Chromium Code Reviews Chromium Code Reviews
Issue 10993078:
Use extensions socket permission for TCP/UDP socket APIs in Pepper (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 71 #include "chrome/browser/ui/webui/chrome_web_ui_controller_factory.h" | 71 #include "chrome/browser/ui/webui/chrome_web_ui_controller_factory.h" |
| 72 #include "chrome/browser/user_style_sheet_watcher.h" | 72 #include "chrome/browser/user_style_sheet_watcher.h" |
| 73 #include "chrome/browser/user_style_sheet_watcher_factory.h" | 73 #include "chrome/browser/user_style_sheet_watcher_factory.h" |
| 74 #include "chrome/browser/view_type_utils.h" | 74 #include "chrome/browser/view_type_utils.h" |
| 75 #include "chrome/common/child_process_logging.h" | 75 #include "chrome/common/child_process_logging.h" |
| 76 #include "chrome/common/chrome_constants.h" | 76 #include "chrome/common/chrome_constants.h" |
| 77 #include "chrome/common/chrome_switches.h" | 77 #include "chrome/common/chrome_switches.h" |
| 78 #include "chrome/common/extensions/extension.h" | 78 #include "chrome/common/extensions/extension.h" |
| 79 #include "chrome/common/extensions/extension_process_policy.h" | 79 #include "chrome/common/extensions/extension_process_policy.h" |
| 80 #include "chrome/common/extensions/extension_set.h" | 80 #include "chrome/common/extensions/extension_set.h" |
| 81 #include "chrome/common/extensions/permissions/socket_permission.h" | |
| 81 #include "chrome/common/logging_chrome.h" | 82 #include "chrome/common/logging_chrome.h" |
| 82 #include "chrome/common/pref_names.h" | 83 #include "chrome/common/pref_names.h" |
| 83 #include "chrome/common/render_messages.h" | 84 #include "chrome/common/render_messages.h" |
| 84 #include "chrome/common/url_constants.h" | 85 #include "chrome/common/url_constants.h" |
| 85 #include "content/public/browser/browser_child_process_host.h" | 86 #include "content/public/browser/browser_child_process_host.h" |
| 86 #include "content/public/browser/browser_main_parts.h" | 87 #include "content/public/browser/browser_main_parts.h" |
| 87 #include "content/public/browser/browser_ppapi_host.h" | 88 #include "content/public/browser/browser_ppapi_host.h" |
| 88 #include "content/public/browser/browser_url_handler.h" | 89 #include "content/public/browser/browser_url_handler.h" |
| 89 #include "content/public/browser/child_process_security_policy.h" | 90 #include "content/public/browser/child_process_security_policy.h" |
| 90 #include "content/public/browser/render_process_host.h" | 91 #include "content/public/browser/render_process_host.h" |
| (...skipping 1583 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1674 } | 1675 } |
| 1675 | 1676 |
| 1676 void ChromeContentBrowserClient::DidCreatePpapiPlugin( | 1677 void ChromeContentBrowserClient::DidCreatePpapiPlugin( |
| 1677 content::BrowserPpapiHost* browser_host) { | 1678 content::BrowserPpapiHost* browser_host) { |
| 1678 browser_host->GetPpapiHost()->AddHostFactoryFilter( | 1679 browser_host->GetPpapiHost()->AddHostFactoryFilter( |
| 1679 scoped_ptr<ppapi::host::HostFactory>( | 1680 scoped_ptr<ppapi::host::HostFactory>( |
| 1680 new ChromeBrowserPepperHostFactory(browser_host))); | 1681 new ChromeBrowserPepperHostFactory(browser_host))); |
| 1681 } | 1682 } |
| 1682 | 1683 |
| 1683 bool ChromeContentBrowserClient::AllowPepperSocketAPI( | 1684 bool ChromeContentBrowserClient::AllowPepperSocketAPI( |
| 1684 content::BrowserContext* browser_context, const GURL& url) { | 1685 content::BrowserContext* browser_context, |
| 1686 const GURL& url, | |
| 1687 const SocketPermissionParam& params) { | |
| 1685 if (!url.is_valid()) | 1688 if (!url.is_valid()) |
| 1686 return false; | 1689 return false; |
| 1687 | 1690 |
| 1688 std::string host = url.host(); | 1691 std::string host = url.host(); |
| 1689 if (url.SchemeIs(kExtensionScheme) && allowed_socket_origins_.count(host)) | 1692 if (url.SchemeIs(kExtensionScheme) && allowed_socket_origins_.count(host)) |
| 1690 return true; | 1693 return true; |
| 1691 | 1694 |
| 1692 Profile* profile = Profile::FromBrowserContext(browser_context); | 1695 Profile* profile = Profile::FromBrowserContext(browser_context); |
| 1693 const Extension* extension = NULL; | 1696 const Extension* extension = NULL; |
| 1694 if (profile && profile->GetExtensionService()) { | 1697 if (profile && profile->GetExtensionService()) { |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 1710 StringTokenizer t(allowed_list, ","); | 1713 StringTokenizer t(allowed_list, ","); |
| 1711 while (t.GetNext()) { | 1714 while (t.GetNext()) { |
| 1712 if (t.token() == host) | 1715 if (t.token() == host) |
| 1713 return true; | 1716 return true; |
| 1714 } | 1717 } |
| 1715 } | 1718 } |
| 1716 | 1719 |
| 1717 if (!extension) | 1720 if (!extension) |
| 1718 return false; | 1721 return false; |
| 1719 | 1722 |
| 1720 if (extension->HasAPIPermission(APIPermission::kSocket)) | 1723 extensions::SocketPermissionData::OperationType type = |
| 1724 extensions::SocketPermissionData::NONE; | |
| 1725 switch (params.type) { | |
| 1726 case SocketPermissionParam::TCP_CONNECT: | |
| 1727 type = extensions::SocketPermissionData::TCP_CONNECT; | |
| 1728 break; | |
| 1729 | |
| 1730 case SocketPermissionParam::TCP_LISTEN: | |
| 1731 type = extensions::SocketPermissionData::TCP_LISTEN; | |
| 1732 break; | |
| 1733 | |
| 1734 case SocketPermissionParam::UDP_BIND: | |
| 1735 type = extensions::SocketPermissionData::UDP_BIND; | |
| 1736 break; | |
| 1737 | |
| 1738 case SocketPermissionParam::UDP_SEND_TO: | |
| 1739 type = extensions::SocketPermissionData::UDP_SEND_TO; | |
| 1740 break; | |
| 1741 | |
| 1742 default: | |
| 1743 NOTREACHED(); | |
| 1744 } | |
| 1745 | |
| 1746 extensions::SocketPermission::CheckParam extension_params( | |
| 1747 type, params.host, params.port); | |
| 1748 if (extension->CheckAPIPermissionWithParam(APIPermission::kSocket, | |
| 1749 &extension_params)) | |
|
ygorshenin1
2012/09/28 14:43:34
nit: delete single space before "&extension_params
Dmitry Polukhin
2012/10/01 11:00:24
Done.
| |
| 1721 return true; | 1750 return true; |
| 1722 | 1751 |
| 1723 return false; | 1752 return false; |
| 1724 } | 1753 } |
| 1725 | 1754 |
| 1726 bool ChromeContentBrowserClient::AllowPepperPrivateFileAPI() { | 1755 bool ChromeContentBrowserClient::AllowPepperPrivateFileAPI() { |
| 1727 return CommandLine::ForCurrentProcess()->HasSwitch( | 1756 return CommandLine::ForCurrentProcess()->HasSwitch( |
| 1728 switches::kPpapiFlashInProcess); | 1757 switches::kPpapiFlashInProcess); |
| 1729 } | 1758 } |
| 1730 | 1759 |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1794 partition_id = extension->id(); | 1823 partition_id = extension->id(); |
| 1795 } | 1824 } |
| 1796 | 1825 |
| 1797 // Enforce that IsValidStoragePartitionId() implementation stays in sync. | 1826 // Enforce that IsValidStoragePartitionId() implementation stays in sync. |
| 1798 DCHECK(IsValidStoragePartitionId(browser_context, partition_id)); | 1827 DCHECK(IsValidStoragePartitionId(browser_context, partition_id)); |
| 1799 return partition_id; | 1828 return partition_id; |
| 1800 } | 1829 } |
| 1801 | 1830 |
| 1802 | 1831 |
| 1803 } // namespace chrome | 1832 } // namespace chrome |
| OLD | NEW |
