| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "mojo/shell/application_instance.h" | 5 #include "mojo/shell/application_instance.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
| 9 #include "mojo/application/public/interfaces/content_handler.mojom.h" | 9 #include "mojo/application/public/interfaces/content_handler.mojom.h" |
| 10 #include "mojo/common/common_type_converters.h" | 10 #include "mojo/common/common_type_converters.h" |
| 11 #include "mojo/common/url_type_converters.h" | 11 #include "mojo/common/url_type_converters.h" |
| 12 #include "mojo/shell/application_manager.h" | 12 #include "mojo/shell/application_manager.h" |
| 13 | 13 |
| 14 namespace mojo { | 14 namespace mojo { |
| 15 namespace shell { | 15 namespace shell { |
| 16 | 16 |
| 17 // It's valid to specify mojo: URLs in the filter either as mojo:foo or |
| 18 // mojo://foo/ - but we store the filter in the latter form. |
| 19 CapabilityFilter CanonicalizeFilter(const CapabilityFilter& filter) { |
| 20 CapabilityFilter canonicalized; |
| 21 for (CapabilityFilter::const_iterator it = filter.begin(); |
| 22 it != filter.end(); |
| 23 ++it) { |
| 24 if (it->first == "*") |
| 25 canonicalized[it->first] = it->second; |
| 26 else |
| 27 canonicalized[GURL(it->first).spec()] = it->second; |
| 28 } |
| 29 return canonicalized; |
| 30 } |
| 31 |
| 17 ApplicationInstance::QueuedClientRequest::QueuedClientRequest() | 32 ApplicationInstance::QueuedClientRequest::QueuedClientRequest() |
| 18 : originator(nullptr) {} | 33 : originator(nullptr) {} |
| 19 | 34 |
| 20 ApplicationInstance::QueuedClientRequest::~QueuedClientRequest() { | 35 ApplicationInstance::QueuedClientRequest::~QueuedClientRequest() { |
| 21 } | 36 } |
| 22 | 37 |
| 23 ApplicationInstance::ApplicationInstance( | 38 ApplicationInstance::ApplicationInstance( |
| 24 ApplicationPtr application, | 39 ApplicationPtr application, |
| 25 ApplicationManager* manager, | 40 ApplicationManager* manager, |
| 26 const Identity& originator_identity, | 41 const Identity& originator_identity, |
| 27 const Identity& identity, | 42 const Identity& identity, |
| 28 const CapabilityFilter& filter, | 43 const CapabilityFilter& filter, |
| 29 const base::Closure& on_application_end) | 44 const base::Closure& on_application_end) |
| 30 : manager_(manager), | 45 : manager_(manager), |
| 31 originator_identity_(originator_identity), | 46 originator_identity_(originator_identity), |
| 32 identity_(identity), | 47 identity_(identity), |
| 33 filter_(filter), | 48 filter_(CanonicalizeFilter(filter)), |
| 34 allow_any_application_(filter.size() == 1 && filter.count("*") == 1), | 49 allow_any_application_(filter.size() == 1 && filter.count("*") == 1), |
| 35 on_application_end_(on_application_end), | 50 on_application_end_(on_application_end), |
| 36 application_(application.Pass()), | 51 application_(application.Pass()), |
| 37 binding_(this), | 52 binding_(this), |
| 38 queue_requests_(false) { | 53 queue_requests_(false) { |
| 39 binding_.set_connection_error_handler([this]() { OnConnectionError(); }); | 54 binding_.set_connection_error_handler([this]() { OnConnectionError(); }); |
| 40 } | 55 } |
| 41 | 56 |
| 42 ApplicationInstance::~ApplicationInstance() { | 57 ApplicationInstance::~ApplicationInstance() { |
| 43 STLDeleteElements(&queued_client_requests_); | 58 STLDeleteElements(&queued_client_requests_); |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 return AllowedInterfaces(); | 103 return AllowedInterfaces(); |
| 89 } | 104 } |
| 90 | 105 |
| 91 // Shell implementation: | 106 // Shell implementation: |
| 92 void ApplicationInstance::ConnectToApplication( | 107 void ApplicationInstance::ConnectToApplication( |
| 93 URLRequestPtr app_request, | 108 URLRequestPtr app_request, |
| 94 InterfaceRequest<ServiceProvider> services, | 109 InterfaceRequest<ServiceProvider> services, |
| 95 ServiceProviderPtr exposed_services, | 110 ServiceProviderPtr exposed_services, |
| 96 CapabilityFilterPtr filter) { | 111 CapabilityFilterPtr filter) { |
| 97 std::string url_string = app_request->url.To<std::string>(); | 112 std::string url_string = app_request->url.To<std::string>(); |
| 98 if (!GURL(url_string).is_valid()) { | 113 GURL url(url_string); |
| 114 if (!url.is_valid()) { |
| 99 LOG(ERROR) << "Error: invalid URL: " << url_string; | 115 LOG(ERROR) << "Error: invalid URL: " << url_string; |
| 100 return; | 116 return; |
| 101 } | 117 } |
| 102 if (allow_any_application_ || filter_.find(url_string) != filter_.end()) { | 118 if (allow_any_application_ || filter_.find(url.spec()) != filter_.end()) { |
| 103 CapabilityFilter capability_filter = GetPermissiveCapabilityFilter(); | 119 CapabilityFilter capability_filter = GetPermissiveCapabilityFilter(); |
| 104 if (!filter.is_null()) | 120 if (!filter.is_null()) |
| 105 capability_filter = filter->filter.To<CapabilityFilter>(); | 121 capability_filter = filter->filter.To<CapabilityFilter>(); |
| 106 manager_->ConnectToApplication(this, app_request.Pass(), std::string(), | 122 manager_->ConnectToApplication(this, app_request.Pass(), std::string(), |
| 107 identity_.url, services.Pass(), | 123 identity_.url, services.Pass(), |
| 108 exposed_services.Pass(), capability_filter, | 124 exposed_services.Pass(), capability_filter, |
| 109 base::Closure()); | 125 base::Closure()); |
| 110 } else { | 126 } else { |
| 111 DVLOG(1) << "CapabilityFilter prevented connection from: " << | 127 LOG(WARNING) << "CapabilityFilter prevented connection from: " << |
| 112 identity_.url << " to: " << url_string; | 128 identity_.url << " to: " << url.spec(); |
| 113 } | 129 } |
| 114 } | 130 } |
| 115 | 131 |
| 116 void ApplicationInstance::QuitApplication() { | 132 void ApplicationInstance::QuitApplication() { |
| 117 queue_requests_ = true; | 133 queue_requests_ = true; |
| 118 application_->OnQuitRequested( | 134 application_->OnQuitRequested( |
| 119 base::Bind(&ApplicationInstance::OnQuitRequestedResult, | 135 base::Bind(&ApplicationInstance::OnQuitRequestedResult, |
| 120 base::Unretained(this))); | 136 base::Unretained(this))); |
| 121 } | 137 } |
| 122 | 138 |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 171 request->requestor_url, | 187 request->requestor_url, |
| 172 request->services.Pass(), | 188 request->services.Pass(), |
| 173 request->exposed_services.Pass(), | 189 request->exposed_services.Pass(), |
| 174 request->requested_url); | 190 request->requested_url); |
| 175 } | 191 } |
| 176 STLDeleteElements(&queued_client_requests_); | 192 STLDeleteElements(&queued_client_requests_); |
| 177 } | 193 } |
| 178 | 194 |
| 179 } // namespace shell | 195 } // namespace shell |
| 180 } // namespace mojo | 196 } // namespace mojo |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1287043004:
Use CapabilityFilter to restrict what HTMLViewers can connect to. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master