From de4836c68bf0c2072d86023d72f23583d7fa895f Mon Sep 17 00:00:00 2001
From: Devlin Cronin <rdevlin.cronin@chromium.org>
Date: Tue, 8 Sep 2015 10:48:49 -0700
Subject: [PATCH] [Script Injection] Allow whitelisted extensions to inject
 scripts everywhere

Fix a regression where whitelisted extensions couldn't inject content scripts on
other extension pages.

BUG=517370
TBR=kalman@chromium.org

Review URL: https://codereview.chromium.org/1294393003

Cr-Commit-Position: refs/heads/master@{#345382}
(cherry picked from commit 29d2ec93b685a04c1ad0ad047ab702c3cc62ba3f)

Review URL: https://codereview.chromium.org/1319143004 .

Cr-Commit-Position: refs/branch-heads/2490@{#185}
Cr-Branched-From: 7790a3535f2a81a03685eca31a32cf69ae0c114f-refs/heads/master@{#344925}
---
 extensions/renderer/extension_injection_host.cc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/extensions/renderer/extension_injection_host.cc b/extensions/renderer/extension_injection_host.cc
index 32e83991f3282..1a6dca87f2500 100644
--- a/extensions/renderer/extension_injection_host.cc
+++ b/extensions/renderer/extension_injection_host.cc
@@ -57,8 +57,10 @@ PermissionsData::AccessType ExtensionInjectionHost::CanExecuteOnFrame(
 
   blink::WebSecurityOrigin top_frame_security_origin =
       render_frame->GetWebFrame()->top()->securityOrigin();
+  // Only whitelisted extensions may run scripts on another extension's page.
   if (top_frame_security_origin.protocol().utf8() == kExtensionScheme &&
-      top_frame_security_origin.host().utf8() != extension_->id())
+      top_frame_security_origin.host().utf8() != extension_->id() &&
+      !PermissionsData::CanExecuteScriptEverywhere(extension_))
     return PermissionsData::ACCESS_DENIED;
 
   // Declarative user scripts use "page access" (from "permissions" section in