Google Git
Sign in
chromium / chromium / src / 641d9f92deb4d62a4e56fc8f5e28418682e6f475
commit641d9f92deb4d62a4e56fc8f5e28418682e6f475[log] [tgz]
authormihaip@chromium.org <mihaip@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>Fri May 27 23:45:31 2011
committermihaip@chromium.org <mihaip@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>Fri May 27 23:45:31 2011
tree20a73a2b619b5beb1fd1966158e561957aabfcf3
parent8924e43f11f96da64056fa9897e85e825204bc31 [diff]
Use WebFrame::setIsolatedWorldSecurityOrigin to allow cross-origin XHRs in content scripts.

http://trac.webkit.org/changeset/87423 adds the ability to associated a security origin with
an isolated world. Use that to make content script isolated worlds use the extension's
origin, and whitelist that origin in the page's renderer process for the host permissions
in the manifest.

BUG=18857
TEST=no
R=mpcomplete@chromium.org

Review URL: http://codereview.chromium.org/7071025

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@87114 0039d316-1c4b-4281-b951-d872f2087c98
11 files changed
tree: 20a73a2b619b5beb1fd1966158e561957aabfcf3
  1. app/
  2. base/
  3. breakpad/
  4. build/
  5. chrome/
  6. chrome_frame/
  7. cloud_print/
  8. content/
  9. courgette/
  10. crypto/
  11. google_update/
  12. gpu/
  13. ipc/
  14. jingle/
  15. media/
  16. net/
  17. ppapi/
  18. printing/
  19. remoting/
  20. sandbox/
  21. sdch/
  22. skia/
  23. testing/
  24. third_party/
  25. tools/
  26. ui/
  27. views/
  28. webkit/
  29. .gitignore
  30. AUTHORS
  31. codereview.settings
  32. DEPS
  33. LICENSE
  34. OWNERS
  35. PRESUBMIT.py
  36. WATCHLISTS