electron/shell/browser/extensions/api/tabs/tabs_api.cc
2020-02-04 12:19:40 -08:00

133 lines
4.6 KiB
C++

// Copyright (c) 2019 Slack Technologies, Inc.
// Use of this source code is governed by the MIT license that can be
// found in the LICENSE file.
#include "shell/browser/extensions/api/tabs/tabs_api.h"
#include <memory>
#include <utility>
#include "extensions/browser/extension_api_frame_id_map.h"
#include "extensions/common/error_utils.h"
#include "extensions/common/manifest_constants.h"
#include "extensions/common/permissions/permissions_data.h"
#include "shell/browser/api/electron_api_web_contents.h"
namespace extensions {
const char kFrameNotFoundError[] = "No frame with id * in tab *.";
using api::extension_types::InjectDetails;
ExecuteCodeInTabFunction::ExecuteCodeInTabFunction() : execute_tab_id_(-1) {}
ExecuteCodeInTabFunction::~ExecuteCodeInTabFunction() {}
ExecuteCodeFunction::InitResult ExecuteCodeInTabFunction::Init() {
if (init_result_)
return init_result_.value();
// |tab_id| is optional so it's ok if it's not there.
int tab_id = -1;
if (args_->GetInteger(0, &tab_id) && tab_id < 0)
return set_init_result(VALIDATION_FAILURE);
// |details| are not optional.
base::DictionaryValue* details_value = NULL;
if (!args_->GetDictionary(1, &details_value))
return set_init_result(VALIDATION_FAILURE);
std::unique_ptr<InjectDetails> details(new InjectDetails());
if (!InjectDetails::Populate(*details_value, details.get()))
return set_init_result(VALIDATION_FAILURE);
if (tab_id == -1) {
// There's no useful concept of a "default tab" in Electron.
// TODO(nornagon): we could potentially kick this to an event to allow the
// app to decide what "default tab" means for them?
return set_init_result(VALIDATION_FAILURE);
}
execute_tab_id_ = tab_id;
details_ = std::move(details);
set_host_id(HostID(HostID::EXTENSIONS, extension()->id()));
return set_init_result(SUCCESS);
}
bool ExecuteCodeInTabFunction::CanExecuteScriptOnPage(std::string* error) {
// If |tab_id| is specified, look for the tab. Otherwise default to selected
// tab in the current window.
CHECK_GE(execute_tab_id_, 0);
auto* contents = electron::api::WebContents::FromWeakMapID(
v8::Isolate::GetCurrent(), execute_tab_id_);
if (!contents) {
return false;
}
int frame_id = details_->frame_id ? *details_->frame_id
: ExtensionApiFrameIdMap::kTopFrameId;
content::RenderFrameHost* rfh =
ExtensionApiFrameIdMap::GetRenderFrameHostById(contents->web_contents(),
frame_id);
if (!rfh) {
*error = ErrorUtils::FormatErrorMessage(
kFrameNotFoundError, base::NumberToString(frame_id),
base::NumberToString(execute_tab_id_));
return false;
}
// Content scripts declared in manifest.json can access frames at about:-URLs
// if the extension has permission to access the frame's origin, so also allow
// programmatic content scripts at about:-URLs for allowed origins.
GURL effective_document_url(rfh->GetLastCommittedURL());
bool is_about_url = effective_document_url.SchemeIs(url::kAboutScheme);
if (is_about_url && details_->match_about_blank &&
*details_->match_about_blank) {
effective_document_url = GURL(rfh->GetLastCommittedOrigin().Serialize());
}
if (!effective_document_url.is_valid()) {
// Unknown URL, e.g. because no load was committed yet. Allow for now, the
// renderer will check again and fail the injection if needed.
return true;
}
// NOTE: This can give the wrong answer due to race conditions, but it is OK,
// we check again in the renderer.
if (!extension()->permissions_data()->CanAccessPage(effective_document_url,
execute_tab_id_, error)) {
if (is_about_url &&
extension()->permissions_data()->active_permissions().HasAPIPermission(
APIPermission::kTab)) {
*error = ErrorUtils::FormatErrorMessage(
manifest_errors::kCannotAccessAboutUrl,
rfh->GetLastCommittedURL().spec(),
rfh->GetLastCommittedOrigin().Serialize());
}
return false;
}
return true;
}
ScriptExecutor* ExecuteCodeInTabFunction::GetScriptExecutor(
std::string* error) {
auto* contents = electron::api::WebContents::FromWeakMapID(
v8::Isolate::GetCurrent(), execute_tab_id_);
if (!contents)
return nullptr;
return contents->script_executor();
}
bool ExecuteCodeInTabFunction::IsWebView() const {
return false;
}
const GURL& ExecuteCodeInTabFunction::GetWebViewSrc() const {
return GURL::EmptyGURL();
}
bool TabsExecuteScriptFunction::ShouldInsertCSS() const {
return false;
}
} // namespace extensions