Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(41)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: pdf/out_of_process_instance.cc

Issue 1311973002: Prevent leaking PDF data cross-origin (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "pdf/out_of_process_instance.h" 5 #include "pdf/out_of_process_instance.h"
6 6
7 #include <algorithm> // for min/max() 7 #include <algorithm> // for min/max()
8 #define _USE_MATH_DEFINES // for M_PI 8 #define _USE_MATH_DEFINES // for M_PI
9 #include <cmath> // for log() and pow() 9 #include <cmath> // for log() and pow()
10 #include <math.h> 10 #include <math.h>
(...skipping 287 matching lines...) Expand 10 before | Expand all | Expand 10 after
298 RemovePerInstanceObject(kPPPPdfInterface, this); 298 RemovePerInstanceObject(kPPPPdfInterface, this);
299 // Explicitly reset the PDFEngine during destruction as it may call back into 299 // Explicitly reset the PDFEngine during destruction as it may call back into
300 // this object. 300 // this object.
301 engine_.reset(); 301 engine_.reset();
302 } 302 }
303 303
304 bool OutOfProcessInstance::Init(uint32_t argc, 304 bool OutOfProcessInstance::Init(uint32_t argc,
305 const char* argn[], 305 const char* argn[],
306 const char* argv[]) { 306 const char* argv[]) {
307 // Check if the PDF is being loaded in the PDF chrome extension. We only allow 307 // Check if the PDF is being loaded in the PDF chrome extension. We only allow
308 // the plugin to be put into "full frame" mode when it is being loaded in the 308 // the plugin to be loaded in the extension and print preview to avoid
309 // extension because this enables some features that we don't want pages 309 // exposing sensitive APIs directly to external websites.
310 // abusing outside of the extension.
311 pp::Var document_url_var = pp::URLUtil_Dev::Get()->GetDocumentURL(this); 310 pp::Var document_url_var = pp::URLUtil_Dev::Get()->GetDocumentURL(this);
312 std::string document_url = document_url_var.is_string() ? 311 if (!document_url_var.is_string())
313 document_url_var.AsString() : std::string(); 312 return false;
313 std::string document_url = document_url_var.AsString();
314 std::string extension_url = std::string(kChromeExtension); 314 std::string extension_url = std::string(kChromeExtension);
315 bool in_extension = 315 std::string print_preview_url = std::string(kChromePrint);
316 !document_url.compare(0, extension_url.size(), extension_url); 316 if (!base::StringPiece(document_url).starts_with(kChromeExtension) &&
317 !base::StringPiece(document_url).starts_with(kChromePrint)) {
318 return false;
319 }
317 320
318 if (in_extension) { 321 // Check if the plugin is full frame. This is passed in from JS.
319 // Check if the plugin is full frame. This is passed in from JS. 322 for (uint32_t i = 0; i < argc; ++i) {
320 for (uint32_t i = 0; i < argc; ++i) { 323 if (strcmp(argn[i], "full-frame") == 0) {
321 if (strcmp(argn[i], "full-frame") == 0) { 324 full_ = true;
322 full_ = true; 325 break;
323 break;
324 }
325 } 326 }
326 } 327 }
327 328
328 // Only allow the plugin to handle find requests if it is full frame. 329 // Only allow the plugin to handle find requests if it is full frame.
329 if (full_) 330 if (full_)
330 SetPluginToHandleFindRequests(); 331 SetPluginToHandleFindRequests();
331 332
332 // Send translated strings to the extension where they will be displayed. 333 // Send translated strings to the extension where they will be displayed.
333 // TODO(raymes): It would be better to get these in the extension directly 334 // TODO(raymes): It would be better to get these in the extension directly
334 // through an API but no such API currently exists. 335 // through an API but no such API currently exists.
(...skipping 1095 matching lines...) Expand 10 before | Expand all | Expand 10 after
1430 const pp::FloatPoint& scroll_offset) { 1431 const pp::FloatPoint& scroll_offset) {
1431 float max_x = document_size_.width() * zoom_ - plugin_dip_size_.width(); 1432 float max_x = document_size_.width() * zoom_ - plugin_dip_size_.width();
1432 float x = std::max(std::min(scroll_offset.x(), max_x), 0.0f); 1433 float x = std::max(std::min(scroll_offset.x(), max_x), 0.0f);
1433 float min_y = -top_toolbar_height_; 1434 float min_y = -top_toolbar_height_;
1434 float max_y = document_size_.height() * zoom_ - plugin_dip_size_.height(); 1435 float max_y = document_size_.height() * zoom_ - plugin_dip_size_.height();
1435 float y = std::max(std::min(scroll_offset.y(), max_y), min_y); 1436 float y = std::max(std::min(scroll_offset.y(), max_y), min_y);
1436 return pp::FloatPoint(x, y); 1437 return pp::FloatPoint(x, y);
1437 } 1438 }
1438 1439
1439 } // namespace chrome_pdf 1440 } // namespace chrome_pdf
OLDNEW
« no previous file with comments | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698