OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/renderer/chrome_content_renderer_client.h" | 5 #include "chrome/renderer/chrome_content_renderer_client.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
124 using WebKit::WebString; | 124 using WebKit::WebString; |
125 using WebKit::WebURL; | 125 using WebKit::WebURL; |
126 using WebKit::WebURLError; | 126 using WebKit::WebURLError; |
127 using WebKit::WebURLRequest; | 127 using WebKit::WebURLRequest; |
128 using WebKit::WebURLResponse; | 128 using WebKit::WebURLResponse; |
129 using WebKit::WebVector; | 129 using WebKit::WebVector; |
130 | 130 |
131 namespace { | 131 namespace { |
132 | 132 |
133 const char kWebViewTagName[] = "WEBVIEW"; | 133 const char kWebViewTagName[] = "WEBVIEW"; |
134 const char kAdViewTagName[] = "ADVIEW"; | |
134 | 135 |
135 // Explicitly register all extension ManifestHandlers needed to parse | 136 // Explicitly register all extension ManifestHandlers needed to parse |
136 // fields used in the renderer. | 137 // fields used in the renderer. |
137 void RegisterExtensionManifestHandlers() { | 138 void RegisterExtensionManifestHandlers() { |
138 (new extensions::BackgroundManifestHandler)->Register(); | 139 (new extensions::BackgroundManifestHandler)->Register(); |
139 (new extensions::DevToolsPageHandler)->Register(); | 140 (new extensions::DevToolsPageHandler)->Register(); |
140 (new extensions::WebAccessibleResourcesHandler)->Register(); | 141 (new extensions::WebAccessibleResourcesHandler)->Register(); |
141 (new extensions::PageActionHandler)->Register(); | 142 (new extensions::PageActionHandler)->Register(); |
142 (new extensions::CSPHandler(false))->Register(); // not platform app. | 143 (new extensions::CSPHandler(false))->Register(); // not platform app. |
143 (new extensions::CSPHandler(true))->Register(); // platform app. | 144 (new extensions::CSPHandler(true))->Register(); // platform app. |
(...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
393 if (orig_mime_type == content::kBrowserPluginMimeType) { | 394 if (orig_mime_type == content::kBrowserPluginMimeType) { |
394 if (CommandLine::ForCurrentProcess()->HasSwitch( | 395 if (CommandLine::ForCurrentProcess()->HasSwitch( |
395 switches::kEnableBrowserPluginForAllViewTypes)) | 396 switches::kEnableBrowserPluginForAllViewTypes)) |
396 return false; | 397 return false; |
397 WebDocument document = frame->document(); | 398 WebDocument document = frame->document(); |
398 const Extension* extension = | 399 const Extension* extension = |
399 GetExtension(document.securityOrigin()); | 400 GetExtension(document.securityOrigin()); |
400 if (extension && extension->HasAPIPermission( | 401 if (extension && extension->HasAPIPermission( |
401 extensions::APIPermission::kWebView)) | 402 extensions::APIPermission::kWebView)) |
402 return false; | 403 return false; |
404 if (extension && extension->HasAPIPermission( | |
405 extensions::APIPermission::kAdView)) | |
406 return false; | |
403 } | 407 } |
404 | 408 |
405 ChromeViewHostMsg_GetPluginInfo_Output output; | 409 ChromeViewHostMsg_GetPluginInfo_Output output; |
406 #if defined(ENABLE_PLUGINS) | 410 #if defined(ENABLE_PLUGINS) |
407 render_view->Send(new ChromeViewHostMsg_GetPluginInfo( | 411 render_view->Send(new ChromeViewHostMsg_GetPluginInfo( |
408 render_view->GetRoutingID(), GURL(params.url), | 412 render_view->GetRoutingID(), GURL(params.url), |
409 frame->top()->document().url(), orig_mime_type, &output)); | 413 frame->top()->document().url(), orig_mime_type, &output)); |
410 #else | 414 #else |
411 output.status.value = ChromeViewHostMsg_GetPluginInfo_Status::kNotFound; | 415 output.status.value = ChromeViewHostMsg_GetPluginInfo_Status::kNotFound; |
412 #endif | 416 #endif |
(...skipping 685 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1098 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories( | 1102 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories( |
1099 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { | 1103 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { |
1100 #if defined(ENABLE_PLUGINS) | 1104 #if defined(ENABLE_PLUGINS) |
1101 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); | 1105 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); |
1102 #endif | 1106 #endif |
1103 } | 1107 } |
1104 | 1108 |
1105 bool ChromeContentRendererClient::AllowBrowserPlugin( | 1109 bool ChromeContentRendererClient::AllowBrowserPlugin( |
1106 WebKit::WebPluginContainer* container) const { | 1110 WebKit::WebPluginContainer* container) const { |
1107 // If this |BrowserPlugin| <object> in the |container| is not inside a | 1111 // If this |BrowserPlugin| <object> in the |container| is not inside a |
1108 // <webview> shadowHost, we disable instantiating this plugin. This is to | 1112 // <webview>/<adview> shadowHost, we disable instantiating this plugin. This |
1109 // discourage and prevent developers from accidentally attaching <object> | 1113 // is to discourage and prevent developers from accidentally attaching |
1110 // directly in apps. | 1114 // <object> directly in apps. |
1111 // | 1115 // |
1112 // Note that this check below does *not* ensure any security, it is still | 1116 // Note that this check below does *not* ensure any security, it is still |
1113 // possible to bypass this check. | 1117 // possible to bypass this check. |
1114 // TODO(lazyboy): http://crbug.com/178663, Ensure we properly disallow | 1118 // TODO(lazyboy): http://crbug.com/178663, Ensure we properly disallow |
1115 // instantiating BrowserPlugin outside of the <webview> shim. | 1119 // instantiating BrowserPlugin outside of the <webview>/<adview> shim. |
1116 if (container->element().isNull()) | 1120 if (container->element().isNull()) |
1117 return false; | 1121 return false; |
1118 | 1122 |
1119 if (container->element().shadowHost().isNull()) | 1123 if (container->element().shadowHost().isNull()) |
1120 return false; | 1124 return false; |
1121 | 1125 |
1122 if (container->element().shadowHost().tagName().equals( | 1126 if (container->element().shadowHost().tagName().equals( |
1123 WebKit::WebString::fromUTF8(kWebViewTagName))) { | 1127 WebKit::WebString::fromUTF8(kWebViewTagName))) { |
1124 return true; | 1128 return true; |
1129 } else if (container->element().shadowHost().tagName().equals( | |
1130 WebKit::WebString::fromUTF8(kAdViewTagName))) { | |
Fady Samuel
2013/03/18 18:48:05
Please merge with this https://codereview.chromium
| |
1131 return true; | |
1125 } else { | 1132 } else { |
1126 return CommandLine::ForCurrentProcess()->HasSwitch( | 1133 return CommandLine::ForCurrentProcess()->HasSwitch( |
1127 switches::kEnableBrowserPluginForAllViewTypes); | 1134 switches::kEnableBrowserPluginForAllViewTypes); |
1128 } | 1135 } |
1129 } | 1136 } |
1130 | 1137 |
1131 } // namespace chrome | 1138 } // namespace chrome |
OLD | NEW |