Index: chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc |
diff --git a/chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc b/chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..93b1c41e57792298d609e6177d6748ce9243ae36 |
--- /dev/null |
+++ b/chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc |
@@ -0,0 +1,156 @@ |
+// Copyright (c) 2013 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.h" |
+ |
+#include "base/files/file_path.h" |
+#include "chrome/browser/browser_process.h" |
+#include "chrome/browser/extensions/extension_service.h" |
+#include "chrome/browser/extensions/extension_system.h" |
+#include "chrome/browser/profiles/profile.h" |
+#include "chrome/browser/profiles/profile_manager.h" |
+#include "chrome/common/extensions/extension.h" |
+#include "content/public/browser/browser_ppapi_host.h" |
+#include "content/public/browser/child_process_security_policy.h" |
+#include "extensions/common/constants.h" |
+#include "googleurl/src/gurl.h" |
+#include "ppapi/c/pp_errors.h" |
+#include "ppapi/host/dispatch_host_message.h" |
+#include "ppapi/host/host_message_context.h" |
+#include "ppapi/host/ppapi_host.h" |
+#include "ppapi/proxy/ppapi_messages.h" |
+#include "webkit/fileapi/isolated_context.h" |
+ |
+namespace chrome { |
+ |
+namespace { |
+ |
+// Returns filesystem id of isolated filesystem if valid, or empty string |
+// otherwise. This is expected to run in UI thread as ProfileManager only |
+// allows UI thread access. |
+std::string CreateIsolatedFileSystem( |
+ const base::FilePath& profile_directory, |
+ const GURL& url) { |
+ DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
+ if (!url.SchemeIs(extensions::kExtensionScheme)) |
+ return std::string(); |
+ |
+ ProfileManager* profile_manager = g_browser_process->profile_manager(); |
+ Profile* profile = profile_manager->GetProfile(profile_directory); |
+ extensions::ExtensionSystem* extension_system = |
+ extensions::ExtensionSystem::Get(profile); |
+ if (!extension_system) |
+ return std::string(); |
+ |
+ const ExtensionService* extension_service = |
+ extension_system->extension_service(); |
+ if (!extension_service) |
+ return std::string(); |
+ |
+ const extensions::Extension* extension = |
+ extension_service->GetExtensionById(url.host(), false); |
+ if (!extension) |
+ return std::string(); |
+ |
+ // First level directory for isolated filesystem to lookup. |
+ std::string kFirstLevelDirectory("crxfs"); |
+ return fileapi::IsolatedContext::GetInstance()-> |
+ RegisterFileSystemForPath(fileapi::kFileSystemTypeNativeLocal, |
+ extension->path(), |
+ &kFirstLevelDirectory); |
+} |
+ |
+} // namespace |
+ |
+PepperExtCrxFileSystemBrowserHost::PepperExtCrxFileSystemBrowserHost( |
+ content::BrowserPpapiHost* host, |
+ PP_Instance instance, |
+ PP_Resource resource) |
+ : ppapi::host::ResourceHost(host->GetPpapiHost(), instance, resource), |
+ browser_ppapi_host_(host), |
+ weak_ptr_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)) { |
+} |
+ |
+PepperExtCrxFileSystemBrowserHost::~PepperExtCrxFileSystemBrowserHost() { |
+} |
+ |
+int32_t PepperExtCrxFileSystemBrowserHost::OnResourceMessageReceived( |
+ const IPC::Message& msg, |
+ ppapi::host::HostMessageContext* context) { |
+ IPC_BEGIN_MESSAGE_MAP(PepperExtCrxFileSystemBrowserHost, msg) |
+ PPAPI_DISPATCH_HOST_RESOURCE_CALL_0( |
+ PpapiHostMsg_Ext_CrxFileSystem_BrowserOpen, OnOpenFileSystem); |
+ IPC_END_MESSAGE_MAP() |
+ return PP_ERROR_FAILED; |
+} |
+ |
+int32_t PepperExtCrxFileSystemBrowserHost::OnOpenFileSystem( |
+ ppapi::host::HostMessageContext* context) { |
+ // In order to reach ExtensionSystem, we need to get ProfileManager first. |
+ // ProfileManager lives in UI thread, so we need to PostTask and come back. |
+ BrowserThread::PostTaskAndReplyWithResult( |
+ BrowserThread::UI, FROM_HERE, |
+ base::Bind( |
+ &CreateIsolatedFileSystem, |
+ browser_ppapi_host_->GetProfileDataDirectory(), |
+ browser_ppapi_host_->GetDocumentURLForInstance(pp_instance())), |
+ base::Bind( |
+ &PepperExtCrxFileSystemBrowserHost::OnIsolatedFileSystemCreated, |
+ weak_ptr_factory_.GetWeakPtr(), |
+ context->MakeReplyMessageContext())); |
+ return PP_OK_COMPLETIONPENDING; |
+} |
+ |
+void PepperExtCrxFileSystemBrowserHost::OnIsolatedFileSystemCreated( |
+ ppapi::host::ReplyMessageContext reply_context, |
+ const std::string& fsid) { |
+ // Create an isolated file system for current extension. Since fsid is |
+ // forwarded by a plugin (which could be malicious), we run a sanity check |
+ // here before sending to fileapi. |
+ if (!LooksLikeAGuid(fsid)) { |
+ Reply(&reply_context, PP_ERROR_NOTSUPPORTED, std::string(), std::string()); |
+ return; |
+ } |
+ |
+ // Grant readonly access of isolated filesystem to renderer process. |
+ int render_process_id; |
+ int unused_render_view_id; |
+ browser_ppapi_host_->GetRenderViewIDsForInstance(pp_instance(), |
+ &render_process_id, |
+ &unused_render_view_id); |
+ content::ChildProcessSecurityPolicy* policy = |
+ content::ChildProcessSecurityPolicy::GetInstance(); |
+ policy->GrantReadFileSystem(render_process_id, fsid); |
+ |
+ const GURL& url = |
+ browser_ppapi_host_->GetDocumentURLForInstance(pp_instance()); |
+ Reply(&reply_context, PP_OK, url.host(), fsid); |
+} |
+ |
+void PepperExtCrxFileSystemBrowserHost::Reply( |
+ ppapi::host::ReplyMessageContext* reply_context, |
+ int32_t pp_error, |
+ const std::string& extension_id, |
+ const std::string& fsid) { |
+ reply_context->params.set_result(pp_error); |
+ browser_ppapi_host_->GetPpapiHost()->SendReply( |
+ *reply_context, |
+ PpapiPluginMsg_Ext_CrxFileSystem_BrowserOpenReply(extension_id, fsid)); |
+} |
+ |
+bool PepperExtCrxFileSystemBrowserHost::LooksLikeAGuid( |
+ const std::string& fsid) const { |
+ const int kExpectedFsIdSize = 32; |
+ if (fsid.size() != kExpectedFsIdSize) |
+ return false; |
+ for (std::string::const_iterator it = fsid.begin(); it != fsid.end(); ++it) { |
+ if (('A' <= *it && *it <= 'F') || |
+ ('0' <= *it && *it <= '9')) |
+ continue; |
+ return false; |
+ } |
+ return true; |
+} |
+ |
+} // namespace chrome |