OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "webkit/plugins/npapi/plugin_host.h" | 5 #include "webkit/plugins/npapi/plugin_host.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/file_util.h" | 8 #include "base/file_util.h" |
9 #include "base/logging.h" | 9 #include "base/logging.h" |
10 #include "base/memory/scoped_ptr.h" | 10 #include "base/memory/scoped_ptr.h" |
(...skipping 449 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
460 // This is risky as someone could exploit a plugin to send private | 460 // This is risky as someone could exploit a plugin to send private |
461 // data in arbitrary locations. | 461 // data in arbitrary locations. |
462 // A malicious (non-sandboxed) plugin has unfeterred access to OS | 462 // A malicious (non-sandboxed) plugin has unfeterred access to OS |
463 // resources and can do this anyway without using browser's HTTP stack. | 463 // resources and can do this anyway without using browser's HTTP stack. |
464 // FWIW, Firefox and Safari don't perform any security checks. | 464 // FWIW, Firefox and Safari don't perform any security checks. |
465 | 465 |
466 if (!buf) | 466 if (!buf) |
467 return NPERR_FILE_NOT_FOUND; | 467 return NPERR_FILE_NOT_FOUND; |
468 | 468 |
469 std::string file_path_ascii(buf); | 469 std::string file_path_ascii(buf); |
470 FilePath file_path; | 470 base::FilePath file_path; |
471 static const char kFileUrlPrefix[] = "file:"; | 471 static const char kFileUrlPrefix[] = "file:"; |
472 if (StartsWithASCII(file_path_ascii, kFileUrlPrefix, false)) { | 472 if (StartsWithASCII(file_path_ascii, kFileUrlPrefix, false)) { |
473 GURL file_url(file_path_ascii); | 473 GURL file_url(file_path_ascii); |
474 DCHECK(file_url.SchemeIsFile()); | 474 DCHECK(file_url.SchemeIsFile()); |
475 net::FileURLToFilePath(file_url, &file_path); | 475 net::FileURLToFilePath(file_url, &file_path); |
476 } else { | 476 } else { |
477 file_path = FilePath::FromWStringHack( | 477 file_path = base::FilePath::FromWStringHack( |
478 base::SysNativeMBToWide(file_path_ascii)); | 478 base::SysNativeMBToWide(file_path_ascii)); |
479 } | 479 } |
480 | 480 |
481 base::PlatformFileInfo post_file_info; | 481 base::PlatformFileInfo post_file_info; |
482 if (!file_util::GetFileInfo(file_path, &post_file_info) || | 482 if (!file_util::GetFileInfo(file_path, &post_file_info) || |
483 post_file_info.is_directory) | 483 post_file_info.is_directory) |
484 return NPERR_FILE_NOT_FOUND; | 484 return NPERR_FILE_NOT_FOUND; |
485 | 485 |
486 if (!file_util::ReadFileToString(file_path, &post_file_contents)) | 486 if (!file_util::ReadFileToString(file_path, &post_file_contents)) |
487 return NPERR_FILE_NOT_FOUND; | 487 return NPERR_FILE_NOT_FOUND; |
(...skipping 623 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1111 } | 1111 } |
1112 | 1112 |
1113 void NPN_URLRedirectResponse(NPP instance, void* notify_data, NPBool allow) { | 1113 void NPN_URLRedirectResponse(NPP instance, void* notify_data, NPBool allow) { |
1114 scoped_refptr<PluginInstance> plugin(FindInstance(instance)); | 1114 scoped_refptr<PluginInstance> plugin(FindInstance(instance)); |
1115 if (plugin.get()) { | 1115 if (plugin.get()) { |
1116 plugin->URLRedirectResponse(!!allow, notify_data); | 1116 plugin->URLRedirectResponse(!!allow, notify_data); |
1117 } | 1117 } |
1118 } | 1118 } |
1119 | 1119 |
1120 } // extern "C" | 1120 } // extern "C" |
OLD | NEW |