Convert FileRefImpl and URLRequestInfo to shared_impl.

ppapi/shared_impl/url_request_info_impl.cc

+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "ppapi/shared_impl/url_request_info_impl.h"
+
+#include "base/string_util.h"
+#include "ppapi/shared_impl/var.h"
+#include "ppapi/thunk/enter.h"
+#include "ppapi/thunk/ppb_file_ref_api.h"
+
+using ppapi::thunk::EnterResourceNoLock;
+
+namespace ppapi {
+
+namespace {
+
+const int32_t kDefaultPrefetchBufferUpperThreshold = 100 * 1000 * 1000;
+const int32_t kDefaultPrefetchBufferLowerThreshold = 50 * 1000 * 1000;
+
+// These methods are not allowed by the XMLHttpRequest standard.
+// http://www.w3.org/TR/XMLHttpRequest/#the-open-method
+const char* const kForbiddenHttpMethods[] = {
+  "connect",
+  "trace",
+  "track",
+};
+
+// These are the "known" methods in the Webkit XHR implementation. Also see
+// the XMLHttpRequest standard.
+// http://www.w3.org/TR/XMLHttpRequest/#the-open-method
+const char* const kKnownHttpMethods[] = {
+  "get",
+  "post",
+  "put",
+  "head",
+  "copy",
+  "delete",
+  "index",
+  "lock",
+  "m-post",
+  "mkcol",
+  "move",
+  "options",
+  "propfind",
+  "proppatch",
+  "unlock",
+};
+
+bool IsValidToken(const std::string& token) {
+  size_t length = token.size();
+  if (length == 0)
+    return false;
+
+  for (size_t i = 0; i < length; i++) {
+    char c = token[i];
+    if (c >= 127 || c <= 32)
+      return false;
+    if (c == '(' || c == ')' || c == '<' || c == '>' || c == '@' ||
+        c == ',' || c == ';' || c == ':' || c == '\\' || c == '\"' ||
+        c == '/' || c == '[' || c == ']' || c == '?' || c == '=' ||
+        c == '{' || c == '}')
+      return false;
+  }
+  return true;
+}
+
+}  // namespace
+
+PPB_URLRequestInfo_Data::BodyItem::BodyItem()
+    : is_file(false),
+      start_offset(0),
+      number_of_bytes(-1),
+      expected_last_modified_time(0.0) {
+}
+
+PPB_URLRequestInfo_Data::BodyItem::BodyItem(const std::string& data)
+    : is_file(false),
+      data(data),
+      start_offset(0),
+      number_of_bytes(-1),
+      expected_last_modified_time(0.0) {
+}
+
+PPB_URLRequestInfo_Data::BodyItem::BodyItem(
+    Resource* file_ref,
+    int64_t start_offset,
+    int64_t number_of_bytes,
+    PP_Time expected_last_modified_time)
+    : is_file(true),
+      file_ref(file_ref),
+      file_ref_host_resource(file_ref->host_resource()),
+      start_offset(start_offset),
+      number_of_bytes(number_of_bytes),
+      expected_last_modified_time(expected_last_modified_time) {
+}
+
+PPB_URLRequestInfo_Data::PPB_URLRequestInfo_Data()
+    : url(),
+      method(),
+      headers(),
+      stream_to_file(false),
+      follow_redirects(true),
+      record_download_progress(false),
+      record_upload_progress(false),
+      has_custom_referrer_url(false),
+      custom_referrer_url(),
+      allow_cross_origin_requests(false),
+      allow_credentials(false),
+      has_custom_content_transfer_encoding(false),
+      custom_content_transfer_encoding(),
+      prefetch_buffer_upper_threshold(kDefaultPrefetchBufferUpperThreshold),
+      prefetch_buffer_lower_threshold(kDefaultPrefetchBufferLowerThreshold),
+      body() {
+}
+
+PPB_URLRequestInfo_Data::~PPB_URLRequestInfo_Data() {
+}
+
+URLRequestInfoImpl::URLRequestInfoImpl(PP_Instance instance,
+                                       const PPB_URLRequestInfo_Data& data)
+    : Resource(instance),
+      data_(data) {
+}
+
+URLRequestInfoImpl::URLRequestInfoImpl(const HostResource& host_resource,
+                                       const PPB_URLRequestInfo_Data& data)
+    : Resource(host_resource),
+      data_(data) {
+}
+
+URLRequestInfoImpl::~URLRequestInfoImpl() {
+}
+
+thunk::PPB_URLRequestInfo_API* URLRequestInfoImpl::AsPPB_URLRequestInfo_API() {
+  return this;
+}
+
+PP_Bool URLRequestInfoImpl::SetProperty(PP_URLRequestProperty property,
+                                        PP_Var var) {
+  // IMPORTANT: Do not do security validation of parameters at this level
+  // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. This
+  // code is used both in the plugin (which we don't trust) and in the renderer
+  // (which we trust more). When running out-of-process, the plugin calls this
+  // function to configure the PPB_URLRequestInfo_Data, which is then sent to
+  // the renderer and *not* run through SetProperty again.
+  //
+  // This means that anything in the PPB_URLRequestInfo_Data needs to be
+  // validated at the time the URL is requested (which is what ValidateData
+  // does). If your feature requires security checks, it should be in the
+  // implementation in the renderer when the WebKit request is actually
+  // constructed.
+  //
+  // It is legal to do some validation here if you want to report failure to
+  // the plugin as a convenience, as long as you also do it in the renderer
+  // later.
+  PP_Bool result = PP_FALSE;
+  switch (var.type) {
+    case PP_VARTYPE_UNDEFINED:
+      result = PP_FromBool(SetUndefinedProperty(property));
+      break;
+    case PP_VARTYPE_BOOL:
+      result = PP_FromBool(
+          SetBooleanProperty(property, PP_ToBool(var.value.as_bool)));
+      break;
+    case PP_VARTYPE_INT32:
+      result = PP_FromBool(
+          SetIntegerProperty(property, var.value.as_int));
+      break;
+    case PP_VARTYPE_STRING: {
+      StringVar* string = StringVar::FromPPVar(var);
+      if (string)
+        result = PP_FromBool(SetStringProperty(property, string->value()));
+      break;
+    }
+    default:
+      break;
+  }
+  return result;
+}
+
+PP_Bool URLRequestInfoImpl::AppendDataToBody(const void* data, uint32_t len) {
+  if (len > 0) {
+    data_.body.push_back(PPB_URLRequestInfo_Data::BodyItem(
+        std::string(static_cast<const char*>(data), len)));
+  }
+  return PP_TRUE;
+}
+
+PP_Bool URLRequestInfoImpl::AppendFileToBody(
+    PP_Resource file_ref,
+    int64_t start_offset,
+    int64_t number_of_bytes,
+    PP_Time expected_last_modified_time) {
+  EnterResourceNoLock<thunk::PPB_FileRef_API> enter(file_ref, true);
+  if (enter.failed())
+    return PP_FALSE;
+
+  // Ignore a call to append nothing.
+  if (number_of_bytes == 0)
+    return PP_TRUE;
+
+  // Check for bad values.  (-1 means read until end of file.)
+  if (start_offset < 0 || number_of_bytes < -1)
+    return PP_FALSE;
+
+  data_.body.push_back(PPB_URLRequestInfo_Data::BodyItem(
+      enter.resource(),
+      start_offset,
+      number_of_bytes,
+      expected_last_modified_time));
+  return PP_TRUE;
+}
+
+const PPB_URLRequestInfo_Data& URLRequestInfoImpl::GetData() const {
+  return data_;
+}
+
+// static
+std::string URLRequestInfoImpl::ValidateMethod(const std::string& method) {
+  if (!IsValidToken(method))
+    return std::string();
+
+  for (size_t i = 0; i < arraysize(kForbiddenHttpMethods); ++i) {
+    if (LowerCaseEqualsASCII(method, kForbiddenHttpMethods[i]))
+      return std::string();
+  }
+  for (size_t i = 0; i < arraysize(kKnownHttpMethods); ++i) {
+    if (LowerCaseEqualsASCII(method, kKnownHttpMethods[i])) {
+      // Convert the method name to upper case to match Webkit and Firefox's
+      // XHR implementation.
+      return StringToUpperASCII(std::string(kKnownHttpMethods[i]));
+    }
+  }
+  // Pass through unknown methods that are not forbidden.
+  return method;
+}
+
+bool URLRequestInfoImpl::SetUndefinedProperty(PP_URLRequestProperty property) {
+  // IMPORTANT: Do not do security validation of parameters at this level
+  // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See
+  // SetProperty() above for why.
+  switch (property) {
+    case PP_URLREQUESTPROPERTY_CUSTOMREFERRERURL:
+      data_.has_custom_referrer_url = false;
+      data_.custom_referrer_url = std::string();
+      return true;
+    case PP_URLREQUESTPROPERTY_CUSTOMCONTENTTRANSFERENCODING:
+      data_.has_custom_content_transfer_encoding = false;
+      data_.custom_content_transfer_encoding = std::string();
+      return true;
+    default:
+      return false;
+  }
+}
+
+bool URLRequestInfoImpl::SetBooleanProperty(PP_URLRequestProperty property,
+                                            bool value) {
+  // IMPORTANT: Do not do security validation of parameters at this level
+  // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See
+  // SetProperty() above for why.
+  switch (property) {
+    case PP_URLREQUESTPROPERTY_STREAMTOFILE:
+      data_.stream_to_file = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_FOLLOWREDIRECTS:
+      data_.follow_redirects = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_RECORDDOWNLOADPROGRESS:
+      data_.record_download_progress = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_RECORDUPLOADPROGRESS:
+      data_.record_upload_progress = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_ALLOWCROSSORIGINREQUESTS:
+      data_.allow_cross_origin_requests = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_ALLOWCREDENTIALS:
+      data_.allow_credentials = value;
+      return true;
+    default:
+      return false;
+  }
+}
+
+bool URLRequestInfoImpl::SetIntegerProperty(PP_URLRequestProperty property,
+                                            int32_t value) {
+  // IMPORTANT: Do not do security validation of parameters at this level
+  // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See
+  // SetProperty() above for why.
+  switch (property) {
+    case PP_URLREQUESTPROPERTY_PREFETCHBUFFERUPPERTHRESHOLD:
+      data_.prefetch_buffer_upper_threshold = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_PREFETCHBUFFERLOWERTHRESHOLD:
+      data_.prefetch_buffer_lower_threshold = value;
+      return true;
+    default:
+      return false;
+  }
+}
+
+bool URLRequestInfoImpl::SetStringProperty(PP_URLRequestProperty property,
+                                           const std::string& value) {
+  // IMPORTANT: Do not do security validation of parameters at this level
+  // without also adding them to PPB_URLRequestInfo_Impl::ValidateData. See
+  // SetProperty() above for why.
+  switch (property) {
+    case PP_URLREQUESTPROPERTY_URL:
+      data_.url = value;  // NOTE: This may be a relative URL.
+      return true;
+    case PP_URLREQUESTPROPERTY_METHOD: {
+      // Convenience check for synchronously returning errors to the plugin.
+      // This is re-checked in ValidateData.
+      std::string canonicalized = ValidateMethod(value);
+      if (canonicalized.empty())
+        return false;
+      data_.method = canonicalized;
+      return true;
+    }
+    case PP_URLREQUESTPROPERTY_HEADERS:
+      data_.headers = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_CUSTOMREFERRERURL:
+      data_.has_custom_referrer_url = true;
+      data_.custom_referrer_url = value;
+      return true;
+    case PP_URLREQUESTPROPERTY_CUSTOMCONTENTTRANSFERENCODING:
+      data_.has_custom_content_transfer_encoding = true;
+      data_.custom_content_transfer_encoding = value;
+      return true;
+    default:
+      return false;
+  }
+}
+
+}  // namespace ppapi