Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(153)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc

Issue 14188019: CRX FileSystem Pepper private API (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.h ('k') | chrome/chrome_browser.gypi » ('j') | chrome/renderer/pepper/chrome_renderer_pepper_host_factory.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc
diff --git a/chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc b/chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc
new file mode 100644
index 0000000000000000000000000000000000000000..93b1c41e57792298d609e6177d6748ce9243ae36
--- /dev/null
+++ b/chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.cc
@@ -0,0 +1,156 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.h"
+
+#include "base/files/file_path.h"
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/extensions/extension_service.h"
+#include "chrome/browser/extensions/extension_system.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/profiles/profile_manager.h"
+#include "chrome/common/extensions/extension.h"
+#include "content/public/browser/browser_ppapi_host.h"
+#include "content/public/browser/child_process_security_policy.h"
+#include "extensions/common/constants.h"
+#include "googleurl/src/gurl.h"
+#include "ppapi/c/pp_errors.h"
+#include "ppapi/host/dispatch_host_message.h"
+#include "ppapi/host/host_message_context.h"
+#include "ppapi/host/ppapi_host.h"
+#include "ppapi/proxy/ppapi_messages.h"
+#include "webkit/fileapi/isolated_context.h"
+
+namespace chrome {
+
+namespace {
+
+// Returns filesystem id of isolated filesystem if valid, or empty string
+// otherwise. This is expected to run in UI thread as ProfileManager only
+// allows UI thread access.
+std::string CreateIsolatedFileSystem(
+ const base::FilePath& profile_directory,
+ const GURL& url) {
+ DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+ if (!url.SchemeIs(extensions::kExtensionScheme))
+ return std::string();
+
+ ProfileManager* profile_manager = g_browser_process->profile_manager();
+ Profile* profile = profile_manager->GetProfile(profile_directory);
+ extensions::ExtensionSystem* extension_system =
+ extensions::ExtensionSystem::Get(profile);
+ if (!extension_system)
+ return std::string();
+
+ const ExtensionService* extension_service =
+ extension_system->extension_service();
+ if (!extension_service)
+ return std::string();
+
+ const extensions::Extension* extension =
+ extension_service->GetExtensionById(url.host(), false);
+ if (!extension)
+ return std::string();
+
+ // First level directory for isolated filesystem to lookup.
+ std::string kFirstLevelDirectory("crxfs");
+ return fileapi::IsolatedContext::GetInstance()->
+ RegisterFileSystemForPath(fileapi::kFileSystemTypeNativeLocal,
+ extension->path(),
+ &kFirstLevelDirectory);
+}
+
+} // namespace
+
+PepperExtCrxFileSystemBrowserHost::PepperExtCrxFileSystemBrowserHost(
+ content::BrowserPpapiHost* host,
+ PP_Instance instance,
+ PP_Resource resource)
+ : ppapi::host::ResourceHost(host->GetPpapiHost(), instance, resource),
+ browser_ppapi_host_(host),
+ weak_ptr_factory_(ALLOW_THIS_IN_INITIALIZER_LIST(this)) {
+}
+
+PepperExtCrxFileSystemBrowserHost::~PepperExtCrxFileSystemBrowserHost() {
+}
+
+int32_t PepperExtCrxFileSystemBrowserHost::OnResourceMessageReceived(
+ const IPC::Message& msg,
+ ppapi::host::HostMessageContext* context) {
+ IPC_BEGIN_MESSAGE_MAP(PepperExtCrxFileSystemBrowserHost, msg)
+ PPAPI_DISPATCH_HOST_RESOURCE_CALL_0(
+ PpapiHostMsg_Ext_CrxFileSystem_BrowserOpen, OnOpenFileSystem);
+ IPC_END_MESSAGE_MAP()
+ return PP_ERROR_FAILED;
+}
+
+int32_t PepperExtCrxFileSystemBrowserHost::OnOpenFileSystem(
+ ppapi::host::HostMessageContext* context) {
+ // In order to reach ExtensionSystem, we need to get ProfileManager first.
+ // ProfileManager lives in UI thread, so we need to PostTask and come back.
+ BrowserThread::PostTaskAndReplyWithResult(
+ BrowserThread::UI, FROM_HERE,
+ base::Bind(
+ &CreateIsolatedFileSystem,
+ browser_ppapi_host_->GetProfileDataDirectory(),
+ browser_ppapi_host_->GetDocumentURLForInstance(pp_instance())),
+ base::Bind(
+ &PepperExtCrxFileSystemBrowserHost::OnIsolatedFileSystemCreated,
+ weak_ptr_factory_.GetWeakPtr(),
+ context->MakeReplyMessageContext()));
+ return PP_OK_COMPLETIONPENDING;
+}
+
+void PepperExtCrxFileSystemBrowserHost::OnIsolatedFileSystemCreated(
+ ppapi::host::ReplyMessageContext reply_context,
+ const std::string& fsid) {
+ // Create an isolated file system for current extension. Since fsid is
+ // forwarded by a plugin (which could be malicious), we run a sanity check
+ // here before sending to fileapi.
+ if (!LooksLikeAGuid(fsid)) {
+ Reply(&reply_context, PP_ERROR_NOTSUPPORTED, std::string(), std::string());
+ return;
+ }
+
+ // Grant readonly access of isolated filesystem to renderer process.
+ int render_process_id;
+ int unused_render_view_id;
+ browser_ppapi_host_->GetRenderViewIDsForInstance(pp_instance(),
+ &render_process_id,
+ &unused_render_view_id);
+ content::ChildProcessSecurityPolicy* policy =
+ content::ChildProcessSecurityPolicy::GetInstance();
+ policy->GrantReadFileSystem(render_process_id, fsid);
+
+ const GURL& url =
+ browser_ppapi_host_->GetDocumentURLForInstance(pp_instance());
+ Reply(&reply_context, PP_OK, url.host(), fsid);
+}
+
+void PepperExtCrxFileSystemBrowserHost::Reply(
+ ppapi::host::ReplyMessageContext* reply_context,
+ int32_t pp_error,
+ const std::string& extension_id,
+ const std::string& fsid) {
+ reply_context->params.set_result(pp_error);
+ browser_ppapi_host_->GetPpapiHost()->SendReply(
+ *reply_context,
+ PpapiPluginMsg_Ext_CrxFileSystem_BrowserOpenReply(extension_id, fsid));
+}
+
+bool PepperExtCrxFileSystemBrowserHost::LooksLikeAGuid(
+ const std::string& fsid) const {
+ const int kExpectedFsIdSize = 32;
+ if (fsid.size() != kExpectedFsIdSize)
+ return false;
+ for (std::string::const_iterator it = fsid.begin(); it != fsid.end(); ++it) {
+ if (('A' <= *it && *it <= 'F') ||
+ ('0' <= *it && *it <= '9'))
+ continue;
+ return false;
+ }
+ return true;
+}
+
+} // namespace chrome
« no previous file with comments | « chrome/browser/renderer_host/pepper/pepper_ext_crx_file_system_browser_host.h ('k') | chrome/chrome_browser.gypi » ('j') | chrome/renderer/pepper/chrome_renderer_pepper_host_factory.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698