Chromium Code Reviews Chromium Code Reviews
Issue 10993078:
Use extensions socket permission for TCP/UDP socket APIs in Pepper (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 71 #include "chrome/browser/ui/webui/chrome_web_ui_controller_factory.h" | 71 #include "chrome/browser/ui/webui/chrome_web_ui_controller_factory.h" |
| 72 #include "chrome/browser/user_style_sheet_watcher.h" | 72 #include "chrome/browser/user_style_sheet_watcher.h" |
| 73 #include "chrome/browser/user_style_sheet_watcher_factory.h" | 73 #include "chrome/browser/user_style_sheet_watcher_factory.h" |
| 74 #include "chrome/browser/view_type_utils.h" | 74 #include "chrome/browser/view_type_utils.h" |
| 75 #include "chrome/common/child_process_logging.h" | 75 #include "chrome/common/child_process_logging.h" |
| 76 #include "chrome/common/chrome_constants.h" | 76 #include "chrome/common/chrome_constants.h" |
| 77 #include "chrome/common/chrome_switches.h" | 77 #include "chrome/common/chrome_switches.h" |
| 78 #include "chrome/common/extensions/extension.h" | 78 #include "chrome/common/extensions/extension.h" |
| 79 #include "chrome/common/extensions/extension_process_policy.h" | 79 #include "chrome/common/extensions/extension_process_policy.h" |
| 80 #include "chrome/common/extensions/extension_set.h" | 80 #include "chrome/common/extensions/extension_set.h" |
| 81 #include "chrome/common/extensions/permissions/socket_permission.h" | |
| 81 #include "chrome/common/logging_chrome.h" | 82 #include "chrome/common/logging_chrome.h" |
| 82 #include "chrome/common/pref_names.h" | 83 #include "chrome/common/pref_names.h" |
| 83 #include "chrome/common/render_messages.h" | 84 #include "chrome/common/render_messages.h" |
| 84 #include "chrome/common/url_constants.h" | 85 #include "chrome/common/url_constants.h" |
| 85 #include "content/public/browser/browser_child_process_host.h" | 86 #include "content/public/browser/browser_child_process_host.h" |
| 86 #include "content/public/browser/browser_main_parts.h" | 87 #include "content/public/browser/browser_main_parts.h" |
| 87 #include "content/public/browser/browser_ppapi_host.h" | 88 #include "content/public/browser/browser_ppapi_host.h" |
| 88 #include "content/public/browser/browser_url_handler.h" | 89 #include "content/public/browser/browser_url_handler.h" |
| 89 #include "content/public/browser/child_process_security_policy.h" | 90 #include "content/public/browser/child_process_security_policy.h" |
| 90 #include "content/public/browser/render_process_host.h" | 91 #include "content/public/browser/render_process_host.h" |
| (...skipping 1587 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1678 } | 1679 } |
| 1679 | 1680 |
| 1680 void ChromeContentBrowserClient::DidCreatePpapiPlugin( | 1681 void ChromeContentBrowserClient::DidCreatePpapiPlugin( |
| 1681 content::BrowserPpapiHost* browser_host) { | 1682 content::BrowserPpapiHost* browser_host) { |
| 1682 browser_host->GetPpapiHost()->AddHostFactoryFilter( | 1683 browser_host->GetPpapiHost()->AddHostFactoryFilter( |
| 1683 scoped_ptr<ppapi::host::HostFactory>( | 1684 scoped_ptr<ppapi::host::HostFactory>( |
| 1684 new ChromeBrowserPepperHostFactory(browser_host))); | 1685 new ChromeBrowserPepperHostFactory(browser_host))); |
| 1685 } | 1686 } |
| 1686 | 1687 |
| 1687 bool ChromeContentBrowserClient::AllowPepperSocketAPI( | 1688 bool ChromeContentBrowserClient::AllowPepperSocketAPI( |
| 1688 content::BrowserContext* browser_context, const GURL& url) { | 1689 content::BrowserContext* browser_context, |
| 1690 const GURL& url, | |
| 1691 const SocketPermissionParam& params) { | |
| 1689 if (!url.is_valid()) | 1692 if (!url.is_valid()) |
| 1690 return false; | 1693 return false; |
| 1691 | 1694 |
| 1692 std::string host = url.host(); | 1695 std::string host = url.host(); |
| 1693 if (url.SchemeIs(kExtensionScheme) && allowed_socket_origins_.count(host)) | 1696 if (url.SchemeIs(kExtensionScheme) && allowed_socket_origins_.count(host)) |
| 1694 return true; | 1697 return true; |
| 1695 | 1698 |
| 1696 Profile* profile = Profile::FromBrowserContext(browser_context); | 1699 Profile* profile = Profile::FromBrowserContext(browser_context); |
| 1697 const Extension* extension = NULL; | 1700 const Extension* extension = NULL; |
| 1698 if (profile && profile->GetExtensionService()) { | 1701 if (profile && profile->GetExtensionService()) { |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 1714 StringTokenizer t(allowed_list, ","); | 1717 StringTokenizer t(allowed_list, ","); |
| 1715 while (t.GetNext()) { | 1718 while (t.GetNext()) { |
| 1716 if (t.token() == host) | 1719 if (t.token() == host) |
| 1717 return true; | 1720 return true; |
| 1718 } | 1721 } |
| 1719 } | 1722 } |
| 1720 | 1723 |
| 1721 if (!extension) | 1724 if (!extension) |
| 1722 return false; | 1725 return false; |
| 1723 | 1726 |
| 1724 if (extension->HasAPIPermission(APIPermission::kSocket)) | 1727 extensions::SocketPermissionData::OperationType type = |
| 1728 extensions::SocketPermissionData::NONE; | |
| 1729 switch (params.type) { | |
| 1730 case SocketPermissionParam::TCP_CONNECT: | |
| 1731 type = extensions::SocketPermissionData::TCP_CONNECT; | |
| 1732 break; | |
| 1733 | |
| 1734 case SocketPermissionParam::TCP_LISTEN: | |
| 1735 type = extensions::SocketPermissionData::TCP_LISTEN; | |
| 1736 break; | |
| 1737 | |
| 1738 case SocketPermissionParam::UDP_BIND: | |
| 1739 type = extensions::SocketPermissionData::UDP_BIND; | |
| 1740 break; | |
| 1741 | |
| 1742 case SocketPermissionParam::UDP_SEND_TO: | |
| 1743 type = extensions::SocketPermissionData::UDP_SEND_TO; | |
| 1744 break; | |
| 1745 | |
| 1746 default: | |
| 1747 NOTREACHED(); | |
| 1748 } | |
|
miket_OOO
2012/10/05 18:46:02
This block seems like it could be a generally usef
Dmitry Polukhin
2012/10/08 09:50:35
Done.
| |
| 1749 | |
| 1750 extensions::SocketPermission::CheckParam extension_params( | |
| 1751 type, params.host, params.port); | |
| 1752 if (extension->CheckAPIPermissionWithParam(APIPermission::kSocket, | |
| 1753 &extension_params)) | |
| 1725 return true; | 1754 return true; |
| 1726 | 1755 |
| 1727 return false; | 1756 return false; |
| 1728 } | 1757 } |
| 1729 | 1758 |
| 1730 bool ChromeContentBrowserClient::AllowPepperPrivateFileAPI() { | 1759 bool ChromeContentBrowserClient::AllowPepperPrivateFileAPI() { |
| 1731 return CommandLine::ForCurrentProcess()->HasSwitch( | 1760 return CommandLine::ForCurrentProcess()->HasSwitch( |
| 1732 switches::kPpapiFlashInProcess); | 1761 switches::kPpapiFlashInProcess); |
| 1733 } | 1762 } |
| 1734 | 1763 |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1798 partition_id = extension->id(); | 1827 partition_id = extension->id(); |
| 1799 } | 1828 } |
| 1800 | 1829 |
| 1801 // Enforce that IsValidStoragePartitionId() implementation stays in sync. | 1830 // Enforce that IsValidStoragePartitionId() implementation stays in sync. |
| 1802 DCHECK(IsValidStoragePartitionId(browser_context, partition_id)); | 1831 DCHECK(IsValidStoragePartitionId(browser_context, partition_id)); |
| 1803 return partition_id; | 1832 return partition_id; |
| 1804 } | 1833 } |
| 1805 | 1834 |
| 1806 | 1835 |
| 1807 } // namespace chrome | 1836 } // namespace chrome |
| OLD | NEW |
