Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(178)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: pdf/out_of_process_instance.cc

Issue 1316803003: Prevent leaking PDF data cross-origin (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@2454
Patch Set: Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "pdf/out_of_process_instance.h" 5 #include "pdf/out_of_process_instance.h"
6 6
7 #include <algorithm> // for min/max() 7 #include <algorithm> // for min/max()
8 #define _USE_MATH_DEFINES // for M_PI 8 #define _USE_MATH_DEFINES // for M_PI
9 #include <cmath> // for log() and pow() 9 #include <cmath> // for log() and pow()
10 #include <math.h> 10 #include <math.h>
(...skipping 285 matching lines...) Expand 10 before | Expand all | Expand 10 after
296 RemovePerInstanceObject(kPPPPdfInterface, this); 296 RemovePerInstanceObject(kPPPPdfInterface, this);
297 // Explicitly reset the PDFEngine during destruction as it may call back into 297 // Explicitly reset the PDFEngine during destruction as it may call back into
298 // this object. 298 // this object.
299 engine_.reset(); 299 engine_.reset();
300 } 300 }
301 301
302 bool OutOfProcessInstance::Init(uint32_t argc, 302 bool OutOfProcessInstance::Init(uint32_t argc,
303 const char* argn[], 303 const char* argn[],
304 const char* argv[]) { 304 const char* argv[]) {
305 // Check if the PDF is being loaded in the PDF chrome extension. We only allow 305 // Check if the PDF is being loaded in the PDF chrome extension. We only allow
306 // the plugin to be put into "full frame" mode when it is being loaded in the 306 // the plugin to be loaded in the extension and print preview to avoid
307 // extension because this enables some features that we don't want pages 307 // exposing sensitive APIs directly to external websites.
308 // abusing outside of the extension.
309 pp::Var document_url_var = pp::URLUtil_Dev::Get()->GetDocumentURL(this); 308 pp::Var document_url_var = pp::URLUtil_Dev::Get()->GetDocumentURL(this);
310 std::string document_url = document_url_var.is_string() ? 309 if (!document_url_var.is_string())
311 document_url_var.AsString() : std::string(); 310 return false;
311 std::string document_url = document_url_var.AsString();
312 std::string extension_url = std::string(kChromeExtension); 312 std::string extension_url = std::string(kChromeExtension);
313 bool in_extension = 313 std::string print_preview_url = std::string(kChromePrint);
314 !document_url.compare(0, extension_url.size(), extension_url); 314 if (!base::StringPiece(document_url).starts_with(kChromeExtension) &&
315 !base::StringPiece(document_url).starts_with(kChromePrint)) {
316 return false;
317 }
315 318
316 if (in_extension) { 319 // Check if the plugin is full frame. This is passed in from JS.
317 // Check if the plugin is full frame. This is passed in from JS. 320 for (uint32_t i = 0; i < argc; ++i) {
318 for (uint32_t i = 0; i < argc; ++i) { 321 if (strcmp(argn[i], "full-frame") == 0) {
319 if (strcmp(argn[i], "full-frame") == 0) { 322 full_ = true;
320 full_ = true; 323 break;
321 break;
322 }
323 } 324 }
324 } 325 }
325 326
326 // Only allow the plugin to handle find requests if it is full frame. 327 // Only allow the plugin to handle find requests if it is full frame.
327 if (full_) 328 if (full_)
328 SetPluginToHandleFindRequests(); 329 SetPluginToHandleFindRequests();
329 330
330 // Send translated strings to the extension where they will be displayed. 331 // Send translated strings to the extension where they will be displayed.
331 // TODO(raymes): It would be better to get these in the extension directly 332 // TODO(raymes): It would be better to get these in the extension directly
332 // through an API but no such API currently exists. 333 // through an API but no such API currently exists.
(...skipping 1074 matching lines...) Expand 10 before | Expand all | Expand 10 after
1407 pp::FloatPoint OutOfProcessInstance::BoundScrollOffsetToDocument( 1408 pp::FloatPoint OutOfProcessInstance::BoundScrollOffsetToDocument(
1408 const pp::FloatPoint& scroll_offset) { 1409 const pp::FloatPoint& scroll_offset) {
1409 float max_x = document_size_.width() * zoom_ - plugin_dip_size_.width(); 1410 float max_x = document_size_.width() * zoom_ - plugin_dip_size_.width();
1410 float x = std::max(std::min(scroll_offset.x(), max_x), 0.0f); 1411 float x = std::max(std::min(scroll_offset.x(), max_x), 0.0f);
1411 float max_y = document_size_.height() * zoom_ - plugin_dip_size_.height(); 1412 float max_y = document_size_.height() * zoom_ - plugin_dip_size_.height();
1412 float y = std::max(std::min(scroll_offset.y(), max_y), 0.0f); 1413 float y = std::max(std::min(scroll_offset.y(), max_y), 0.0f);
1413 return pp::FloatPoint(x, y); 1414 return pp::FloatPoint(x, y);
1414 } 1415 }
1415 1416
1416 } // namespace chrome_pdf 1417 } // namespace chrome_pdf
OLDNEW
« no previous file with comments | « chrome/browser/resources/pdf/pdf.js ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698