Do not allow extensions without file access on file: URLs

Bug: 1467169 Change-Id: Ic663af79bc9a2b6b60368e59515735f6cba57a1c Reviewed-on: https://chromium-review.googlesource.com/c/devtools/devtools-frontend/+/4714725 Auto-Submit: Danil Somsikov <dsv@chromium.org> Reviewed-by: Philip Pfaffe <pfaffe@chromium.org> Commit-Queue: Danil Somsikov <dsv@chromium.org>
motiz88 · Jul 25, 2023 · 21a7422 · 21a7422
1 parent 667affc
commit 21a7422
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 3 deletions.
diff --git a/front_end/core/host/InspectorFrontendHostAPI.ts b/front_end/core/host/InspectorFrontendHostAPI.ts
@@ -325,6 +325,7 @@ export interface ExtensionDescriptor {
   name: string;
   exposeExperimentalAPIs: boolean;
   hostsPolicy?: ExtensionHostsPolicy;
+  allowFileAccess?: boolean;
 }
 export interface ExtensionHostsPolicy {
   runtimeAllowedHosts: string[];

diff --git a/front_end/models/extensions/ExtensionServer.ts b/front_end/models/extensions/ExtensionServer.ts
@@ -107,6 +107,20 @@ export class HostsPolicy {
   }
 }
 
+function currentTargetIsFile(): boolean {
+  const inspectedURL = SDK.TargetManager.TargetManager.instance().primaryPageTarget()?.inspectedURL();
+  if (!inspectedURL) {
+    return false;
+  }
+  let parsedURL;
+  try {
+    parsedURL = new URL(inspectedURL);
+  } catch (exception) {
+    return false;
+  }
+  return parsedURL.protocol === 'file:';
+}
+
 export class ExtensionServer extends Common.ObjectWrapper.ObjectWrapper<EventTypes> {
   private readonly clientObjects: Map<string, unknown>;
   private readonly handlers:
@@ -121,6 +135,7 @@ export class ExtensionServer extends Common.ObjectWrapper.ObjectWrapper<EventTyp
   private registeredExtensions: Map<string, {
     name: string,
     hostsPolicy: HostsPolicy,
+    allowFileAccess: boolean,
   }>;
   private status: ExtensionStatus;
   private readonly sidebarPanesInternal: ExtensionSidebarPane[];
@@ -1018,7 +1033,8 @@ export class ExtensionServer extends Common.ObjectWrapper.ObjectWrapper<EventTyp
       return;
     }
     const hostsPolicy = HostsPolicy.create(extensionInfo.hostsPolicy);
-    if (!hostsPolicy || !hostsPolicy.isAllowedOnCurrentTarget()) {
+    if (!hostsPolicy || !hostsPolicy.isAllowedOnCurrentTarget() ||
+        (!extensionInfo.allowFileAccess && currentTargetIsFile())) {
       return;
     }
     try {
@@ -1033,7 +1049,8 @@ export class ExtensionServer extends Common.ObjectWrapper.ObjectWrapper<EventTyp
         Host.InspectorFrontendHost.InspectorFrontendHostInstance.setInjectedScriptForOrigin(
             extensionOrigin, injectedAPI);
         const name = extensionInfo.name || `Extension ${extensionOrigin}`;
-        this.registeredExtensions.set(extensionOrigin, {name, hostsPolicy});
+        this.registeredExtensions.set(
+            extensionOrigin, {name, hostsPolicy, allowFileAccess: Boolean(extensionInfo.allowFileAccess)});
       }
       this.addExtensionFrame(extensionInfo);
     } catch (e) {
@@ -1073,7 +1090,7 @@ export class ExtensionServer extends Common.ObjectWrapper.ObjectWrapper<EventTyp
     if (!extension) {
       return false;
     }
-    return extension.hostsPolicy.isAllowedOnCurrentTarget();
+    return extension.hostsPolicy.isAllowedOnCurrentTarget() && (extension.allowFileAccess || !currentTargetIsFile());
   }
 
   private async onmessage(event: MessageEvent): Promise<void> {

diff --git a/test/unittests/front_end/models/extensions/helpers.ts b/test/unittests/front_end/models/extensions/helpers.ts
@@ -20,6 +20,7 @@ export function describeWithDevtoolsExtension(
     startPage: `${window.location.origin}/blank.html`,
     name: 'TestExtension',
     exposeExperimentalAPIs: true,
+    allowFileAccess: false,
     ...extension,
   };
   const context: ExtensionContext = {