angler-fishThe Vulnerability History Project

Refactored extension privilege enumeration and implemented URLPattern comparisons.

      This will allow checks on per origin extension resource access. Added origin
check when loading extension resources. 

BUG=45876
TEST=ExtensionTest.IsPrivilegeIncrease 
TEST=ExtensionTest.EffectiveHostPermissions
TEST=ExtensionBrowserTest.OriginPrivileges

Review URL: http://codereview.chromium.org/2808051

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@55103 0039d316-1c4b-4281-b951-d872f2087c98
by Joy the Zorse 2010-08-05 18:28:48 UTC
commit 8b3b54b44077ab0006038a2c785fe5c5072ecae0
Chromium Fix CVE-2010-3250
chrome/browser/extensions/extension_browsertests_misc.cc
-28
chrome/browser/extensions/extension_install_ui.cc
+9 -11
chrome/browser/extensions/extension_protocols.cc
+4 -16
chrome/browser/net/chrome_url_request_context.cc
-12
chrome/browser/net/chrome_url_request_context.h
+4 -13
chrome/browser/profile_impl.cc
-1
chrome/common/extensions/extension.cc
+13 -14
chrome/common/extensions/extension.h
+1 -1
chrome/common/extensions/extension_unittest.cc
+28 -30
chrome/common/extensions/url_pattern.h
-16
chrome/test/data/extensions/origin_privileges/extension/manifest.json
-7
chrome/test/data/extensions/origin_privileges/extension/test.png
chrome/test/data/extensions/origin_privileges/index.html
-3
expand_less