Currently, extension host withholding logic only applies to <all_urls> (or <all_urls>-like hosts). Instead, we should apply this to all host permissions.
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ff97e928519a4da6843efe2f47483d03c4b541a4 commit ff97e928519a4da6843efe2f47483d03c4b541a4 Author: Devlin Cronin <rdevlin.cronin@chromium.org> Date: Fri Jun 01 06:51:07 2018 [Extensions Click-to-Script] Rename AllowOnAllUrls -> WithholdAllUrls Rename ScriptingPermissionsModifier::AllowOnAllUrls() and ScriptingPermissionsModifier::IsAllowedOnAllUrls() to WithholdAllUrls() and HasWithheldAllUrls(). This is in preparation for withholding more host permissions than just the <all_urls>-style permissions, where these can be named WithholdHostPermissions() and HasWithheldHostPermissions(). For reviewing ease, pulling this part out (since it's just flipping boolean logic). Note that for backwards compatibility, the pref remains the same, and we swap its value once it's read. Bug: 848448 Change-Id: I900c40f8107e822b33fa06e567a9525224169224 Reviewed-on: https://chromium-review.googlesource.com/1081427 Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Cr-Commit-Position: refs/heads/master@{#563553} [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/api/developer_private/developer_private_api.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/api/developer_private/developer_private_api_unittest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/api/developer_private/extension_info_generator.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/api/developer_private/extension_info_generator_unittest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/api/web_request/web_request_apitest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/extension_action_runner_browsertest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/extension_action_runner_unittest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/extension_context_menu_model.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/extension_context_menu_model_unittest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/permissions_updater_unittest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/scripting_permissions_modifier.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/scripting_permissions_modifier.h [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/extensions/scripting_permissions_modifier_unittest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/ui/extensions/blocked_action_bubble_browsertest.cc [modify] https://crrev.com/ff97e928519a4da6843efe2f47483d03c4b541a4/chrome/browser/ui/toolbar/browser_actions_bar_browsertest.cc
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/e90eacfa3026f3c473fdd15ec691de842942bc80 commit e90eacfa3026f3c473fdd15ec691de842942bc80 Author: Devlin Cronin <rdevlin.cronin@chromium.org> Date: Thu Jun 07 17:23:45 2018 [Extensions Click-to-Script] Introduce Runtime-Granted Permissions Introduce a set of runtime-granted permissions to keep track of all permissions that were granted at runtime (rather than at install-time). This includes optional permissions, as well as permissions granted with the runtime host permissions feature. Add support in ExtensionPrefs, and add/remove permissions through PermissionsUpdater::AddPermissions and PermissionsUpdater::RemovePermissions, which are only used for runtime permissions. Add unittests for storing the permissions in prefs, and updating them via the PermissionsUpdater and the ScriptingPermissionsModifier (used with the runtime host permissions feature). Bug: 848448 Change-Id: I57377d367e28c3738825e794dd7847137eae004c Reviewed-on: https://chromium-review.googlesource.com/1086067 Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Cr-Commit-Position: refs/heads/master@{#565318} [modify] https://crrev.com/e90eacfa3026f3c473fdd15ec691de842942bc80/chrome/browser/extensions/extension_prefs_unittest.cc [modify] https://crrev.com/e90eacfa3026f3c473fdd15ec691de842942bc80/chrome/browser/extensions/permissions_updater.cc [modify] https://crrev.com/e90eacfa3026f3c473fdd15ec691de842942bc80/chrome/browser/extensions/permissions_updater.h [modify] https://crrev.com/e90eacfa3026f3c473fdd15ec691de842942bc80/chrome/browser/extensions/permissions_updater_unittest.cc [modify] https://crrev.com/e90eacfa3026f3c473fdd15ec691de842942bc80/chrome/browser/extensions/scripting_permissions_modifier_unittest.cc [modify] https://crrev.com/e90eacfa3026f3c473fdd15ec691de842942bc80/extensions/browser/extension_prefs.cc [modify] https://crrev.com/e90eacfa3026f3c473fdd15ec691de842942bc80/extensions/browser/extension_prefs.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c583070dcf8466d68d0216521f7e4962ed886fd7 commit c583070dcf8466d68d0216521f7e4962ed886fd7 Author: Devlin Cronin <rdevlin.cronin@chromium.org> Date: Tue Jul 03 00:26:16 2018 [Extensions Click-to-Script] Withhold any/all host permissions Adjust the runtime host permissions feature to withhold any host permission requested by the extension, rather than just the <all_urls> and all-hosts style permissions. Update browser and unit tests with the new expectations. Bug: 848448 Change-Id: I7c152d7a901bcb23515b6245dce94e1eedf756d7 Reviewed-on: https://chromium-review.googlesource.com/1083415 Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Cr-Commit-Position: refs/heads/master@{#572052} [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/active_tab_permission_granter.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/api/developer_private/developer_private_api.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/api/developer_private/developer_private_api_unittest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/api/developer_private/extension_info_generator.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/api/developer_private/extension_info_generator_unittest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/api/web_request/web_request_apitest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/extension_action_runner_browsertest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/extension_action_runner_unittest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/extension_context_menu_model.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/extension_context_menu_model_unittest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/permissions_updater_unittest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/scripting_permissions_modifier.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/scripting_permissions_modifier.h [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/extensions/scripting_permissions_modifier_unittest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/ui/extensions/blocked_action_bubble_browsertest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/chrome/browser/ui/toolbar/browser_actions_bar_browsertest.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/extensions/common/permissions/permissions_data.cc [modify] https://crrev.com/c583070dcf8466d68d0216521f7e4962ed886fd7/extensions/common/permissions/permissions_data.h
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5218d262e9f8a1facfa2ba3a3577bd120abe1e72 commit 5218d262e9f8a1facfa2ba3a3577bd120abe1e72 Author: Devlin Cronin <rdevlin.cronin@chromium.org> Date: Mon Jul 09 20:18:05 2018 [Extensions Click-to-Script] Separate optional/runtime permission granting The PermissionsUpdater is responsible for updating permissions for both granted optional permissions and runtime-granted permissions (and for revoking permissions from each set). However, there are some subtle distinctions between these sets - optional permissions affect both granted and runtime-granted permission sets in preferences, whereas runtime-granted permissions only affect runtime-granted permissions. This is intentional in order to help isolate the experimental behavior for runtime host permissions. In order to properly isolate (and better document) these sets, introduce separate methods for granting/revoking optional permissions and granting/revoking runtime permissions. Update callers and tests to use the new methods, and add more test coverage to ensure that adding optional permissions affects both runtime-granted and granted permissions, whereas granting/revoking withheld permissions only affects runtime-granted permissions. Bug: 848448 TBR=atwilson@chromium.org (simple method rename in c/b/background) Change-Id: I05ac756ca87eb60cbb1a461f6d5384bcec7da15a Reviewed-on: https://chromium-review.googlesource.com/1124876 Reviewed-by: Devlin <rdevlin.cronin@chromium.org> Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Cr-Commit-Position: refs/heads/master@{#573427} [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/background/background_application_list_model_unittest.cc [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/extensions/api/permissions/permissions_api.cc [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/extensions/extension_service_unittest.cc [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/extensions/permission_messages_unittest.cc [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/extensions/permissions_updater.cc [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/extensions/permissions_updater.h [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/extensions/permissions_updater_unittest.cc [modify] https://crrev.com/5218d262e9f8a1facfa2ba3a3577bd120abe1e72/chrome/browser/extensions/scripting_permissions_modifier.cc
Comment 1 by bugdroid1@chromium.org
, Jun 1 2018