OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/external_protocol/external_protocol_handler.h" | 5 #include "chrome/browser/external_protocol/external_protocol_handler.h" |
6 | 6 |
7 #include <set> | 7 #include <set> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
11 #include "base/message_loop/message_loop.h" | 11 #include "base/message_loop/message_loop.h" |
12 #include "base/prefs/pref_registry_simple.h" | 12 #include "base/prefs/pref_registry_simple.h" |
13 #include "base/prefs/pref_service.h" | 13 #include "base/prefs/pref_service.h" |
14 #include "base/prefs/scoped_user_pref_update.h" | 14 #include "base/prefs/scoped_user_pref_update.h" |
15 #include "base/strings/string_util.h" | 15 #include "base/strings/string_util.h" |
16 #include "base/threading/thread.h" | 16 #include "base/threading/thread.h" |
17 #include "build/build_config.h" | 17 #include "build/build_config.h" |
18 #include "chrome/browser/browser_process.h" | 18 #include "chrome/browser/browser_process.h" |
19 #include "chrome/browser/platform_util.h" | 19 #include "chrome/browser/platform_util.h" |
20 #include "chrome/browser/profiles/profile.h" | 20 #include "chrome/browser/profiles/profile.h" |
21 #include "chrome/browser/tab_contents/tab_util.h" | 21 #include "chrome/browser/tab_contents/tab_util.h" |
22 #include "chrome/common/pref_names.h" | 22 #include "chrome/common/pref_names.h" |
23 #include "content/public/browser/browser_thread.h" | 23 #include "content/public/browser/browser_thread.h" |
24 #include "content/public/browser/web_contents.h" | 24 #include "content/public/browser/web_contents.h" |
25 #include "net/base/escape.h" | 25 #include "net/base/escape.h" |
26 #include "url/gurl.h" | 26 #include "url/gurl.h" |
27 | 27 |
28 using content::BrowserThread; | 28 using content::BrowserThread; |
29 | 29 |
30 // Whether we accept requests for launching external protocols. This is set to | 30 // Whether there is an existing user gesture. A user gesture is required to |
31 // false every time an external protocol is requested, and set back to true on | 31 // launch external protocols. This variable should only be accessed from the UI |
32 // each user gesture. This variable should only be accessed from the UI thread. | 32 // thread. |
33 static bool g_accept_requests = true; | 33 static bool g_user_gesture = false; |
34 | 34 |
35 namespace { | 35 namespace { |
36 | 36 |
37 // Functions enabling unit testing. Using a NULL delegate will use the default | 37 // Functions enabling unit testing. Using a NULL delegate will use the default |
38 // behavior; if a delegate is provided it will be used instead. | 38 // behavior; if a delegate is provided it will be used instead. |
39 ShellIntegration::DefaultProtocolClientWorker* CreateShellWorker( | 39 ShellIntegration::DefaultProtocolClientWorker* CreateShellWorker( |
40 ShellIntegration::DefaultWebClientObserver* observer, | 40 ShellIntegration::DefaultWebClientObserver* observer, |
41 const std::string& protocol, | 41 const std::string& protocol, |
42 ExternalProtocolHandler::Delegate* delegate) { | 42 ExternalProtocolHandler::Delegate* delegate) { |
43 if (!delegate) | 43 if (!delegate) |
(...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
197 for (size_t i = 0; i < arraysize(allowed_schemes); ++i) { | 197 for (size_t i = 0; i < arraysize(allowed_schemes); ++i) { |
198 if (!win_pref->GetBoolean(allowed_schemes[i], &should_block)) { | 198 if (!win_pref->GetBoolean(allowed_schemes[i], &should_block)) { |
199 win_pref->SetBoolean(allowed_schemes[i], false); | 199 win_pref->SetBoolean(allowed_schemes[i], false); |
200 } | 200 } |
201 } | 201 } |
202 } | 202 } |
203 | 203 |
204 // static | 204 // static |
205 ExternalProtocolHandler::BlockState ExternalProtocolHandler::GetBlockState( | 205 ExternalProtocolHandler::BlockState ExternalProtocolHandler::GetBlockState( |
206 const std::string& scheme) { | 206 const std::string& scheme) { |
207 // If we are being carpet bombed, block the request. | 207 if (!g_user_gesture) |
208 if (!g_accept_requests) | |
209 return BLOCK; | 208 return BLOCK; |
210 | 209 |
211 if (scheme.length() == 1) { | 210 if (scheme.length() == 1) { |
212 // We have a URL that looks something like: | 211 // We have a URL that looks something like: |
213 // C:/WINDOWS/system32/notepad.exe | 212 // C:/WINDOWS/system32/notepad.exe |
214 // ShellExecuting this URL will cause the specified program to be executed. | 213 // ShellExecuting this URL will cause the specified program to be executed. |
215 return BLOCK; | 214 return BLOCK; |
216 } | 215 } |
217 | 216 |
218 // Check the stored prefs. | 217 // Check the stored prefs. |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
263 std::string escaped_url_string = net::EscapeExternalHandlerValue(url.spec()); | 262 std::string escaped_url_string = net::EscapeExternalHandlerValue(url.spec()); |
264 GURL escaped_url(escaped_url_string); | 263 GURL escaped_url(escaped_url_string); |
265 BlockState block_state = GetBlockStateWithDelegate(escaped_url.scheme(), | 264 BlockState block_state = GetBlockStateWithDelegate(escaped_url.scheme(), |
266 delegate); | 265 delegate); |
267 if (block_state == BLOCK) { | 266 if (block_state == BLOCK) { |
268 if (delegate) | 267 if (delegate) |
269 delegate->BlockRequest(); | 268 delegate->BlockRequest(); |
270 return; | 269 return; |
271 } | 270 } |
272 | 271 |
273 g_accept_requests = false; | |
274 | |
275 // The worker creates tasks with references to itself and puts them into | 272 // The worker creates tasks with references to itself and puts them into |
276 // message loops. When no tasks are left it will delete the observer and | 273 // message loops. When no tasks are left it will delete the observer and |
277 // eventually be deleted itself. | 274 // eventually be deleted itself. |
278 ShellIntegration::DefaultWebClientObserver* observer = | 275 ShellIntegration::DefaultWebClientObserver* observer = |
279 new ExternalDefaultProtocolObserver(url, | 276 new ExternalDefaultProtocolObserver(url, |
280 render_process_host_id, | 277 render_process_host_id, |
281 tab_contents_id, | 278 tab_contents_id, |
282 block_state == UNKNOWN, | 279 block_state == UNKNOWN, |
283 delegate); | 280 delegate); |
284 scoped_refptr<ShellIntegration::DefaultProtocolClientWorker> worker = | 281 scoped_refptr<ShellIntegration::DefaultProtocolClientWorker> worker = |
(...skipping 18 matching lines...) Expand all Loading... |
303 platform_util::OpenExternal( | 300 platform_util::OpenExternal( |
304 Profile::FromBrowserContext(web_contents->GetBrowserContext()), url); | 301 Profile::FromBrowserContext(web_contents->GetBrowserContext()), url); |
305 } | 302 } |
306 | 303 |
307 // static | 304 // static |
308 void ExternalProtocolHandler::RegisterPrefs(PrefRegistrySimple* registry) { | 305 void ExternalProtocolHandler::RegisterPrefs(PrefRegistrySimple* registry) { |
309 registry->RegisterDictionaryPref(prefs::kExcludedSchemes); | 306 registry->RegisterDictionaryPref(prefs::kExcludedSchemes); |
310 } | 307 } |
311 | 308 |
312 // static | 309 // static |
313 void ExternalProtocolHandler::PermitLaunchUrl() { | 310 void ExternalProtocolHandler::EnableUserGesture() { |
314 DCHECK(base::MessageLoopForUI::IsCurrent()); | 311 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
315 g_accept_requests = true; | 312 g_user_gesture = true; |
316 } | 313 } |
| 314 |
| 315 // static |
| 316 void ExternalProtocolHandler::DisableUserGesture() { |
| 317 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 318 g_user_gesture = false; |
| 319 } |
OLD | NEW |