-
Devlin Cronin authored
Adjust the chrome.permissions API for use with withheld permissions as a result of the RuntimeHostPermissions feature. This patch allows the permissions API to be used to request withheld or optional host permissions, rather than just optional host permissions. This is important for extensions that want to be able to request permissions at runtime using the chrome.permissions API as a workaround to having required permisssions withheld. Additionally, move requesting optional permissions to looking at the runtime granted permission set, rather than the granted permission set. This greatly simplifies the logic, as now all permission requests are compared to the same permissions set, and we don't need to isolate host permission requests versus API permission requests. This also ensures we avoid granting a permission that was explicitly revoked by the user (as could happen if we just checked granted permissions). As of Chrome 70, all permissions granted through the permissions API are added to the runtime granted set. However, this does mean that optional permissions that were granted prior to M70, and then later removed via permissions.remove(), will re-prompt the user. In practice, this is very rare. This also means that optional permissions will not be granted automatically for permissions that were used by previous versions of the extension (similarly, very rare in practice). This does *not* address the issue of scriptable hosts in requested permissions; that is still an issue. Bug: 889654 Change-Id: I8c20f03ec7b402cd61ae1db04b782447dc39414e Reviewed-on: https://chromium-review.googlesource.com/c/1301851 Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Reviewed-by:
Karan Bhatia <karandeepb@chromium.org> Cr-Commit-Position: refs/heads/master@{#607474}
b236ad48
