1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef EXTENSIONS_COMMON_EXTENSIONS_CLIENT_H_
6#define EXTENSIONS_COMMON_EXTENSIONS_CLIENT_H_
7
8#include <memory>
9#include <set>
10#include <string>
11#include <vector>
12
13#include "base/strings/string_piece.h"
14#include "extensions/common/permissions/api_permission_set.h"
15#include "services/network/public/mojom/cors_origin_pattern.mojom-forward.h"
16
17class GURL;
18
19namespace base {
20class CommandLine;
21class FilePath;
22}
23
24namespace extensions {
25
26class APIPermissionSet;
27class Extension;
28class ExtensionsAPIProvider;
29class FeatureProvider;
30class JSONFeatureProviderSource;
31class PermissionMessageProvider;
32class URLPatternSet;
33
34// Sets up global state for the extensions system. Should be Set() once in each
35// process. This should be implemented by the client of the extensions system.
36class ExtensionsClient {
37 public:
38 typedef std::vector<std::string> ScriptingWhitelist;
39
40 // Return the extensions client.
41 static ExtensionsClient* Get();
42
43 // Initialize the extensions system with this extensions client.
44 static void Set(ExtensionsClient* client);
45
46 ExtensionsClient();
47 virtual ~ExtensionsClient();
48
49 // Create a FeatureProvider for a specific feature type, e.g. "permission".
50 std::unique_ptr<FeatureProvider> CreateFeatureProvider(
51 const std::string& name) const;
52
53 // Returns the dictionary of the API features json file.
54 // TODO(devlin): We should find a way to remove this.
55 std::unique_ptr<JSONFeatureProviderSource> CreateAPIFeatureSource() const;
56
57 // Returns true iff a schema named |name| is generated.
58 bool IsAPISchemaGenerated(const std::string& name) const;
59
60 // Gets the generated API schema named |name|.
61 base::StringPiece GetAPISchema(const std::string& name) const;
62
63 // Adds a new API provider.
64 void AddAPIProvider(std::unique_ptr<ExtensionsAPIProvider> provider);
65
66 //////////////////////////////////////////////////////////////////////////////
67 // Virtual Functions:
68
69 // Initializes global state. Not done in the constructor because unit tests
70 // can create additional ExtensionsClients because the utility thread runs
71 // in-process.
72 virtual void Initialize() = 0;
73
74 // Initializes web store URLs.
75 // Default values could be overriden with command line.
76 virtual void InitializeWebStoreUrls(base::CommandLine* command_line) = 0;
77
78 // Returns the global PermissionMessageProvider to use to provide permission
79 // warning strings.
80 virtual const PermissionMessageProvider& GetPermissionMessageProvider()
81 const = 0;
82
83 // Returns the application name. For example, "Chromium" or "app_shell".
84 virtual const std::string GetProductName() = 0;
85
86 // Takes the list of all hosts and filters out those with special
87 // permission strings. Adds the regular hosts to |new_hosts|,
88 // and adds any additional permissions to |permissions|.
89 // TODO(sashab): Split this function in two: One to filter out ignored host
90 // permissions, and one to get permissions for the given hosts.
91 virtual void FilterHostPermissions(const URLPatternSet& hosts,
92 URLPatternSet* new_hosts,
93 PermissionIDSet* permissions) const = 0;
94
95 // Replaces the scripting whitelist with |whitelist|. Used in the renderer;
96 // only used for testing in the browser process.
97 virtual void SetScriptingWhitelist(const ScriptingWhitelist& whitelist) = 0;
98
99 // Return the whitelist of extensions that can run content scripts on
100 // any origin.
101 virtual const ScriptingWhitelist& GetScriptingWhitelist() const = 0;
102
103 // Get the set of chrome:// hosts that |extension| can have host permissions
104 // for.
105 virtual URLPatternSet GetPermittedChromeSchemeHosts(
106 const Extension* extension,
107 const APIPermissionSet& api_permissions) const = 0;
108
109 // Returns false if content scripts are forbidden from running on |url|.
110 virtual bool IsScriptableURL(const GURL& url, std::string* error) const = 0;
111
112 // Determines if certain fatal extensions errors should be surpressed
113 // (i.e., only logged) or allowed (i.e., logged before crashing).
114 virtual bool ShouldSuppressFatalErrors() const = 0;
115
116 // Records that a fatal error was caught and suppressed. It is expected that
117 // embedders will only do so if ShouldSuppressFatalErrors at some point
118 // returned true.
119 virtual void RecordDidSuppressFatalError() = 0;
120
121 // Returns the base webstore URL prefix.
122 virtual const GURL& GetWebstoreBaseURL() const = 0;
123
124 // Returns the URL to use for update manifest queries.
125 virtual const GURL& GetWebstoreUpdateURL() const = 0;
126
127 // Returns a flag indicating whether or not a given URL is a valid
128 // extension blacklist URL.
129 virtual bool IsBlacklistUpdateURL(const GURL& url) const = 0;
130
131 // Returns the set of file paths corresponding to any images within an
132 // extension's contents that may be displayed directly within the browser UI
133 // or WebUI, such as icons or theme images. This set of paths is used by the
134 // extension unpacker to determine which assets should be transcoded safely
135 // within the utility sandbox.
136 //
137 // The default implementation returns the images used as icons for the
138 // extension itself, so implementors of ExtensionsClient overriding this may
139 // want to call the base class version and then add additional paths to that
140 // result.
141 virtual std::set<base::FilePath> GetBrowserImagePaths(
142 const Extension* extension);
143
144 // Returns whether or not extension APIs are allowed in extension service
145 // workers.
146 // This is currently disallowed as the code to support this is work in
147 // progress.
148 // Can be overridden in tests.
149 virtual bool ExtensionAPIEnabledInExtensionServiceWorkers() const;
150
151 // Adds client specific permitted origins to |origin_patterns| for
152 // cross-origin communication for an extension context.
153 virtual void AddOriginAccessPermissions(
154 const Extension& extension,
155 bool is_extension_active,
156 std::vector<network::mojom::CorsOriginPatternPtr>* origin_patterns) const;
157
158 private:
159 // Performs common initialization and calls Initialize() to allow subclasses
160 // to do any extra initialization.
161 void DoInitialize();
162
163 std::vector<std::unique_ptr<ExtensionsAPIProvider>> api_providers_;
164
165 // Whether DoInitialize() has been called.
166 bool initialize_called_ = false;
167
168 DISALLOW_COPY_AND_ASSIGN(ExtensionsClient);
169};
170
171} // namespace extensions
172
173#endif // EXTENSIONS_COMMON_EXTENSIONS_CLIENT_H_
174