OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/renderer/pepper/pepper_flash_renderer_host.h" | 5 #include "chrome/renderer/pepper/pepper_flash_renderer_host.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "base/strings/string_util.h" | |
9 #include "chrome/renderer/pepper/ppb_pdf_impl.h" | 10 #include "chrome/renderer/pepper/ppb_pdf_impl.h" |
10 #include "content/public/renderer/pepper_plugin_instance.h" | 11 #include "content/public/renderer/pepper_plugin_instance.h" |
11 #include "content/public/renderer/render_thread.h" | 12 #include "content/public/renderer/render_thread.h" |
12 #include "content/public/renderer/renderer_ppapi_host.h" | 13 #include "content/public/renderer/renderer_ppapi_host.h" |
13 #include "ipc/ipc_message_macros.h" | 14 #include "ipc/ipc_message_macros.h" |
15 #include "net/http/http_util.h" | |
14 #include "ppapi/c/pp_errors.h" | 16 #include "ppapi/c/pp_errors.h" |
15 #include "ppapi/c/trusted/ppb_browser_font_trusted.h" | 17 #include "ppapi/c/trusted/ppb_browser_font_trusted.h" |
16 #include "ppapi/host/dispatch_host_message.h" | 18 #include "ppapi/host/dispatch_host_message.h" |
17 #include "ppapi/proxy/host_dispatcher.h" | 19 #include "ppapi/proxy/host_dispatcher.h" |
18 #include "ppapi/proxy/ppapi_messages.h" | 20 #include "ppapi/proxy/ppapi_messages.h" |
19 #include "ppapi/proxy/resource_message_params.h" | 21 #include "ppapi/proxy/resource_message_params.h" |
20 #include "ppapi/proxy/serialized_structs.h" | 22 #include "ppapi/proxy/serialized_structs.h" |
21 #include "ppapi/thunk/enter.h" | 23 #include "ppapi/thunk/enter.h" |
22 #include "ppapi/thunk/ppb_image_data_api.h" | 24 #include "ppapi/thunk/ppb_image_data_api.h" |
23 #include "skia/ext/platform_canvas.h" | 25 #include "skia/ext/platform_canvas.h" |
24 #include "third_party/skia/include/core/SkCanvas.h" | 26 #include "third_party/skia/include/core/SkCanvas.h" |
25 #include "third_party/skia/include/core/SkMatrix.h" | 27 #include "third_party/skia/include/core/SkMatrix.h" |
26 #include "third_party/skia/include/core/SkPaint.h" | 28 #include "third_party/skia/include/core/SkPaint.h" |
27 #include "third_party/skia/include/core/SkPoint.h" | 29 #include "third_party/skia/include/core/SkPoint.h" |
28 #include "third_party/skia/include/core/SkTemplates.h" | 30 #include "third_party/skia/include/core/SkTemplates.h" |
29 #include "third_party/skia/include/core/SkTypeface.h" | 31 #include "third_party/skia/include/core/SkTypeface.h" |
30 #include "ui/gfx/rect.h" | 32 #include "ui/gfx/rect.h" |
31 #include "url/gurl.h" | 33 #include "url/gurl.h" |
32 | 34 |
33 using ppapi::thunk::EnterResourceNoLock; | 35 using ppapi::thunk::EnterResourceNoLock; |
34 using ppapi::thunk::PPB_ImageData_API; | 36 using ppapi::thunk::PPB_ImageData_API; |
35 | 37 |
38 namespace { | |
39 | |
40 // This list is basically the HTTP/1.1 standard headers minus the request | |
41 // headers disallowed by Flash for URLRequestHeader objects. | |
42 // HTTP/1.1 standard headers: Section 4.5, 5.3, 7.1 in | |
43 // http://www.ietf.org/rfc/rfc2616.txt | |
44 // Headers disallowed by Flash for URLRequestHeader objects: | |
45 // http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/net/ URLRequestHeader.html | |
46 // | |
47 // There are a few exceptions: | |
48 // - "Authorization" is no longer blocked according to | |
49 // http://helpx.adobe.com/flash-player/kb/actionscript-error-send-action-conta ins.html | |
50 // - "Referer" may be set by the Flash player itself. | |
abarth-chromium
2014/01/26 02:10:38
Don't we want to use the list of CORS simple heade
yzshen1
2014/01/26 02:39:03
I agree that the CORS simple headers list is prefe
abarth-chromium
2014/01/26 02:44:36
That's doesn't help with the security problem. Yo
yzshen1
2014/01/27 23:41:13
Done. Changed to only allow simple headers && reco
| |
51 const char* kAllowedHttpRequestHeaders[] = { | |
52 "accept", | |
53 "accept-language", | |
54 "authorization", | |
55 "cache-control", | |
56 "content-encoding", | |
57 "content-language", | |
58 "content-md5", | |
59 "content-type", | |
60 "expires", | |
61 "from", | |
62 "if-match", | |
63 "if-none-match", | |
64 "if-range", | |
65 "if-unmodified-since", | |
66 "pragma", | |
67 "referer" | |
68 }; | |
abarth-chromium
2014/01/26 02:09:31
Presumably we have this list of headers elsewhere.
yzshen1
2014/01/26 02:39:03
There is a similar list is in the Flash source cod
| |
69 | |
70 } // namespace | |
71 | |
36 PepperFlashRendererHost::PepperFlashRendererHost( | 72 PepperFlashRendererHost::PepperFlashRendererHost( |
37 content::RendererPpapiHost* host, | 73 content::RendererPpapiHost* host, |
38 PP_Instance instance, | 74 PP_Instance instance, |
39 PP_Resource resource) | 75 PP_Resource resource) |
40 : ResourceHost(host->GetPpapiHost(), instance, resource), | 76 : ResourceHost(host->GetPpapiHost(), instance, resource), |
41 host_(host), | 77 host_(host), |
42 weak_factory_(this) { | 78 weak_factory_(this) { |
43 } | 79 } |
44 | 80 |
45 PepperFlashRendererHost::~PepperFlashRendererHost() { | 81 PepperFlashRendererHost::~PepperFlashRendererHost() { |
(...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
203 ppapi::host::HostMessageContext* host_context, | 239 ppapi::host::HostMessageContext* host_context, |
204 const ppapi::URLRequestInfoData& data, | 240 const ppapi::URLRequestInfoData& data, |
205 const std::string& target, | 241 const std::string& target, |
206 bool from_user_action) { | 242 bool from_user_action) { |
207 // If our PepperPluginInstance is already destroyed, just return a failure. | 243 // If our PepperPluginInstance is already destroyed, just return a failure. |
208 content::PepperPluginInstance* plugin_instance = | 244 content::PepperPluginInstance* plugin_instance = |
209 host_->GetPluginInstance(pp_instance()); | 245 host_->GetPluginInstance(pp_instance()); |
210 if (!plugin_instance) | 246 if (!plugin_instance) |
211 return PP_ERROR_FAILED; | 247 return PP_ERROR_FAILED; |
212 | 248 |
249 if (allowed_headers_.empty()) { | |
250 for (size_t i = 0; i < arraysize(kAllowedHttpRequestHeaders); ++i) | |
251 allowed_headers_.insert(kAllowedHttpRequestHeaders[i]); | |
252 } | |
253 | |
254 net::HttpUtil::HeadersIterator header_iter(data.headers.begin(), | |
255 data.headers.end(), | |
256 "\n\r"); | |
257 while (header_iter.GetNext()) { | |
258 std::string lower_case_header = StringToLowerASCII(header_iter.name()); | |
259 if (allowed_headers_.find(lower_case_header) == allowed_headers_.end()) | |
260 return PP_ERROR_NOACCESS; | |
261 } | |
262 | |
213 // Navigate may call into Javascript (e.g. with a "javascript:" URL), | 263 // Navigate may call into Javascript (e.g. with a "javascript:" URL), |
214 // or do things like navigate away from the page, either one of which will | 264 // or do things like navigate away from the page, either one of which will |
215 // need to re-enter into the plugin. It is safe, because it is essentially | 265 // need to re-enter into the plugin. It is safe, because it is essentially |
216 // equivalent to NPN_GetURL, where Flash would expect re-entrancy. | 266 // equivalent to NPN_GetURL, where Flash would expect re-entrancy. |
217 ppapi::proxy::HostDispatcher* host_dispatcher = | 267 ppapi::proxy::HostDispatcher* host_dispatcher = |
218 ppapi::proxy::HostDispatcher::GetForInstance(pp_instance()); | 268 ppapi::proxy::HostDispatcher::GetForInstance(pp_instance()); |
219 host_dispatcher->set_allow_plugin_reentrancy(); | 269 host_dispatcher->set_allow_plugin_reentrancy(); |
220 | 270 |
221 // Grab a weak pointer to ourselves on the stack so we can check if we are | 271 // Grab a weak pointer to ourselves on the stack so we can check if we are |
222 // still alive. | 272 // still alive. |
(...skipping 23 matching lines...) Expand all Loading... | |
246 gfx::Rect(rect.point.x, rect.point.y,rect.size.width, rect.size.height))) | 296 gfx::Rect(rect.point.x, rect.point.y,rect.size.width, rect.size.height))) |
247 return PP_OK; | 297 return PP_OK; |
248 return PP_ERROR_FAILED; | 298 return PP_ERROR_FAILED; |
249 } | 299 } |
250 | 300 |
251 int32_t PepperFlashRendererHost::OnInvokePrinting( | 301 int32_t PepperFlashRendererHost::OnInvokePrinting( |
252 ppapi::host::HostMessageContext* host_context) { | 302 ppapi::host::HostMessageContext* host_context) { |
253 PPB_PDF_Impl::InvokePrintingForInstance(pp_instance()); | 303 PPB_PDF_Impl::InvokePrintingForInstance(pp_instance()); |
254 return PP_OK; | 304 return PP_OK; |
255 } | 305 } |
OLD | NEW |