Ensure that window.open requests issued by ChromeFrame carry the correct cook...

chrome_frame/chrome_active_document.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Implementation of ChromeActiveDocument
 #include "chrome_frame/chrome_active_document.h"
 
 #include <hlink.h>
 #include <htiface.h>
 #include <initguid.h>
@@ skipping 47 matching lines @@
 #define DEFINE_ENCODING_ID_ARRAY(encoding_name, id, chrome_name) encoding_name,
   INTERNAL_IE_ENCODINGMENU_IDS(DEFINE_ENCODING_ID_ARRAY)
 #undef DEFINE_ENCODING_ID_ARRAY
   0  // The Last data must be 0 to indicate the end of the encoding id array.
 };
 
 ChromeActiveDocument::ChromeActiveDocument()
     : first_navigation_(true),
       is_automation_client_reused_(false),
       popup_allowed_(false),
-      accelerator_table_(NULL),
-      is_new_navigation_(false) {
+      accelerator_table_(NULL) {
   TRACE_EVENT_BEGIN("chromeframe.createactivedocument", this, "");
 
   url_fetcher_.set_frame_busting(false);
   memset(&navigation_info_, 0, sizeof(navigation_info_));
 }
 
 HRESULT ChromeActiveDocument::FinalConstruct() {
   // If we have a cached ChromeActiveDocument instance in TLS, then grab
   // ownership of the cached document's automation client. This is an
   // optimization to get Chrome active documents to load faster.
@@ skipping 38 matching lines @@
   mshtml_group_commands_map_[IDM_BASELINEFONT2] = flags;
   mshtml_group_commands_map_[IDM_BASELINEFONT3] = flags;
   mshtml_group_commands_map_[IDM_BASELINEFONT4] = flags;
   mshtml_group_commands_map_[IDM_BASELINEFONT5] = flags;
 
   HMODULE this_module = reinterpret_cast<HMODULE>(&__ImageBase);
   accelerator_table_ =
     LoadAccelerators(this_module,
                      MAKEINTRESOURCE(IDR_CHROME_FRAME_IE_FULL_TAB));
   DCHECK(accelerator_table_ != NULL);
+
+  HRESULT hr = security_manager_.CreateInstance(CLSID_InternetSecurityManager);
+  if (FAILED(hr)) {
+    NOTREACHED() << __FUNCTION__
+                 << " Failed to create InternetSecurityManager. Error: 0x%x"
+                 << hr;
+  }
+
   return S_OK;
 }
 
 ChromeActiveDocument::~ChromeActiveDocument() {
   DLOG(INFO) << __FUNCTION__;
   if (find_dialog_.IsWindow())
     find_dialog_.DestroyWindow();
   // ChromeFramePlugin
   BaseActiveX::Uninitialize();
 
@@ skipping 115 matching lines @@
   if (info && !info->url().empty()) {
     url = info->url();
   } else {
     // If the original URL contains an anchor, then the URL queried
     // from the moniker does not contain the anchor. To workaround
     // this we retrieve the URL from our BHO.
     url = GetActualUrlFromMoniker(moniker_name, bind_context,
                                   mgr ? mgr->url(): std::wstring());
   }
 
-  // The is_new_navigation variable indicates if this a navigation initiated
-  // by typing in a URL for e.g. in the IE address bar, or from Chrome by
-  // a window.open call from javascript, in which case the current IE tab
-  // will attach to an existing ExternalTabContainer instance.
-  bool is_new_navigation = true;
-  bool is_chrome_protocol = false;
+  ChromeFrameUrl cf_url;
+  if (!cf_url.Parse(url)) {
+    DLOG(WARNING) << __FUNCTION__ << " Failed to parse url:" << url;
+    return E_INVALIDARG;
+  }
 
-  if (!ParseUrl(url, &is_new_navigation, &is_chrome_protocol, &url)) {
-    DLOG(WARNING) << __FUNCTION__ << " Failed to parse url:" << url;
+  if (!CanNavigateInFullTabMode(cf_url, security_manager_)) {
     return E_INVALIDARG;
   }
 
   std::string referrer = mgr ? mgr->referrer() : EmptyString();
   // With CTransaction patch we have more robust way to grab the referrer for
   // each top-level-switch-to-CF request by peeking at our sniffing data
   // object that lives inside the bind context.
   if (g_patch_helper.state() == PatchHelper::PATCH_PROTOCOL && info) {
     scoped_refptr<ProtData> prot_data = info->get_prot_data();
     if (prot_data)
       referrer = prot_data->referrer();
   }
 
-  if (!LaunchUrl(url, referrer, is_new_navigation)) {
+  if (!LaunchUrl(cf_url, referrer)) {
     NOTREACHED() << __FUNCTION__ << " Failed to launch url:" << url;
     return E_INVALIDARG;
   }
 
-  if (!is_chrome_protocol)
-    url_fetcher_.SetInfoForUrl(url, moniker_name, bind_context);
+  if (!cf_url.is_chrome_protocol() && !cf_url.attach_to_external_tab())
+    url_fetcher_.SetInfoForUrl(cf_url.url(), moniker_name, bind_context);
 
   THREAD_SAFE_UMA_HISTOGRAM_CUSTOM_COUNTS("ChromeFrame.FullTabLaunchType",
-                                          is_chrome_protocol, 0, 1, 2);
+                                          cf_url.is_chrome_protocol(),
+                                          0, 1, 2);
   return S_OK;
 }
 
 STDMETHODIMP ChromeActiveDocument::Save(IMoniker* moniker_name,
                                         LPBC bind_context,
                                         BOOL remember) {
   return E_NOTIMPL;
 }
 
 STDMETHODIMP ChromeActiveDocument::SaveCompleted(IMoniker* moniker_name,
@@ skipping 75 matching lines @@
 
   stream->Seek(offset, STREAM_SEEK_CUR, &cur_pos);
   stream->Stat(&statstg, STATFLAG_NONAME);
 
   DWORD url_size = statstg.cbSize.LowPart - cur_pos.LowPart;
   ScopedBstr url_bstr;
   DWORD bytes_read = 0;
   stream->Read(url_bstr.AllocateBytes(url_size), url_size, &bytes_read);
   std::wstring url(url_bstr);
 
-  bool is_new_navigation = true;
-  bool is_chrome_protocol = false;
-
-  if (!ParseUrl(url, &is_new_navigation, &is_chrome_protocol, &url)) {
+  ChromeFrameUrl cf_url;
+  if (!cf_url.Parse(url)) {
     DLOG(WARNING) << __FUNCTION__ << " Failed to parse url:" << url;
     return E_INVALIDARG;
   }
 
+  if (!CanNavigateInFullTabMode(cf_url, security_manager_)) {
+    return E_INVALIDARG;
+  }
+
   const std::string& referrer = EmptyString();
-  if (!LaunchUrl(url, referrer, is_new_navigation)) {
+  if (!LaunchUrl(cf_url, referrer)) {
     NOTREACHED() << __FUNCTION__ << " Failed to launch url:" << url;
     return E_INVALIDARG;
   }
   return S_OK;
 }
 
 STDMETHODIMP ChromeActiveDocument::SaveHistory(IStream* stream) {
   // TODO(sanjeevr): We need to fetch the entire list of navigation entries
   // from Chrome and persist it in the stream. And in LoadHistory we need to
   // pass this list back to Chrome which will recreate the list. This will allow
@@ skipping 312 matching lines @@
 
   // Another case where we need to issue BeforeNavigate2 calls is as below:-
   // We get notified after the fact, when navigations are initiated within
   // Chrome via window.open calls. These navigations are handled by creating
   // an external tab container within chrome and then connecting to it from IE.
   // We still want to update the address bar/history, etc, to ensure that
   // the special URL used by Chrome to indicate this is updated correctly.
   bool is_internal_navigation = ((new_navigation_info.navigation_index > 0) &&
       (new_navigation_info.navigation_index !=
        navigation_info_.navigation_index)) ||
-       StartsWith(static_cast<BSTR>(url_), kChromeAttachExternalTabPrefix,
-                  false);
+       MatchPatternWide(static_cast<BSTR>(url_), kChromeFrameAttachTabPattern);
 
   if (new_navigation_info.url.is_valid())
     url_.Allocate(UTF8ToWide(new_navigation_info.url.spec()).c_str());
 
   if (is_internal_navigation) {
     ScopedComPtr<IDocObjectService> doc_object_svc;
     ScopedComPtr<IWebBrowserEventsService> web_browser_events_svc;
 
     buggy_bho::BuggyBhoTls bad_bho_tls;
     if (GetConfigBool(true, kEnableBuggyBhoIntercept)) {
@@ skipping 199 matching lines @@
     hr = frame_cmd_target.QueryFrom(in_place_site);
 
   if (frame_cmd_target) {
     hr = frame_cmd_target->Exec(cmd_group_guid, command_id, cmd_exec_opt,
                                 in_args, out_args);
   }
 
   return hr;
 }
 
-DWORD ChromeActiveDocument::MapUrlToZone(const wchar_t* url) {
-  DWORD zone = URLZONE_INVALID;
-  if (security_manager_.get() == NULL) {
-    HRESULT hr = CoCreateInstance(
-        CLSID_InternetSecurityManager,
-        NULL,
-        CLSCTX_ALL,
-        IID_IInternetSecurityManager,
-        reinterpret_cast<void**>(security_manager_.Receive()));
+bool ChromeActiveDocument::LaunchUrl(const ChromeFrameUrl& cf_url,
+                                     const std::string& referrer) {
+  DCHECK(automation_client_.get() != NULL);
+  DCHECK(!cf_url.url().empty());
 
-    if (FAILED(hr)) {
-      NOTREACHED() << __FUNCTION__
-                   << " Failed to create InternetSecurityManager. Error: 0x%x"
-                   << hr;
-      return zone;
-    }
-  }
+  url_.Allocate(cf_url.url().c_str());
 
-  security_manager_->MapUrlToZone(url, &zone, 0);
-  return zone;
-}
+  std::string utf8_url;
+  WideToUTF8(url_, url_.Length(), &utf8_url);
 
-bool ChromeActiveDocument::ParseUrl(const std::wstring& url,
-                                    bool* is_new_navigation,
-                                    bool* is_chrome_protocol,
-                                    std::wstring* parsed_url) {
-  if (!is_new_navigation || !is_chrome_protocol|| !parsed_url) {
-    NOTREACHED() << __FUNCTION__ << " Invalid arguments";
+  DLOG(INFO) << "Url is " << url_;
+
+  // Initiate navigation before launching chrome so that the url will be
+  // cached and sent with launch settings.
+  if (cf_url.attach_to_external_tab()) {
+    dimensions_ = cf_url.dimensions();
+    automation_client_->AttachExternalTab(cf_url.cookie());
+  } else if (!automation_client_->InitiateNavigation(utf8_url,
+                                                     referrer,
+                                                     is_privileged_)) {
+    DLOG(ERROR) << "Invalid URL: " << url_;
+    Error(L"Invalid URL");
+    url_.Reset();
     return false;
   }
 
-  std::wstring initial_url = url;
-
-  *is_chrome_protocol = StartsWith(initial_url, kChromeProtocolPrefix,
-                                   false);
-
-  *is_new_navigation = true;
-
-  if (*is_chrome_protocol) {
-    initial_url.erase(0, lstrlen(kChromeProtocolPrefix));
-    *is_new_navigation =
-        !StartsWith(initial_url, kChromeAttachExternalTabPrefix, false);
-  }
-
-  if (!IsValidUrlScheme(initial_url, is_privileged_)) {
-    DLOG(WARNING) << __FUNCTION__ << " Disallowing navigation to url: "
-                  << url;
-    return false;
-  }
-
-  if (URLZONE_UNTRUSTED == MapUrlToZone(initial_url.c_str())) {
-    DLOG(WARNING) << __FUNCTION__
-                  << " Disallowing navigation to restricted url: "
-                  << initial_url;
-    return false;
-  }
-
-  if (*is_chrome_protocol) {
-    // Allow chrome protocol (gcf:) if -
-    // - explicitly enabled using registry
-    // - for gcf:attach_external_tab
-    // - for gcf:about and gcf:view-source
-    GURL crack_url(initial_url);
-    bool allow_gcf_protocol = !*is_new_navigation ||
-        GetConfigBool(false, kEnableGCFProtocol) ||
-        crack_url.SchemeIs(chrome::kAboutScheme) ||
-        crack_url.SchemeIs(chrome::kViewSourceScheme);
-    if (!allow_gcf_protocol)
-      return false;
-  }
-
-  *parsed_url = initial_url;
-  return true;
-}
-
-bool ChromeActiveDocument::LaunchUrl(const std::wstring& url,
-                                     const std::string& referrer,
-                                     bool is_new_navigation) {
-  DCHECK(automation_client_.get() != NULL);
-
-  url_.Allocate(url.c_str());
-
-  std::string utf8_url;
-
-  if (!is_new_navigation) {
-    int disposition = 0;
-    uint64 external_tab_cookie = 0;
-
-    if (!ParseAttachExternalTabUrl(url, &external_tab_cookie, &dimensions_,
-                                   &disposition)) {
-      NOTREACHED() << "Failed to parse attach tab url:" << url;
-      return false;
-    }
-
-    if (external_tab_cookie == 0) {
-      NOTREACHED() << "invalid url for attach tab: " << url;
-      return false;
-    }
-
-    is_new_navigation_ = false;
-    automation_client_->AttachExternalTab(external_tab_cookie);
-  } else {
-    is_new_navigation_ = true;
-    // Initiate navigation before launching chrome so that the url will be
-    // cached and sent with launch settings.
-    if (url_.Length()) {
-      WideToUTF8(url_, url_.Length(), &utf8_url);
-      if (!automation_client_->InitiateNavigation(utf8_url,
-                                                  referrer,
-                                                  is_privileged_)) {
-        DLOG(ERROR) << "Invalid URL: " << url;
-        Error(L"Invalid URL");
-        url_.Reset();
-        return false;
-      }
-
-      DLOG(INFO) << "Url is " << url_;
-    }
-  }
-
   if (is_automation_client_reused_)
     return true;
 
   automation_client_->SetUrlFetcher(&url_fetcher_);
 
   return InitializeAutomation(GetHostProcessName(false), L"", IsIEInPrivate(),
                               false, GURL(utf8_url), GURL(referrer));
 }
 
 
@@ skipping 210 matching lines @@
     SetFocus();
   return 0;
 }
 
 LRESULT ChromeActiveDocument::OnSetFocus(UINT message, WPARAM wparam,
                                          LPARAM lparam,
                                          BOOL& handled) {  // NO_LINT
   GiveFocusToChrome(false);
   return 0;
 }