| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "content/child/npapi/npobject_proxy.h" | |
| 6 | |
| 7 #include "content/child/npapi/np_channel_base.h" | |
| 8 #include "content/child/npapi/npobject_util.h" | |
| 9 #include "content/child/plugin_messages.h" | |
| 10 #include "third_party/WebKit/public/web/WebBindings.h" | |
| 11 | |
| 12 #if defined(ENABLE_PLUGINS) | |
| 13 #include "content/child/npapi/plugin_instance.h" | |
| 14 #endif | |
| 15 | |
| 16 using blink::WebBindings; | |
| 17 | |
| 18 namespace content { | |
| 19 | |
| 20 struct NPObjectWrapper { | |
| 21 NPObject object; | |
| 22 NPObjectProxy* proxy; | |
| 23 }; | |
| 24 | |
| 25 NPClass NPObjectProxy::npclass_proxy_ = { | |
| 26 NP_CLASS_STRUCT_VERSION, | |
| 27 NPObjectProxy::NPAllocate, | |
| 28 NPObjectProxy::NPDeallocate, | |
| 29 NPObjectProxy::NPPInvalidate, | |
| 30 NPObjectProxy::NPHasMethod, | |
| 31 NPObjectProxy::NPInvoke, | |
| 32 NPObjectProxy::NPInvokeDefault, | |
| 33 NPObjectProxy::NPHasProperty, | |
| 34 NPObjectProxy::NPGetProperty, | |
| 35 NPObjectProxy::NPSetProperty, | |
| 36 NPObjectProxy::NPRemoveProperty, | |
| 37 NPObjectProxy::NPNEnumerate, | |
| 38 NPObjectProxy::NPNConstruct | |
| 39 }; | |
| 40 | |
| 41 NPObjectProxy* NPObjectProxy::GetProxy(NPObject* object) { | |
| 42 NPObjectProxy* proxy = NULL; | |
| 43 | |
| 44 // Wrapper exists only for NPObjects that we had created. | |
| 45 if (&npclass_proxy_ == object->_class) { | |
| 46 NPObjectWrapper* wrapper = reinterpret_cast<NPObjectWrapper*>(object); | |
| 47 proxy = wrapper->proxy; | |
| 48 } | |
| 49 | |
| 50 return proxy; | |
| 51 } | |
| 52 | |
| 53 NPObject* NPObjectProxy::GetUnderlyingNPObject() { | |
| 54 return NULL; | |
| 55 } | |
| 56 | |
| 57 IPC::Listener* NPObjectProxy::GetChannelListener() { | |
| 58 return static_cast<IPC::Listener*>(this); | |
| 59 } | |
| 60 | |
| 61 NPObjectProxy::NPObjectProxy( | |
| 62 NPChannelBase* channel, | |
| 63 int route_id, | |
| 64 int render_view_id, | |
| 65 const GURL& page_url) | |
| 66 : channel_(channel), | |
| 67 route_id_(route_id), | |
| 68 render_view_id_(render_view_id), | |
| 69 page_url_(page_url) { | |
| 70 channel_->AddRoute(route_id, this, this); | |
| 71 } | |
| 72 | |
| 73 NPObjectProxy::~NPObjectProxy() { | |
| 74 if (channel_.get()) { | |
| 75 // This NPObjectProxy instance is now invalid and should not be reused for | |
| 76 // requests initiated by plugins. We may receive requests for the | |
| 77 // same NPObject in the context of the outgoing NPObjectMsg_Release call. | |
| 78 // We should be creating new NPObjectProxy instances to wrap these | |
| 79 // NPObjects. | |
| 80 channel_->RemoveMappingForNPObjectProxy(route_id_); | |
| 81 channel_->RemoveRoute(route_id_); | |
| 82 Send(new NPObjectMsg_Release(route_id_)); | |
| 83 } | |
| 84 } | |
| 85 | |
| 86 NPObject* NPObjectProxy::Create(NPChannelBase* channel, | |
| 87 int route_id, | |
| 88 int render_view_id, | |
| 89 const GURL& page_url, | |
| 90 NPP owner) { | |
| 91 NPObjectWrapper* obj = reinterpret_cast<NPObjectWrapper*>( | |
| 92 WebBindings::createObject(owner, &npclass_proxy_)); | |
| 93 obj->proxy = new NPObjectProxy(channel, route_id, render_view_id, page_url); | |
| 94 channel->AddMappingForNPObjectProxy(route_id, &obj->object); | |
| 95 return reinterpret_cast<NPObject*>(obj); | |
| 96 } | |
| 97 | |
| 98 bool NPObjectProxy::Send(IPC::Message* msg) { | |
| 99 if (channel_.get()) | |
| 100 return channel_->Send(msg); | |
| 101 | |
| 102 delete msg; | |
| 103 return false; | |
| 104 } | |
| 105 | |
| 106 NPObject* NPObjectProxy::NPAllocate(NPP, NPClass*) { | |
| 107 return reinterpret_cast<NPObject*>(new NPObjectWrapper); | |
| 108 } | |
| 109 | |
| 110 void NPObjectProxy::NPDeallocate(NPObject* npObj) { | |
| 111 NPObjectWrapper* obj = reinterpret_cast<NPObjectWrapper*>(npObj); | |
| 112 delete obj->proxy; | |
| 113 delete obj; | |
| 114 } | |
| 115 | |
| 116 bool NPObjectProxy::OnMessageReceived(const IPC::Message& msg) { | |
| 117 NOTREACHED(); | |
| 118 return false; | |
| 119 } | |
| 120 | |
| 121 void NPObjectProxy::OnChannelError() { | |
| 122 // Release our ref count of the plugin channel object, as it addrefs the | |
| 123 // process. | |
| 124 channel_ = NULL; | |
| 125 } | |
| 126 | |
| 127 bool NPObjectProxy::NPHasMethod(NPObject *obj, | |
| 128 NPIdentifier name) { | |
| 129 if (obj == NULL) | |
| 130 return false; | |
| 131 | |
| 132 bool result = false; | |
| 133 NPObjectProxy* proxy = GetProxy(obj); | |
| 134 | |
| 135 if (!proxy) { | |
| 136 return obj->_class->hasMethod(obj, name); | |
| 137 } | |
| 138 | |
| 139 NPIdentifier_Param name_param; | |
| 140 CreateNPIdentifierParam(name, &name_param); | |
| 141 | |
| 142 proxy->Send(new NPObjectMsg_HasMethod(proxy->route_id(), name_param, | |
| 143 &result)); | |
| 144 return result; | |
| 145 } | |
| 146 | |
| 147 bool NPObjectProxy::NPInvoke(NPObject *obj, | |
| 148 NPIdentifier name, | |
| 149 const NPVariant *args, | |
| 150 uint32_t arg_count, | |
| 151 NPVariant *result) { | |
| 152 return NPInvokePrivate(0, obj, false, name, args, arg_count, result); | |
| 153 } | |
| 154 | |
| 155 bool NPObjectProxy::NPInvokeDefault(NPObject *npobj, | |
| 156 const NPVariant *args, | |
| 157 uint32_t arg_count, | |
| 158 NPVariant *result) { | |
| 159 return NPInvokePrivate(0, npobj, true, 0, args, arg_count, result); | |
| 160 } | |
| 161 | |
| 162 bool NPObjectProxy::NPInvokePrivate(NPP npp, | |
| 163 NPObject *obj, | |
| 164 bool is_default, | |
| 165 NPIdentifier name, | |
| 166 const NPVariant *args, | |
| 167 uint32_t arg_count, | |
| 168 NPVariant *np_result) { | |
| 169 if (obj == NULL) | |
| 170 return false; | |
| 171 | |
| 172 NPObjectProxy* proxy = GetProxy(obj); | |
| 173 if (!proxy) { | |
| 174 if (is_default) { | |
| 175 return obj->_class->invokeDefault(obj, args, arg_count, np_result); | |
| 176 } else { | |
| 177 return obj->_class->invoke(obj, name, args, arg_count, np_result); | |
| 178 } | |
| 179 } | |
| 180 | |
| 181 bool result = false; | |
| 182 int render_view_id = proxy->render_view_id_; | |
| 183 NPIdentifier_Param name_param; | |
| 184 if (is_default) { | |
| 185 // The data won't actually get used, but set it so we don't send random | |
| 186 // data. | |
| 187 name_param.identifier = NULL; | |
| 188 } else { | |
| 189 CreateNPIdentifierParam(name, &name_param); | |
| 190 } | |
| 191 | |
| 192 // Note: This instance can get destroyed in the context of | |
| 193 // Send so addref the channel in this scope. | |
| 194 scoped_refptr<NPChannelBase> channel_copy = proxy->channel_; | |
| 195 std::vector<NPVariant_Param> args_param; | |
| 196 for (unsigned int i = 0; i < arg_count; ++i) { | |
| 197 NPVariant_Param param; | |
| 198 CreateNPVariantParam(args[i], | |
| 199 channel_copy.get(), | |
| 200 ¶m, | |
| 201 false, | |
| 202 render_view_id, | |
| 203 proxy->page_url_); | |
| 204 args_param.push_back(param); | |
| 205 } | |
| 206 | |
| 207 NPVariant_Param param_result; | |
| 208 NPObjectMsg_Invoke* msg = new NPObjectMsg_Invoke( | |
| 209 proxy->route_id_, is_default, name_param, args_param, ¶m_result, | |
| 210 &result); | |
| 211 | |
| 212 // If we're in the plugin process and this invoke leads to a dialog box, the | |
| 213 // plugin will hang the window hierarchy unless we pump the window message | |
| 214 // queue while waiting for a reply. We need to do this to simulate what | |
| 215 // happens when everything runs in-process (while calling MessageBox window | |
| 216 // messages are pumped). | |
| 217 if (IsPluginProcess() && proxy->channel()) { | |
| 218 msg->set_pump_messages_event( | |
| 219 proxy->channel()->GetModalDialogEvent(render_view_id)); | |
| 220 } | |
| 221 | |
| 222 GURL page_url = proxy->page_url_; | |
| 223 proxy->Send(msg); | |
| 224 | |
| 225 // Send may delete proxy. | |
| 226 proxy = NULL; | |
| 227 | |
| 228 if (!result) | |
| 229 return false; | |
| 230 | |
| 231 CreateNPVariant( | |
| 232 param_result, channel_copy.get(), np_result, render_view_id, page_url); | |
| 233 return true; | |
| 234 } | |
| 235 | |
| 236 bool NPObjectProxy::NPHasProperty(NPObject *obj, | |
| 237 NPIdentifier name) { | |
| 238 if (obj == NULL) | |
| 239 return false; | |
| 240 | |
| 241 bool result = false; | |
| 242 NPObjectProxy* proxy = GetProxy(obj); | |
| 243 if (!proxy) { | |
| 244 return obj->_class->hasProperty(obj, name); | |
| 245 } | |
| 246 | |
| 247 NPIdentifier_Param name_param; | |
| 248 CreateNPIdentifierParam(name, &name_param); | |
| 249 | |
| 250 NPVariant_Param param; | |
| 251 proxy->Send(new NPObjectMsg_HasProperty( | |
| 252 proxy->route_id(), name_param, &result)); | |
| 253 | |
| 254 // Send may delete proxy. | |
| 255 proxy = NULL; | |
| 256 | |
| 257 return result; | |
| 258 } | |
| 259 | |
| 260 bool NPObjectProxy::NPGetProperty(NPObject *obj, | |
| 261 NPIdentifier name, | |
| 262 NPVariant *np_result) { | |
| 263 // Please refer to http://code.google.com/p/chromium/issues/detail?id=2556, | |
| 264 // which was a crash in the XStandard plugin during plugin shutdown. The | |
| 265 // crash occured because the plugin requests the plugin script object, | |
| 266 // which fails. The plugin does not check the result of the operation and | |
| 267 // invokes NPN_GetProperty on a NULL object which lead to the crash. If | |
| 268 // we observe similar crashes in other methods in the future, these null | |
| 269 // checks may have to be replicated in the other methods in this class. | |
| 270 if (obj == NULL) | |
| 271 return false; | |
| 272 | |
| 273 NPObjectProxy* proxy = GetProxy(obj); | |
| 274 if (!proxy) { | |
| 275 return obj->_class->getProperty(obj, name, np_result); | |
| 276 } | |
| 277 | |
| 278 bool result = false; | |
| 279 int render_view_id = proxy->render_view_id_; | |
| 280 NPIdentifier_Param name_param; | |
| 281 CreateNPIdentifierParam(name, &name_param); | |
| 282 | |
| 283 NPVariant_Param param; | |
| 284 scoped_refptr<NPChannelBase> channel(proxy->channel_); | |
| 285 | |
| 286 GURL page_url = proxy->page_url_; | |
| 287 proxy->Send(new NPObjectMsg_GetProperty( | |
| 288 proxy->route_id(), name_param, ¶m, &result)); | |
| 289 // Send may delete proxy. | |
| 290 proxy = NULL; | |
| 291 if (!result) | |
| 292 return false; | |
| 293 | |
| 294 CreateNPVariant( | |
| 295 param, channel.get(), np_result, render_view_id, page_url); | |
| 296 | |
| 297 return true; | |
| 298 } | |
| 299 | |
| 300 bool NPObjectProxy::NPSetProperty(NPObject *obj, | |
| 301 NPIdentifier name, | |
| 302 const NPVariant *value) { | |
| 303 if (obj == NULL) | |
| 304 return false; | |
| 305 | |
| 306 NPObjectProxy* proxy = GetProxy(obj); | |
| 307 if (!proxy) { | |
| 308 return obj->_class->setProperty(obj, name, value); | |
| 309 } | |
| 310 | |
| 311 bool result = false; | |
| 312 int render_view_id = proxy->render_view_id_; | |
| 313 NPIdentifier_Param name_param; | |
| 314 CreateNPIdentifierParam(name, &name_param); | |
| 315 | |
| 316 NPVariant_Param value_param; | |
| 317 CreateNPVariantParam( | |
| 318 *value, proxy->channel(), &value_param, false, render_view_id, | |
| 319 proxy->page_url_); | |
| 320 | |
| 321 proxy->Send(new NPObjectMsg_SetProperty( | |
| 322 proxy->route_id(), name_param, value_param, &result)); | |
| 323 // Send may delete proxy. | |
| 324 proxy = NULL; | |
| 325 | |
| 326 return result; | |
| 327 } | |
| 328 | |
| 329 bool NPObjectProxy::NPRemoveProperty(NPObject *obj, | |
| 330 NPIdentifier name) { | |
| 331 if (obj == NULL) | |
| 332 return false; | |
| 333 | |
| 334 bool result = false; | |
| 335 NPObjectProxy* proxy = GetProxy(obj); | |
| 336 if (!proxy) { | |
| 337 return obj->_class->removeProperty(obj, name); | |
| 338 } | |
| 339 | |
| 340 NPIdentifier_Param name_param; | |
| 341 CreateNPIdentifierParam(name, &name_param); | |
| 342 | |
| 343 NPVariant_Param param; | |
| 344 proxy->Send(new NPObjectMsg_RemoveProperty( | |
| 345 proxy->route_id(), name_param, &result)); | |
| 346 // Send may delete proxy. | |
| 347 proxy = NULL; | |
| 348 | |
| 349 return result; | |
| 350 } | |
| 351 | |
| 352 void NPObjectProxy::NPPInvalidate(NPObject *obj) { | |
| 353 if (obj == NULL) | |
| 354 return; | |
| 355 | |
| 356 NPObjectProxy* proxy = GetProxy(obj); | |
| 357 if (!proxy) { | |
| 358 obj->_class->invalidate(obj); | |
| 359 return; | |
| 360 } | |
| 361 | |
| 362 proxy->Send(new NPObjectMsg_Invalidate(proxy->route_id())); | |
| 363 // Send may delete proxy. | |
| 364 proxy = NULL; | |
| 365 } | |
| 366 | |
| 367 bool NPObjectProxy::NPNEnumerate(NPObject *obj, | |
| 368 NPIdentifier **value, | |
| 369 uint32_t *count) { | |
| 370 if (obj == NULL) | |
| 371 return false; | |
| 372 | |
| 373 bool result = false; | |
| 374 NPObjectProxy* proxy = GetProxy(obj); | |
| 375 if (!proxy) { | |
| 376 if (obj->_class->structVersion >= NP_CLASS_STRUCT_VERSION_ENUM) { | |
| 377 return obj->_class->enumerate(obj, value, count); | |
| 378 } else { | |
| 379 return false; | |
| 380 } | |
| 381 } | |
| 382 | |
| 383 std::vector<NPIdentifier_Param> value_param; | |
| 384 proxy->Send(new NPObjectMsg_Enumeration( | |
| 385 proxy->route_id(), &value_param, &result)); | |
| 386 // Send may delete proxy. | |
| 387 proxy = NULL; | |
| 388 | |
| 389 if (!result) | |
| 390 return false; | |
| 391 | |
| 392 *count = static_cast<unsigned int>(value_param.size()); | |
| 393 *value = static_cast<NPIdentifier *>(malloc(sizeof(NPIdentifier) * *count)); | |
| 394 for (unsigned int i = 0; i < *count; ++i) | |
| 395 (*value)[i] = CreateNPIdentifier(value_param[i]); | |
| 396 | |
| 397 return true; | |
| 398 } | |
| 399 | |
| 400 bool NPObjectProxy::NPNConstruct(NPObject *obj, | |
| 401 const NPVariant *args, | |
| 402 uint32_t arg_count, | |
| 403 NPVariant *np_result) { | |
| 404 if (obj == NULL) | |
| 405 return false; | |
| 406 | |
| 407 NPObjectProxy* proxy = GetProxy(obj); | |
| 408 if (!proxy) { | |
| 409 if (obj->_class->structVersion >= NP_CLASS_STRUCT_VERSION_CTOR) { | |
| 410 return obj->_class->construct(obj, args, arg_count, np_result); | |
| 411 } else { | |
| 412 return false; | |
| 413 } | |
| 414 } | |
| 415 | |
| 416 bool result = false; | |
| 417 int render_view_id = proxy->render_view_id_; | |
| 418 | |
| 419 // Note: This instance can get destroyed in the context of | |
| 420 // Send so addref the channel in this scope. | |
| 421 scoped_refptr<NPChannelBase> channel_copy = proxy->channel_; | |
| 422 std::vector<NPVariant_Param> args_param; | |
| 423 for (unsigned int i = 0; i < arg_count; ++i) { | |
| 424 NPVariant_Param param; | |
| 425 CreateNPVariantParam(args[i], | |
| 426 channel_copy.get(), | |
| 427 ¶m, | |
| 428 false, | |
| 429 render_view_id, | |
| 430 proxy->page_url_); | |
| 431 args_param.push_back(param); | |
| 432 } | |
| 433 | |
| 434 NPVariant_Param param_result; | |
| 435 NPObjectMsg_Construct* msg = new NPObjectMsg_Construct( | |
| 436 proxy->route_id_, args_param, ¶m_result, &result); | |
| 437 | |
| 438 // See comment in NPObjectProxy::NPInvokePrivate. | |
| 439 if (IsPluginProcess() && proxy->channel()) { | |
| 440 msg->set_pump_messages_event( | |
| 441 proxy->channel()->GetModalDialogEvent(proxy->render_view_id_)); | |
| 442 } | |
| 443 | |
| 444 GURL page_url = proxy->page_url_; | |
| 445 proxy->Send(msg); | |
| 446 | |
| 447 // Send may delete proxy. | |
| 448 proxy = NULL; | |
| 449 | |
| 450 if (!result) | |
| 451 return false; | |
| 452 | |
| 453 CreateNPVariant( | |
| 454 param_result, channel_copy.get(), np_result, render_view_id, page_url); | |
| 455 return true; | |
| 456 } | |
| 457 | |
| 458 bool NPObjectProxy::NPNEvaluate(NPP npp, | |
| 459 NPObject *obj, | |
| 460 NPString *script, | |
| 461 NPVariant *result_var) { | |
| 462 NPObjectProxy* proxy = GetProxy(obj); | |
| 463 if (!proxy) { | |
| 464 return false; | |
| 465 } | |
| 466 | |
| 467 bool result = false; | |
| 468 int render_view_id = proxy->render_view_id_; | |
| 469 bool popups_allowed = false; | |
| 470 | |
| 471 #if defined(ENABLE_PLUGINS) | |
| 472 if (npp) { | |
| 473 PluginInstance* plugin_instance = | |
| 474 reinterpret_cast<PluginInstance*>(npp->ndata); | |
| 475 if (plugin_instance) | |
| 476 popups_allowed = plugin_instance->popups_allowed(); | |
| 477 } | |
| 478 #endif | |
| 479 | |
| 480 NPVariant_Param result_param; | |
| 481 std::string script_str = std::string( | |
| 482 script->UTF8Characters, script->UTF8Length); | |
| 483 | |
| 484 NPObjectMsg_Evaluate* msg = new NPObjectMsg_Evaluate(proxy->route_id(), | |
| 485 script_str, | |
| 486 popups_allowed, | |
| 487 &result_param, | |
| 488 &result); | |
| 489 | |
| 490 // See comment in NPObjectProxy::NPInvokePrivate. | |
| 491 if (IsPluginProcess() && proxy->channel()) { | |
| 492 msg->set_pump_messages_event( | |
| 493 proxy->channel()->GetModalDialogEvent(render_view_id)); | |
| 494 } | |
| 495 scoped_refptr<NPChannelBase> channel(proxy->channel_); | |
| 496 | |
| 497 GURL page_url = proxy->page_url_; | |
| 498 proxy->Send(msg); | |
| 499 // Send may delete proxy. | |
| 500 proxy = NULL; | |
| 501 if (!result) | |
| 502 return false; | |
| 503 | |
| 504 CreateNPVariant( | |
| 505 result_param, channel.get(), result_var, render_view_id, page_url); | |
| 506 return true; | |
| 507 } | |
| 508 | |
| 509 } // namespace content | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1483733002:
Remove support for NPObjects. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master