Block non-sandboxed plugins.

chrome/renderer/render_view.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/render_view.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 182 matching lines @@
 using WebKit::WebMediaPlayer;
 using WebKit::WebMediaPlayerAction;
 using WebKit::WebMediaPlayerClient;
 using WebKit::WebNavigationPolicy;
 using WebKit::WebNavigationType;
 using WebKit::WebNode;
 using WebKit::WebPageSerializer;
 using WebKit::WebPageSerializerClient;
 using WebKit::WebPlugin;
 using WebKit::WebPluginContainer;
+using WebKit::WebPluginDocument;
 using WebKit::WebPluginParams;
-using WebKit::WebPluginDocument;
 using WebKit::WebPoint;
 using WebKit::WebPopupMenuInfo;
 using WebKit::WebRange;
 using WebKit::WebRect;
 using WebKit::WebScriptSource;
 using WebKit::WebSearchableFormData;
 using WebKit::WebSecurityOrigin;
 using WebKit::WebSettings;
 using WebKit::WebSharedWorker;
 using WebKit::WebSize;
@@ skipping 327 matching lines @@
 }
 
 void RenderView::UserMetricsRecordAction(const std::string& action) {
   Send(new ViewHostMsg_UserMetricsRecordAction(routing_id_, action));
 }
 
 void RenderView::PluginCrashed(const FilePath& plugin_path) {
   Send(new ViewHostMsg_CrashedPlugin(routing_id_, plugin_path));
 }
 
+WebPlugin* RenderView::CreatePluginNoCheck(WebFrame* frame,
+                                           const WebPluginParams& params) {
+  WebPluginInfo info;
+  bool found;
+  std::string mime_type;
+  Send(new ViewHostMsg_GetPluginInfo(
+      params.url, frame->top()->url(), params.mimeType.utf8(), &found,
+      &info, &mime_type));
+  if (!found || !info.enabled)
+    return NULL;
+  scoped_refptr<pepper::PluginModule> pepper_module =
+      PepperPluginRegistry::GetInstance()->GetModule(info.path);
+  if (pepper_module)
+    return CreatePepperPlugin(frame, params, info.path, pepper_module.get());
+  else
+    return CreateNPAPIPlugin(frame, params, info.path, mime_type);
+}
+
 #if defined(OS_MACOSX)
 void RenderView::RegisterPluginDelegate(WebPluginDelegateProxy* delegate) {
   plugin_delegates_.insert(delegate);
 }
 
 void RenderView::UnregisterPluginDelegate(WebPluginDelegateProxy* delegate) {
   plugin_delegates_.erase(delegate);
 }
 #endif
 
@@ skipping 1641 matching lines @@
   SendAndRunNestedMessageLoop(new ViewHostMsg_RunModal(routing_id_));
 }
 
 // WebKit::WebFrameClient -----------------------------------------------------
 
 WebPlugin* RenderView::createPlugin(WebFrame* frame,
                                     const WebPluginParams& params) {
   bool found = false;
   WebPluginInfo info;
   GURL url(params.url);
-  std::string mime_type(params.mimeType.utf8());
   std::string actual_mime_type;
   Send(new ViewHostMsg_GetPluginInfo(url,
                                      frame->top()->url(),
-                                     mime_type,
+                                     params.mimeType.utf8(),
                                      &found,
                                      &info,
-      &actual_mime_type));
+                                     &actual_mime_type));
 
   if (!found || !info.enabled)
     return NULL;
 
-  if (!AllowContentType(CONTENT_SETTINGS_TYPE_PLUGINS) &&
-      info.path.value() != kDefaultPluginLibraryName) {
-    DCHECK(CommandLine::ForCurrentProcess()->HasSwitch(
-        switches::kEnableClickToPlay));
-    didNotAllowPlugins(frame);
-    return CreatePluginPlaceholder(frame, params);
+  if (info.path.value() != kDefaultPluginLibraryName) {
+    if (!AllowContentType(CONTENT_SETTINGS_TYPE_PLUGINS)) {
+      DCHECK(CommandLine::ForCurrentProcess()->HasSwitch(
+          switches::kEnableClickToPlay));
+      didNotAllowPlugins(frame);
+      return CreatePluginPlaceholder(frame, params);
+    }
+    scoped_refptr<pepper::PluginModule> pepper_module =
+        PepperPluginRegistry::GetInstance()->GetModule(info.path);
+    if (pepper_module)
+      return CreatePepperPlugin(frame, params, info.path, pepper_module.get());
+    if (CommandLine::ForCurrentProcess()->HasSwitch(
+            switches::kBlockNonSandboxedPlugins)) {
+      Send(new ViewHostMsg_NonSandboxedPluginBlocked(routing_id_, info.name));
+      return CreatePluginPlaceholder(frame, params);
+    }
   }
-  return CreatePluginInternal(frame, params, &info, actual_mime_type);
+  return CreateNPAPIPlugin(frame, params, info.path, actual_mime_type);
 }
 
 WebWorker* RenderView::createWorker(WebFrame* frame, WebWorkerClient* client) {
   WebApplicationCacheHostImpl* appcache_host =
       WebApplicationCacheHostImpl::FromFrame(frame);
   int appcache_host_id = appcache_host ? appcache_host->host_id() : 0;
   return new WebWorkerProxy(client, RenderThread::current(), routing_id_,
                             appcache_host_id);
 }
 
@@ skipping 1436 matching lines @@
     content_blocked_[settings_type] = true;
     Send(new ViewHostMsg_ContentBlocked(routing_id_, settings_type));
   }
 }
 
 void RenderView::ClearBlockedContentSettings() {
   for (size_t i = 0; i < arraysize(content_blocked_); ++i)
     content_blocked_[i] = false;
 }
 
-WebPlugin* RenderView::CreatePluginInternal(WebFrame* frame,
-                                            const WebPluginParams& params,
-                                            WebPluginInfo* plugin_info,
-                                            const std::string& mime_type) {
+WebPlugin* RenderView::CreatePepperPlugin(WebFrame* frame,
+                                          const WebPluginParams& params,
+                                          const FilePath& path,
+                                          pepper::PluginModule* pepper_module) {
+  WebPlugin* plugin = new pepper::WebPluginImpl(pepper_module, params,
+                                                pepper_delegate_.AsWeakPtr());
+  if (plugin && !frame->parent() && frame->document().isPluginDocument()) {
+    // If this is a full-page plugin hosting the internal PDF plugin, we want
+    // to notify the browser so that it can treat things like zooming
+    // differently.
+    // TODO(sanjeevr): Use a Pepper interface to determine this rather than
+    // hardcode this for the PDF plugin path.
+    FilePath pdf_path;
+    PathService::Get(chrome::FILE_PDF_PLUGIN, &pdf_path);
+    if (path == pdf_path)
+      Send(new ViewHostMsg_SetDisplayingPDFContent(routing_id_));
+  }
+  return plugin;
+}
+
+WebPlugin* RenderView::CreateNPAPIPlugin(WebFrame* frame,
+                                         const WebPluginParams& params,
+                                         const FilePath& path,
+                                         const std::string& mime_type) {
   std::string actual_mime_type(mime_type);
-  WebPluginInfo info;
-  if (plugin_info != NULL) {
-    info = *plugin_info;
-  } else {
-    bool found;
-    std::string actual_mime_type(mime_type);
-    Send(new ViewHostMsg_GetPluginInfo(
-        params.url, frame->top()->url(), params.mimeType.utf8(), &found,
-        &info, &actual_mime_type));
-    if (!found)
-      info.enabled = false;
-  }
-  if (!info.enabled)
-    return NULL;
-
   if (actual_mime_type.empty())
     actual_mime_type = params.mimeType.utf8();
 
-  scoped_refptr<pepper::PluginModule> pepper_module =
-      PepperPluginRegistry::GetInstance()->GetModule(info.path);
-  if (pepper_module) {
-    WebPlugin* plugin = new pepper::WebPluginImpl(pepper_module, params,
-                                                  pepper_delegate_.AsWeakPtr());
-    if (plugin && !frame->parent() && frame->document().isPluginDocument()) {
-      // If this is a full-page plugin hosting the internal PDF plugin, we want
-      // to notify the browser so that it can treat things like zooming
-      // differently.
-      // TODO(sanjeevr): Use a Pepper interface to determine this rather than
-      // hardcode this for the PDF plugin path.
-      FilePath pdf_path;
-      PathService::Get(chrome::FILE_PDF_PLUGIN, &pdf_path);
-      if (info.path == pdf_path)
-        Send(new ViewHostMsg_SetDisplayingPDFContent(routing_id_));
-    }
-    return plugin;
-  }
-
-  return new webkit_glue::WebPluginImpl(frame, params, info.path,
+  return new webkit_glue::WebPluginImpl(frame, params, path,
                                         actual_mime_type, AsWeakPtr());
 }
 
 WebPlugin* RenderView::CreatePluginPlaceholder(WebFrame* frame,
                                                const WebPluginParams& params) {
   // |blocked_plugin| will delete itself when the WebViewPlugin is destroyed.
   BlockedPlugin* blocked_plugin = new BlockedPlugin(this, frame, params);
   WebViewPlugin* plugin = blocked_plugin->plugin();
   webkit_preferences_.Apply(plugin->web_view());
   return plugin;
@@ skipping 1559 matching lines @@
     // the origins of the two domains are different. This can be treated as a
     // top level navigation and routed back to the host.
     WebKit::WebFrame* opener = frame->opener();
     if (opener) {
       if (url.GetOrigin() != GURL(opener->url()).GetOrigin())
         return true;
     }
   }
   return false;
 }