chromeos/
  14. cloud_print/
  15. components/
  16. content/
  17. courgette/
  18. crypto/
  19. dbus/
  20. device/
  21. docs/
  22. extensions/
  23. gin/
  24. google_apis/
  25. google_update/
  26. gpu/
  27. headless/
  28. infra/
  29. ios/
  30. ipc/
  31. jingle/
  32. mash/
  33. media/
  34. mojo/
  35. native_client_sdk/
  36. net/
  37. notification_helper/
  38. pdf/
  39. ppapi/
  40. printing/
  41. remoting/
  42. rlz/
  43. sandbox/
  44. services/
  45. skia/
  46. sql/
  47. storage/
  48. styleguide/
  49. testing/
  50. third_party/
  51. tools/
  52. ui/
  53. url/
  54. webrunner/
  55. .clang-format
  56. .eslintrc.js
  57. .git-blame-ignore-revs
  58. .gitattributes
  59. .gitignore
  60. .gn
  61. .vpython
  62. AUTHORS
  63. BUILD.gn
  64. CODE_OF_CONDUCT.md
  65. codereview.settings
  66. DEPS
  67. ENG_REVIEW_OWNERS
  68. LICENSE
  69. LICENSE.chromium_os
  70. OWNERS
  71. PRESUBMIT.py
  72. PRESUBMIT_test.py
  73. PRESUBMIT_test_mocks.py
  74. README.md
  75. WATCHLISTS
README.md

Logo Chromium

Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web.

The project's web site is https://www.chromium.org.

Documentation in the source is rooted in docs/README.md.

Learn how to Get Around the Chromium Source Code Directory Structure .