| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/chrome_content_renderer_client.h" | 5 #include "chrome/renderer/chrome_content_renderer_client.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 79 #include "third_party/WebKit/Source/WebKit/chromium/public/WebURLError.h" | 79 #include "third_party/WebKit/Source/WebKit/chromium/public/WebURLError.h" |
| 80 #include "third_party/WebKit/Source/WebKit/chromium/public/WebURLRequest.h" | 80 #include "third_party/WebKit/Source/WebKit/chromium/public/WebURLRequest.h" |
| 81 #include "ui/base/l10n/l10n_util.h" | 81 #include "ui/base/l10n/l10n_util.h" |
| 82 #include "ui/base/resource/resource_bundle.h" | 82 #include "ui/base/resource/resource_bundle.h" |
| 83 #include "webkit/plugins/npapi/plugin_list.h" | 83 #include "webkit/plugins/npapi/plugin_list.h" |
| 84 #include "webkit/plugins/ppapi/plugin_module.h" | 84 #include "webkit/plugins/ppapi/plugin_module.h" |
| 85 #include "webkit/plugins/ppapi/ppapi_interface_factory.h" | 85 #include "webkit/plugins/ppapi/ppapi_interface_factory.h" |
| 86 | 86 |
| 87 using WebKit::WebCache; | 87 using WebKit::WebCache; |
| 88 using WebKit::WebDataSource; | 88 using WebKit::WebDataSource; |
| 89 using WebKit::WebDocument; |
| 89 using WebKit::WebFrame; | 90 using WebKit::WebFrame; |
| 90 using WebKit::WebPlugin; | 91 using WebKit::WebPlugin; |
| 91 using WebKit::WebPluginParams; | 92 using WebKit::WebPluginParams; |
| 92 using WebKit::WebSecurityOrigin; | 93 using WebKit::WebSecurityOrigin; |
| 93 using WebKit::WebSecurityPolicy; | 94 using WebKit::WebSecurityPolicy; |
| 94 using WebKit::WebString; | 95 using WebKit::WebString; |
| 95 using WebKit::WebURL; | 96 using WebKit::WebURL; |
| 96 using WebKit::WebURLError; | 97 using WebKit::WebURLError; |
| 97 using WebKit::WebURLRequest; | 98 using WebKit::WebURLRequest; |
| 98 using WebKit::WebURLResponse; | 99 using WebKit::WebURLResponse; |
| (...skipping 334 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 433 break; | 434 break; |
| 434 } | 435 } |
| 435 } | 436 } |
| 436 break; | 437 break; |
| 437 } | 438 } |
| 438 } | 439 } |
| 439 } | 440 } |
| 440 | 441 |
| 441 // Determine if the manifest URL is part of an extension. | 442 // Determine if the manifest URL is part of an extension. |
| 442 const Extension* extension = | 443 const Extension* extension = |
| 443 extension_dispatcher_->extensions()->GetByURL(manifest_url); | 444 extension_dispatcher_->extensions()->GetByURL( |
| 445 ExtensionURLInfo(manifest_url)); |
| 444 // Only component, unpacked, and Chrome Web Store extensions are allowed. | 446 // Only component, unpacked, and Chrome Web Store extensions are allowed. |
| 445 bool allowed_extension = extension && | 447 bool allowed_extension = extension && |
| 446 (extension->from_webstore() || | 448 (extension->from_webstore() || |
| 447 extension->location() == Extension::COMPONENT || | 449 extension->location() == Extension::COMPONENT || |
| 448 extension->location() == Extension::LOAD); | 450 extension->location() == Extension::LOAD); |
| 449 | 451 |
| 450 // Block any other use of NaCl plugin, unless --enable-nacl is set. | 452 // Block any other use of NaCl plugin, unless --enable-nacl is set. |
| 451 if (!allowed_extension && !enable_nacl) | 453 if (!allowed_extension && !enable_nacl) |
| 452 return false; | 454 return false; |
| 453 | 455 |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 505 const WebKit::WebURLError& error, | 507 const WebKit::WebURLError& error, |
| 506 std::string* error_html, | 508 std::string* error_html, |
| 507 string16* error_description) { | 509 string16* error_description) { |
| 508 const GURL failed_url = error.unreachableURL; | 510 const GURL failed_url = error.unreachableURL; |
| 509 const Extension* extension = NULL; | 511 const Extension* extension = NULL; |
| 510 const bool is_repost = | 512 const bool is_repost = |
| 511 error.reason == net::ERR_CACHE_MISS && | 513 error.reason == net::ERR_CACHE_MISS && |
| 512 error.domain == WebString::fromUTF8(net::kErrorDomain) && | 514 error.domain == WebString::fromUTF8(net::kErrorDomain) && |
| 513 EqualsASCII(failed_request.httpMethod(), "POST"); | 515 EqualsASCII(failed_request.httpMethod(), "POST"); |
| 514 | 516 |
| 515 if (failed_url.is_valid() && !failed_url.SchemeIs(chrome::kExtensionScheme)) | 517 if (failed_url.is_valid() && !failed_url.SchemeIs(chrome::kExtensionScheme)) { |
| 516 extension = extension_dispatcher_->extensions()->GetByURL(failed_url); | 518 extension = extension_dispatcher_->extensions()->GetByURL( |
| 519 ExtensionURLInfo(failed_url)); |
| 520 } |
| 517 | 521 |
| 518 if (error_html) { | 522 if (error_html) { |
| 519 // Use a local error page. | 523 // Use a local error page. |
| 520 int resource_id; | 524 int resource_id; |
| 521 DictionaryValue error_strings; | 525 DictionaryValue error_strings; |
| 522 if (extension) { | 526 if (extension) { |
| 523 LocalizedError::GetAppErrorStrings(error, failed_url, extension, | 527 LocalizedError::GetAppErrorStrings(error, failed_url, extension, |
| 524 &error_strings); | 528 &error_strings); |
| 525 | 529 |
| 526 // TODO(erikkay): Should we use a different template for different | 530 // TODO(erikkay): Should we use a different template for different |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 575 if (!CrossesExtensionExtents(frame, url, is_initial_navigation)) | 579 if (!CrossesExtensionExtents(frame, url, is_initial_navigation)) |
| 576 return false; | 580 return false; |
| 577 | 581 |
| 578 // Include the referrer in this case since we're going from a hosted web | 582 // Include the referrer in this case since we're going from a hosted web |
| 579 // page. (the packaged case is handled previously by the extension | 583 // page. (the packaged case is handled previously by the extension |
| 580 // navigation test) | 584 // navigation test) |
| 581 *send_referrer = true; | 585 *send_referrer = true; |
| 582 | 586 |
| 583 if (is_content_initiated) { | 587 if (is_content_initiated) { |
| 584 const Extension* extension = | 588 const Extension* extension = |
| 585 extension_dispatcher_->extensions()->GetByURL(url); | 589 extension_dispatcher_->extensions()->GetByURL(ExtensionURLInfo(url)); |
| 586 if (extension && extension->is_app()) { | 590 if (extension && extension->is_app()) { |
| 587 UMA_HISTOGRAM_ENUMERATION( | 591 UMA_HISTOGRAM_ENUMERATION( |
| 588 extension_misc::kAppLaunchHistogram, | 592 extension_misc::kAppLaunchHistogram, |
| 589 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION, | 593 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION, |
| 590 extension_misc::APP_LAUNCH_BUCKET_BOUNDARY); | 594 extension_misc::APP_LAUNCH_BUCKET_BOUNDARY); |
| 591 } | 595 } |
| 592 } | 596 } |
| 593 | 597 |
| 594 return true; | 598 return true; |
| 595 } | 599 } |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 684 } | 688 } |
| 685 | 689 |
| 686 void ChromeContentRendererClient::SetExtensionDispatcher( | 690 void ChromeContentRendererClient::SetExtensionDispatcher( |
| 687 ExtensionDispatcher* extension_dispatcher) { | 691 ExtensionDispatcher* extension_dispatcher) { |
| 688 extension_dispatcher_.reset(extension_dispatcher); | 692 extension_dispatcher_.reset(extension_dispatcher); |
| 689 } | 693 } |
| 690 | 694 |
| 691 const Extension* ChromeContentRendererClient::GetNonBookmarkAppExtension( | 695 const Extension* ChromeContentRendererClient::GetNonBookmarkAppExtension( |
| 692 const ExtensionSet* extensions, const GURL& url) { | 696 const ExtensionSet* extensions, const GURL& url) { |
| 693 // Exclude bookmark apps, which do not use the app process model. | 697 // Exclude bookmark apps, which do not use the app process model. |
| 694 const Extension* extension = extensions->GetByURL(url); | 698 const Extension* extension = extensions->GetByURL(ExtensionURLInfo(url)); |
| 695 if (extension && extension->from_bookmark()) | 699 if (extension && extension->from_bookmark()) |
| 696 extension = NULL; | 700 extension = NULL; |
| 697 return extension; | 701 return extension; |
| 698 } | 702 } |
| 699 | 703 |
| 700 bool ChromeContentRendererClient::CrossesExtensionExtents( | 704 bool ChromeContentRendererClient::CrossesExtensionExtents( |
| 701 WebFrame* frame, | 705 WebFrame* frame, |
| 702 const GURL& new_url, | 706 const GURL& new_url, |
| 703 bool is_initial_navigation) { | 707 bool is_initial_navigation) { |
| 704 const ExtensionSet* extensions = extension_dispatcher_->extensions(); | 708 const ExtensionSet* extensions = extension_dispatcher_->extensions(); |
| 705 GURL old_url(frame->top()->document().url()); | 709 GURL old_url(frame->top()->document().url()); |
| 706 | 710 |
| 707 // Determine if the new URL is an extension (excluding bookmark apps). | 711 // Determine if the new URL is an extension (excluding bookmark apps). |
| 708 const Extension* new_url_extension = GetNonBookmarkAppExtension(extensions, | 712 const Extension* new_url_extension = GetNonBookmarkAppExtension(extensions, |
| 709 new_url); | 713 new_url); |
| 710 | 714 |
| 711 // If old_url is still empty and this is an initial navigation, then this is | 715 // If old_url is still empty and this is an initial navigation, then this is |
| 712 // a window.open operation. We should look at the opener URL. | 716 // a window.open operation. We should look at the opener URL. |
| 713 if (is_initial_navigation && old_url.is_empty() && frame->opener()) { | 717 if (is_initial_navigation && old_url.is_empty() && frame->opener()) { |
| 714 // If we're about to open a normal web page from a same-origin opener stuck | 718 // If we're about to open a normal web page from a same-origin opener stuck |
| 715 // in an extension process, we want to keep it in process to allow the | 719 // in an extension process, we want to keep it in process to allow the |
| 716 // opener to script it. | 720 // opener to script it. |
| 717 GURL opener_url = frame->opener()->document().url(); | 721 WebDocument opener_document = frame->opener()->document(); |
| 718 bool opener_is_extension_url = !!extensions->GetByURL(opener_url); | 722 GURL opener_url = opener_document.url(); |
| 723 WebSecurityOrigin opener_origin = opener_document.securityOrigin(); |
| 724 bool opener_is_extension_url = !!extensions->GetByURL( |
| 725 ExtensionURLInfo(opener_origin, opener_url)); |
| 719 WebSecurityOrigin opener = frame->opener()->document().securityOrigin(); | 726 WebSecurityOrigin opener = frame->opener()->document().securityOrigin(); |
| 720 if (!new_url_extension && | 727 if (!new_url_extension && |
| 721 !opener_is_extension_url && | 728 !opener_is_extension_url && |
| 722 extension_dispatcher_->is_extension_process() && | 729 extension_dispatcher_->is_extension_process() && |
| 723 opener.canRequest(WebURL(new_url))) | 730 opener.canRequest(WebURL(new_url))) |
| 724 return false; | 731 return false; |
| 725 | 732 |
| 726 // In all other cases, we want to compare against the top frame's URL (as | 733 // In all other cases, we want to compare against the top frame's URL (as |
| 727 // opposed to the opener frame's), since that's what determines the type of | 734 // opposed to the opener frame's), since that's what determines the type of |
| 728 // process. This allows iframes outside an app to open a popup in the app. | 735 // process. This allows iframes outside an app to open a popup in the app. |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 779 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() { | 786 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() { |
| 780 return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled(); | 787 return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled(); |
| 781 } | 788 } |
| 782 | 789 |
| 783 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories( | 790 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories( |
| 784 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { | 791 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { |
| 785 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); | 792 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); |
| 786 } | 793 } |
| 787 | 794 |
| 788 } // namespace chrome | 795 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8659009:
Consider the origin when computing extension permissions (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/