OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/renderer/chrome_render_view_observer.h" | 5 #include "chrome/renderer/chrome_render_view_observer.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/message_loop.h" | 8 #include "base/message_loop.h" |
9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
10 #include "base/string_util.h" | 10 #include "base/string_util.h" |
11 #include "chrome/common/chrome_constants.h" | 11 #include "chrome/common/chrome_constants.h" |
12 #include "chrome/common/chrome_switches.h" | 12 #include "chrome/common/chrome_switches.h" |
13 #include "chrome/common/chrome_version_info.h" | |
13 #include "chrome/common/icon_messages.h" | 14 #include "chrome/common/icon_messages.h" |
14 #include "chrome/common/render_messages.h" | 15 #include "chrome/common/render_messages.h" |
15 #include "chrome/common/thumbnail_score.h" | 16 #include "chrome/common/thumbnail_score.h" |
16 #include "chrome/common/url_constants.h" | 17 #include "chrome/common/url_constants.h" |
17 #include "chrome/renderer/about_handler.h" | 18 #include "chrome/renderer/about_handler.h" |
18 #include "chrome/renderer/automation/dom_automation_controller.h" | 19 #include "chrome/renderer/automation/dom_automation_controller.h" |
19 #include "chrome/renderer/content_settings_observer.h" | 20 #include "chrome/renderer/content_settings_observer.h" |
20 #include "chrome/renderer/extensions/extension_dispatcher.h" | 21 #include "chrome/renderer/extensions/extension_dispatcher.h" |
21 #include "chrome/renderer/external_host_bindings.h" | 22 #include "chrome/renderer/external_host_bindings.h" |
22 #include "chrome/renderer/frame_sniffer.h" | 23 #include "chrome/renderer/frame_sniffer.h" |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
78 // maximum number of characters in the document to index, any text beyond this | 79 // maximum number of characters in the document to index, any text beyond this |
79 // point will be clipped | 80 // point will be clipped |
80 static const size_t kMaxIndexChars = 65535; | 81 static const size_t kMaxIndexChars = 65535; |
81 | 82 |
82 // Size of the thumbnails that we'll generate | 83 // Size of the thumbnails that we'll generate |
83 static const int kThumbnailWidth = 212; | 84 static const int kThumbnailWidth = 212; |
84 static const int kThumbnailHeight = 132; | 85 static const int kThumbnailHeight = 132; |
85 | 86 |
86 // Constants for UMA statistic collection. | 87 // Constants for UMA statistic collection. |
87 static const char kSSLInsecureContent[] = "SSL.InsecureContent"; | 88 static const char kSSLInsecureContent[] = "SSL.InsecureContent"; |
88 static const char kDotGoogleDotCom[] = ".google.com"; | |
89 static const char kWWWDotGoogleDotCom[] = "www.google.com"; | 89 static const char kWWWDotGoogleDotCom[] = "www.google.com"; |
90 static const char kMailDotGoogleDotCom[] = "mail.google.com"; | 90 static const char kMailDotGoogleDotCom[] = "mail.google.com"; |
91 static const char kPlusDotGoogleDotCom[] = "plus.google.com"; | 91 static const char kPlusDotGoogleDotCom[] = "plus.google.com"; |
92 static const char kDocsDotGoogleDotCom[] = "docs.google.com"; | 92 static const char kDocsDotGoogleDotCom[] = "docs.google.com"; |
93 static const char kSitesDotGoogleDotCom[] = "sites.google.com"; | 93 static const char kSitesDotGoogleDotCom[] = "sites.google.com"; |
94 static const char kPicasawebDotGoogleDotCom[] = "picasaweb.google.com"; | 94 static const char kPicasawebDotGoogleDotCom[] = "picasaweb.google.com"; |
95 static const char kCodeDotGoogleDotCom[] = "code.google.com"; | 95 static const char kCodeDotGoogleDotCom[] = "code.google.com"; |
96 static const char kGroupsDotGoogleDotCom[] = "groups.google.com"; | 96 static const char kGroupsDotGoogleDotCom[] = "groups.google.com"; |
97 static const char kMapsDotGoogleDotCom[] = "maps.google.com"; | 97 static const char kMapsDotGoogleDotCom[] = "maps.google.com"; |
98 static const char kWWWDotYoutubeDotCom[] = "www.youtube.com"; | 98 static const char kWWWDotYoutubeDotCom[] = "www.youtube.com"; |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
137 INSECURE_CONTENT_RUN_HOST_GROUPS_GOOGLE, | 137 INSECURE_CONTENT_RUN_HOST_GROUPS_GOOGLE, |
138 INSECURE_CONTENT_DISPLAY_HOST_MAPS_GOOGLE, | 138 INSECURE_CONTENT_DISPLAY_HOST_MAPS_GOOGLE, |
139 INSECURE_CONTENT_RUN_HOST_MAPS_GOOGLE, | 139 INSECURE_CONTENT_RUN_HOST_MAPS_GOOGLE, |
140 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT, | 140 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT, |
141 INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT, | 141 INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT, |
142 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_INTL, | 142 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_INTL, |
143 INSECURE_CONTENT_RUN_HOST_GOOGLE_INTL, | 143 INSECURE_CONTENT_RUN_HOST_GOOGLE_INTL, |
144 INSECURE_CONTENT_NUM_EVENTS | 144 INSECURE_CONTENT_NUM_EVENTS |
145 }; | 145 }; |
146 | 146 |
147 // Constants for mixed-content blocking. | |
148 static const char kGoogleDotCom[] = "google.com"; | |
149 static const char kFacebookDotCom[] = "facebook.com"; | |
scarybeasts
2011/10/04 01:30:30
Nit: recommend alphabetical order.
| |
150 static const char kTwitterDotCom[] = "twitter.com"; | |
151 | |
147 static bool PaintViewIntoCanvas(WebView* view, | 152 static bool PaintViewIntoCanvas(WebView* view, |
148 skia::PlatformCanvas& canvas) { | 153 skia::PlatformCanvas& canvas) { |
149 view->layout(); | 154 view->layout(); |
150 const WebSize& size = view->size(); | 155 const WebSize& size = view->size(); |
151 | 156 |
152 if (!canvas.initialize(size.width, size.height, true)) | 157 if (!canvas.initialize(size.width, size.height, true)) |
153 return false; | 158 return false; |
154 | 159 |
155 view->paint(webkit_glue::ToWebCanvas(&canvas), | 160 view->paint(webkit_glue::ToWebCanvas(&canvas), |
156 WebRect(0, 0, size.width, size.height)); | 161 WebRect(0, 0, size.width, size.height)); |
(...skipping 23 matching lines...) Expand all Loading... | |
180 case WebIconURL::TypeTouch: | 185 case WebIconURL::TypeTouch: |
181 return FaviconURL::TOUCH_ICON; | 186 return FaviconURL::TOUCH_ICON; |
182 case WebIconURL::TypeTouchPrecomposed: | 187 case WebIconURL::TypeTouchPrecomposed: |
183 return FaviconURL::TOUCH_PRECOMPOSED_ICON; | 188 return FaviconURL::TOUCH_PRECOMPOSED_ICON; |
184 case WebIconURL::TypeInvalid: | 189 case WebIconURL::TypeInvalid: |
185 return FaviconURL::INVALID_ICON; | 190 return FaviconURL::INVALID_ICON; |
186 } | 191 } |
187 return FaviconURL::INVALID_ICON; | 192 return FaviconURL::INVALID_ICON; |
188 } | 193 } |
189 | 194 |
195 static bool isHostInDomain(const std::string& host, const std::string& domain) { | |
196 return (EndsWith(host, domain, false) && | |
197 (host.length() == domain.length() || | |
198 (host.length() > domain.length() && | |
199 host[host.length() - domain.length() - 1] == '.'))); | |
200 } | |
201 | |
190 namespace { | 202 namespace { |
191 GURL StripRef(const GURL& url) { | 203 GURL StripRef(const GURL& url) { |
192 GURL::Replacements replacements; | 204 GURL::Replacements replacements; |
193 replacements.ClearRef(); | 205 replacements.ClearRef(); |
194 return url.ReplaceComponents(replacements); | 206 return url.ReplaceComponents(replacements); |
195 } | 207 } |
196 } // namespace | 208 } // namespace |
197 | 209 |
198 ChromeRenderViewObserver::ChromeRenderViewObserver( | 210 ChromeRenderViewObserver::ChromeRenderViewObserver( |
199 RenderView* render_view, | 211 RenderView* render_view, |
(...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
423 bool ChromeRenderViewObserver::allowDisplayingInsecureContent( | 435 bool ChromeRenderViewObserver::allowDisplayingInsecureContent( |
424 WebKit::WebFrame* frame, | 436 WebKit::WebFrame* frame, |
425 bool allowed_per_settings, | 437 bool allowed_per_settings, |
426 const WebKit::WebSecurityOrigin& origin, | 438 const WebKit::WebSecurityOrigin& origin, |
427 const WebKit::WebURL& url) { | 439 const WebKit::WebURL& url) { |
428 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 440 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
429 INSECURE_CONTENT_DISPLAY, | 441 INSECURE_CONTENT_DISPLAY, |
430 INSECURE_CONTENT_NUM_EVENTS); | 442 INSECURE_CONTENT_NUM_EVENTS); |
431 std::string host(origin.host().utf8()); | 443 std::string host(origin.host().utf8()); |
432 GURL frame_url(frame->document().url()); | 444 GURL frame_url(frame->document().url()); |
433 if (EndsWith(host, kDotGoogleDotCom, false)) { | 445 if (isHostInDomain(host, kGoogleDotCom)) { |
434 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 446 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
435 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE, | 447 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE, |
436 INSECURE_CONTENT_NUM_EVENTS); | 448 INSECURE_CONTENT_NUM_EVENTS); |
437 if (StartsWithASCII(frame_url.path(), kGoogleSupportPathPrefix, false)) { | 449 if (StartsWithASCII(frame_url.path(), kGoogleSupportPathPrefix, false)) { |
438 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 450 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
439 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT, | 451 INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT, |
440 INSECURE_CONTENT_NUM_EVENTS); | 452 INSECURE_CONTENT_NUM_EVENTS); |
441 } else if (StartsWithASCII(frame_url.path(), | 453 } else if (StartsWithASCII(frame_url.path(), |
442 kGoogleIntlPathPrefix, | 454 kGoogleIntlPathPrefix, |
443 false)) { | 455 false)) { |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
509 bool ChromeRenderViewObserver::allowRunningInsecureContent( | 521 bool ChromeRenderViewObserver::allowRunningInsecureContent( |
510 WebKit::WebFrame* frame, | 522 WebKit::WebFrame* frame, |
511 bool allowed_per_settings, | 523 bool allowed_per_settings, |
512 const WebKit::WebSecurityOrigin& origin, | 524 const WebKit::WebSecurityOrigin& origin, |
513 const WebKit::WebURL& url) { | 525 const WebKit::WebURL& url) { |
514 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 526 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
515 INSECURE_CONTENT_RUN, | 527 INSECURE_CONTENT_RUN, |
516 INSECURE_CONTENT_NUM_EVENTS); | 528 INSECURE_CONTENT_NUM_EVENTS); |
517 std::string host(origin.host().utf8()); | 529 std::string host(origin.host().utf8()); |
518 GURL frame_url(frame->document().url()); | 530 GURL frame_url(frame->document().url()); |
519 if (EndsWith(host, kDotGoogleDotCom, false)) { | 531 bool is_google = isHostInDomain(host, kGoogleDotCom); |
532 if (is_google) { | |
520 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 533 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
521 INSECURE_CONTENT_RUN_HOST_GOOGLE, | 534 INSECURE_CONTENT_RUN_HOST_GOOGLE, |
522 INSECURE_CONTENT_NUM_EVENTS); | 535 INSECURE_CONTENT_NUM_EVENTS); |
523 if (StartsWithASCII(frame_url.path(), kGoogleSupportPathPrefix, false)) { | 536 if (StartsWithASCII(frame_url.path(), kGoogleSupportPathPrefix, false)) { |
524 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 537 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
525 INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT, | 538 INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT, |
526 INSECURE_CONTENT_NUM_EVENTS); | 539 INSECURE_CONTENT_NUM_EVENTS); |
527 } else if (StartsWithASCII(frame_url.path(), | 540 } else if (StartsWithASCII(frame_url.path(), |
528 kGoogleIntlPathPrefix, | 541 kGoogleIntlPathPrefix, |
529 false)) { | 542 false)) { |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
595 } else if (EndsWith(gurl.path(), kDotCSS, false)) { | 608 } else if (EndsWith(gurl.path(), kDotCSS, false)) { |
596 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 609 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
597 INSECURE_CONTENT_RUN_CSS, | 610 INSECURE_CONTENT_RUN_CSS, |
598 INSECURE_CONTENT_NUM_EVENTS); | 611 INSECURE_CONTENT_NUM_EVENTS); |
599 } else if (EndsWith(gurl.path(), kDotSWF, false)) { | 612 } else if (EndsWith(gurl.path(), kDotSWF, false)) { |
600 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, | 613 UMA_HISTOGRAM_ENUMERATION(kSSLInsecureContent, |
601 INSECURE_CONTENT_RUN_SWF, | 614 INSECURE_CONTENT_RUN_SWF, |
602 INSECURE_CONTENT_NUM_EVENTS); | 615 INSECURE_CONTENT_NUM_EVENTS); |
603 } | 616 } |
604 | 617 |
605 if (allowed_per_settings || allow_running_insecure_content_) | 618 if (allow_running_insecure_content_ || allowed_per_settings) |
606 return true; | 619 return true; |
607 | 620 |
621 bool enforce_insecure_content_on_all_domains = | |
622 (chrome::VersionInfo::GetChannel() != chrome::VersionInfo::CHANNEL_STABLE | |
623 || CommandLine::ForCurrentProcess()->HasSwitch( | |
624 switches::kNoRunningInsecureContent)); | |
625 | |
626 if (!enforce_insecure_content_on_all_domains) { | |
627 bool mandatory_enforcement = (is_google || | |
628 isHostInDomain(host, kFacebookDotCom) || | |
629 isHostInDomain(host, kTwitterDotCom)); | |
630 if (!mandatory_enforcement) | |
631 return true; | |
632 } | |
633 | |
608 Send(new ChromeViewHostMsg_DidBlockRunningInsecureContent(routing_id())); | 634 Send(new ChromeViewHostMsg_DidBlockRunningInsecureContent(routing_id())); |
609 return false; | 635 return false; |
610 } | 636 } |
611 | 637 |
612 void ChromeRenderViewObserver::didNotAllowPlugins(WebFrame* frame) { | 638 void ChromeRenderViewObserver::didNotAllowPlugins(WebFrame* frame) { |
613 content_settings_->DidNotAllowPlugins(frame); | 639 content_settings_->DidNotAllowPlugins(frame); |
614 } | 640 } |
615 | 641 |
616 void ChromeRenderViewObserver::didNotAllowScript(WebFrame* frame) { | 642 void ChromeRenderViewObserver::didNotAllowScript(WebFrame* frame) { |
617 content_settings_->DidNotAllowScript(frame); | 643 content_settings_->DidNotAllowScript(frame); |
(...skipping 384 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1002 // Decode the favicon using WebKit's image decoder. | 1028 // Decode the favicon using WebKit's image decoder. |
1003 webkit_glue::ImageDecoder decoder( | 1029 webkit_glue::ImageDecoder decoder( |
1004 gfx::Size(gfx::kFaviconSize, gfx::kFaviconSize)); | 1030 gfx::Size(gfx::kFaviconSize, gfx::kFaviconSize)); |
1005 const unsigned char* src_data = | 1031 const unsigned char* src_data = |
1006 reinterpret_cast<const unsigned char*>(&data[0]); | 1032 reinterpret_cast<const unsigned char*>(&data[0]); |
1007 | 1033 |
1008 return decoder.Decode(src_data, data.size()); | 1034 return decoder.Decode(src_data, data.size()); |
1009 } | 1035 } |
1010 return SkBitmap(); | 1036 return SkBitmap(); |
1011 } | 1037 } |
OLD | NEW |