1f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 2c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// found in the LICENSE file. 4c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 5f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "extensions/common/manifest_handlers/sandboxed_page_info.h" 6c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 7c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/lazy_instance.h" 8c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 9868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/string_number_conversions.h" 10868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles)#include "base/strings/utf_string_conversions.h" 11c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/values.h" 12f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "extensions/common/csp_validator.h" 13c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "extensions/common/error_utils.h" 14d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)#include "extensions/common/manifest_constants.h" 15c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "extensions/common/url_pattern.h" 16c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 17c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)namespace extensions { 18c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 19c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)namespace { 20c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 213551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)namespace keys = extensions::manifest_keys; 22d0247b1b59f9c528cb6df88b4f2b9afaf80d181eTorne (Richard Coles)namespace errors = manifest_errors; 23c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 24c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const char kDefaultSandboxedPageContentSecurityPolicy[] = 25c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) "sandbox allow-scripts allow-forms allow-popups"; 26c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 27c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)static base::LazyInstance<SandboxedPageInfo> g_empty_sandboxed_info = 28c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) LAZY_INSTANCE_INITIALIZER; 29c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 30c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const SandboxedPageInfo& GetSandboxedPageInfo(const Extension* extension) { 31c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) SandboxedPageInfo* info = static_cast<SandboxedPageInfo*>( 32c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) extension->GetManifestData(keys::kSandboxedPages)); 33c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return info ? *info : g_empty_sandboxed_info.Get(); 34c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 35c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 36c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} // namespace 37c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 38c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)SandboxedPageInfo::SandboxedPageInfo() { 39c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 40c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 41c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)SandboxedPageInfo::~SandboxedPageInfo() { 42c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 43c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 44c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const std::string& SandboxedPageInfo::GetContentSecurityPolicy( 45c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const Extension* extension) { 46c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return GetSandboxedPageInfo(extension).content_security_policy; 47c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 48c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 49c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const URLPatternSet& SandboxedPageInfo::GetPages(const Extension* extension) { 50c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return GetSandboxedPageInfo(extension).pages; 51c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 52c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 53c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)bool SandboxedPageInfo::IsSandboxedPage(const Extension* extension, 54c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const std::string& relative_path) { 55c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return extension->ResourceMatches(GetPages(extension), relative_path); 56c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 57c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 58c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)SandboxedPageHandler::SandboxedPageHandler() { 59c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 60c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 61c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)SandboxedPageHandler::~SandboxedPageHandler() { 62c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 63c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)bool SandboxedPageHandler::Parse(Extension* extension, base::string16* error) { 65c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<SandboxedPageInfo> sandboxed_info(new SandboxedPageInfo); 66c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 67c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const base::ListValue* list_value = NULL; 68c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (!extension->manifest()->GetList(keys::kSandboxedPages, &list_value)) { 695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidSandboxedPagesList); 70c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return false; 71c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 72c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 73c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) for (size_t i = 0; i < list_value->GetSize(); ++i) { 74c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) std::string relative_path; 75c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (!list_value->GetString(i, &relative_path)) { 76c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) *error = ErrorUtils::FormatErrorMessageUTF16( 77c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) errors::kInvalidSandboxedPage, base::IntToString(i)); 78c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return false; 79c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 80c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) URLPattern pattern(URLPattern::SCHEME_EXTENSION); 81c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (pattern.Parse(extension->url().spec()) != URLPattern::PARSE_SUCCESS) { 82c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) *error = ErrorUtils::FormatErrorMessageUTF16( 83c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) errors::kInvalidURLPatternError, extension->url().spec()); 84c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return false; 85c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 86c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) while (relative_path[0] == '/') 87c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) relative_path = relative_path.substr(1, relative_path.length() - 1); 88c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) pattern.SetPath(pattern.path() + relative_path); 89c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) sandboxed_info->pages.AddPattern(pattern); 90c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 91c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 92c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (extension->manifest()->HasPath(keys::kSandboxedPagesCSP)) { 93c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (!extension->manifest()->GetString( 94c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) keys::kSandboxedPagesCSP, 95c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) &sandboxed_info->content_security_policy)) { 965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); 97c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return false; 98c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 99c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 100c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) if (!csp_validator::ContentSecurityPolicyIsLegal( 101c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) sandboxed_info->content_security_policy) || 102c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) !csp_validator::ContentSecurityPolicyIsSandboxed( 103c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) sandboxed_info->content_security_policy, extension->GetType())) { 1045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) *error = base::ASCIIToUTF16(errors::kInvalidSandboxedPagesCSP); 105c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return false; 106c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 107c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } else { 108c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) sandboxed_info->content_security_policy = 109c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) kDefaultSandboxedPageContentSecurityPolicy; 110c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) CHECK(csp_validator::ContentSecurityPolicyIsSandboxed( 111c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) sandboxed_info->content_security_policy, extension->GetType())); 112c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) } 113c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 114c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) extension->SetManifestData(keys::kSandboxedPages, sandboxed_info.release()); 115c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return true; 116c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 117c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 118c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)const std::vector<std::string> SandboxedPageHandler::Keys() const { 119c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) return SingleKey(keys::kSandboxedPages); 120c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 121c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 122c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} // namespace extensions 123