OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/renderer/content_settings_observer.h" | 5 #include "chrome/renderer/content_settings_observer.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/metrics/histogram.h" | 8 #include "base/metrics/histogram.h" |
9 #include "components/content_settings/content/common/content_settings_messages.h " | 9 #include "components/content_settings/content/common/content_settings_messages.h " |
10 #include "content/public/common/url_constants.h" | 10 #include "content/public/common/url_constants.h" |
(...skipping 240 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
251 | 251 |
252 void ContentSettingsObserver::DidCommitProvisionalLoad( | 252 void ContentSettingsObserver::DidCommitProvisionalLoad( |
253 bool is_new_navigation, | 253 bool is_new_navigation, |
254 bool is_same_page_navigation) { | 254 bool is_same_page_navigation) { |
255 WebFrame* frame = render_frame()->GetWebFrame(); | 255 WebFrame* frame = render_frame()->GetWebFrame(); |
256 if (frame->parent()) | 256 if (frame->parent()) |
257 return; // Not a top-level navigation. | 257 return; // Not a top-level navigation. |
258 | 258 |
259 if (!is_same_page_navigation) { | 259 if (!is_same_page_navigation) { |
260 // Clear "block" flags for the new page. This needs to happen before any of | 260 // Clear "block" flags for the new page. This needs to happen before any of |
261 // |allowScript()|, |allowScriptFromSource()|, |allowImage()|, or | 261 // |allowScript()|, |allowScriptFromSource()|, |allowImage()|, |
262 // |allowPlugins()| is called for the new page so that these functions can | 262 // |allowPlugins()|, or |allowKeygen()| is called for the new page so that |
263 // correctly detect that a piece of content flipped from "not blocked" to | 263 // these functions can correctly detect that a piece of content flipped from |
264 // "blocked". | 264 // "not blocked" to "blocked". |
265 ClearBlockedContentSettings(); | 265 ClearBlockedContentSettings(); |
266 temporarily_allowed_plugins_.clear(); | 266 temporarily_allowed_plugins_.clear(); |
267 } | 267 } |
268 | 268 |
269 GURL url = frame->document().url(); | 269 GURL url = frame->document().url(); |
270 // If we start failing this DCHECK, please makes sure we don't regress | 270 // If we start failing this DCHECK, please makes sure we don't regress |
271 // this bug: http://code.google.com/p/chromium/issues/detail?id=79304 | 271 // this bug: http://code.google.com/p/chromium/issues/detail?id=79304 |
272 DCHECK(frame->document().securityOrigin().toString() == "null" || | 272 DCHECK(frame->document().securityOrigin().toString() == "null" || |
273 !url.SchemeIs(url::kDataScheme)); | 273 !url.SchemeIs(url::kDataScheme)); |
274 } | 274 } |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
342 frame->top()->securityOrigin().isUnique()) | 342 frame->top()->securityOrigin().isUnique()) |
343 return false; | 343 return false; |
344 | 344 |
345 bool result = false; | 345 bool result = false; |
346 Send(new ChromeViewHostMsg_AllowIndexedDB( | 346 Send(new ChromeViewHostMsg_AllowIndexedDB( |
347 routing_id(), GURL(frame->securityOrigin().toString()), | 347 routing_id(), GURL(frame->securityOrigin().toString()), |
348 GURL(frame->top()->securityOrigin().toString()), name, &result)); | 348 GURL(frame->top()->securityOrigin().toString()), name, &result)); |
349 return result; | 349 return result; |
350 } | 350 } |
351 | 351 |
352 bool ContentSettingsObserver::allowKeygen(bool enabled_per_settings) { | |
353 if (!enabled_per_settings) | |
354 return false; | |
355 if (is_interstitial_page_) | |
356 return true; | |
357 | |
358 WebFrame* frame = render_frame()->GetWebFrame(); | |
359 std::map<WebFrame*, bool>::const_iterator it = | |
360 cached_keygen_permissions_.find(frame); | |
361 if (it != cached_keygen_permissions_.end()) | |
362 return it->second; | |
363 | |
364 // Evaluate the content setting rules before | |
365 // |IsWhitelistedForContentSettings|; if there is only the default rule | |
366 // allowing all keygen, it's quicker this way. | |
Bernhard Bauer
2015/11/05 11:12:13
This comment made _some_ sense before you copy-and
svaldez
2015/11/05 16:35:19
Done.
| |
367 bool allow = true; | |
Bernhard Bauer
2015/11/05 11:12:13
You can probably just send an IPC to the browser t
svaldez
2015/11/05 16:35:19
Done.
| |
368 if (content_setting_rules_) { | |
369 ContentSetting setting = GetContentSettingFromRules( | |
370 content_setting_rules_->keygen_rules, | |
371 frame, | |
372 GURL(frame->document().securityOrigin().toString())); | |
373 allow = setting != CONTENT_SETTING_BLOCK; | |
374 } | |
375 | |
376 cached_keygen_permissions_[frame] = allow; | |
377 return allow; | |
378 } | |
379 | |
352 bool ContentSettingsObserver::allowPlugins(bool enabled_per_settings) { | 380 bool ContentSettingsObserver::allowPlugins(bool enabled_per_settings) { |
353 return enabled_per_settings; | 381 return enabled_per_settings; |
354 } | 382 } |
355 | 383 |
356 bool ContentSettingsObserver::allowScript(bool enabled_per_settings) { | 384 bool ContentSettingsObserver::allowScript(bool enabled_per_settings) { |
357 if (!enabled_per_settings) | 385 if (!enabled_per_settings) |
358 return false; | 386 return false; |
359 if (is_interstitial_page_) | 387 if (is_interstitial_page_) |
360 return true; | 388 return true; |
361 | 389 |
(...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
586 SendInsecureContentSignal(INSECURE_CONTENT_RUN_SWF); | 614 SendInsecureContentSignal(INSECURE_CONTENT_RUN_SWF); |
587 | 615 |
588 if (!allow_running_insecure_content_ && !allowed_per_settings) { | 616 if (!allow_running_insecure_content_ && !allowed_per_settings) { |
589 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT, origin.host()); | 617 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT, origin.host()); |
590 return false; | 618 return false; |
591 } | 619 } |
592 | 620 |
593 return true; | 621 return true; |
594 } | 622 } |
595 | 623 |
624 void ContentSettingsObserver::didNotAllowKeygen() { | |
625 DidBlockContentType(CONTENT_SETTINGS_TYPE_KEYGEN); | |
626 } | |
627 | |
596 void ContentSettingsObserver::didNotAllowPlugins() { | 628 void ContentSettingsObserver::didNotAllowPlugins() { |
597 DidBlockContentType(CONTENT_SETTINGS_TYPE_PLUGINS); | 629 DidBlockContentType(CONTENT_SETTINGS_TYPE_PLUGINS); |
598 } | 630 } |
599 | 631 |
600 void ContentSettingsObserver::didNotAllowScript() { | 632 void ContentSettingsObserver::didNotAllowScript() { |
601 DidBlockContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT); | 633 DidBlockContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT); |
602 } | 634 } |
603 | 635 |
604 bool ContentSettingsObserver::AreNPAPIPluginsBlocked() const { | 636 bool ContentSettingsObserver::AreNPAPIPluginsBlocked() const { |
605 return npapi_plugins_blocked_; | 637 return npapi_plugins_blocked_; |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
647 callbacks.doAllow(); | 679 callbacks.doAllow(); |
648 return; | 680 return; |
649 } | 681 } |
650 callbacks.doDeny(); | 682 callbacks.doDeny(); |
651 } | 683 } |
652 | 684 |
653 void ContentSettingsObserver::ClearBlockedContentSettings() { | 685 void ContentSettingsObserver::ClearBlockedContentSettings() { |
654 content_blocked_.clear(); | 686 content_blocked_.clear(); |
655 cached_storage_permissions_.clear(); | 687 cached_storage_permissions_.clear(); |
656 cached_script_permissions_.clear(); | 688 cached_script_permissions_.clear(); |
689 cached_keygen_permissions_.clear(); | |
657 } | 690 } |
658 | 691 |
659 bool ContentSettingsObserver::IsPlatformApp() { | 692 bool ContentSettingsObserver::IsPlatformApp() { |
660 #if defined(ENABLE_EXTENSIONS) | 693 #if defined(ENABLE_EXTENSIONS) |
661 WebFrame* frame = render_frame()->GetWebFrame(); | 694 WebFrame* frame = render_frame()->GetWebFrame(); |
662 WebSecurityOrigin origin = frame->document().securityOrigin(); | 695 WebSecurityOrigin origin = frame->document().securityOrigin(); |
663 const extensions::Extension* extension = GetExtension(origin); | 696 const extensions::Extension* extension = GetExtension(origin); |
664 return extension && extension->is_platform_app(); | 697 return extension && extension->is_platform_app(); |
665 #else | 698 #else |
666 return false; | 699 return false; |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
724 | 757 |
725 // If the scheme is file:, an empty file name indicates a directory listing, | 758 // If the scheme is file:, an empty file name indicates a directory listing, |
726 // which requires JavaScript to function properly. | 759 // which requires JavaScript to function properly. |
727 if (base::EqualsASCII(protocol, url::kFileScheme)) { | 760 if (base::EqualsASCII(protocol, url::kFileScheme)) { |
728 return document_url.SchemeIs(url::kFileScheme) && | 761 return document_url.SchemeIs(url::kFileScheme) && |
729 document_url.ExtractFileName().empty(); | 762 document_url.ExtractFileName().empty(); |
730 } | 763 } |
731 | 764 |
732 return false; | 765 return false; |
733 } | 766 } |
OLD | NEW |