| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/command_line.h" | 12 #include "base/command_line.h" |
| 13 #include "base/lazy_instance.h" | 13 #include "base/lazy_instance.h" |
| 14 #include "base/path_service.h" | 14 #include "base/path_service.h" |
| 15 #include "base/prefs/pref_service.h" | 15 #include "base/prefs/pref_service.h" |
| 16 #include "base/sha1.h" | |
| 17 #include "base/string_number_conversions.h" | 16 #include "base/string_number_conversions.h" |
| 18 #include "base/strings/string_tokenizer.h" | |
| 19 #include "base/utf_string_conversions.h" | 17 #include "base/utf_string_conversions.h" |
| 20 #include "chrome/app/breakpad_mac.h" | 18 #include "chrome/app/breakpad_mac.h" |
| 21 #include "chrome/browser/app_mode/app_mode_utils.h" | 19 #include "chrome/browser/app_mode/app_mode_utils.h" |
| 22 #include "chrome/browser/browser_about_handler.h" | 20 #include "chrome/browser/browser_about_handler.h" |
| 23 #include "chrome/browser/browser_process.h" | 21 #include "chrome/browser/browser_process.h" |
| 24 #include "chrome/browser/browsing_data/browsing_data_helper.h" | 22 #include "chrome/browser/browsing_data/browsing_data_helper.h" |
| 25 #include "chrome/browser/browsing_data/browsing_data_remover.h" | 23 #include "chrome/browser/browsing_data/browsing_data_remover.h" |
| 26 #include "chrome/browser/character_encoding.h" | 24 #include "chrome/browser/character_encoding.h" |
| 27 #include "chrome/browser/chrome_net_benchmarking_message_filter.h" | 25 #include "chrome/browser/chrome_net_benchmarking_message_filter.h" |
| 28 #include "chrome/browser/chrome_quota_permission_context.h" | 26 #include "chrome/browser/chrome_quota_permission_context.h" |
| (...skipping 15 matching lines...) Expand all Loading... |
| 44 #include "chrome/browser/extensions/extension_webkit_preferences.h" | 42 #include "chrome/browser/extensions/extension_webkit_preferences.h" |
| 45 #include "chrome/browser/extensions/suggest_permission_util.h" | 43 #include "chrome/browser/extensions/suggest_permission_util.h" |
| 46 #include "chrome/browser/geolocation/chrome_access_token_store.h" | 44 #include "chrome/browser/geolocation/chrome_access_token_store.h" |
| 47 #include "chrome/browser/google/google_util.h" | 45 #include "chrome/browser/google/google_util.h" |
| 48 #include "chrome/browser/media/media_capture_devices_dispatcher.h" | 46 #include "chrome/browser/media/media_capture_devices_dispatcher.h" |
| 49 #include "chrome/browser/metrics/chrome_browser_main_extra_parts_metrics.h" | 47 #include "chrome/browser/metrics/chrome_browser_main_extra_parts_metrics.h" |
| 50 #include "chrome/browser/nacl_host/nacl_process_host.h" | 48 #include "chrome/browser/nacl_host/nacl_process_host.h" |
| 51 #include "chrome/browser/net/chrome_net_log.h" | 49 #include "chrome/browser/net/chrome_net_log.h" |
| 52 #include "chrome/browser/notifications/desktop_notification_service.h" | 50 #include "chrome/browser/notifications/desktop_notification_service.h" |
| 53 #include "chrome/browser/notifications/desktop_notification_service_factory.h" | 51 #include "chrome/browser/notifications/desktop_notification_service_factory.h" |
| 52 #include "chrome/browser/pepper_permission_util.h" |
| 54 #include "chrome/browser/platform_util.h" | 53 #include "chrome/browser/platform_util.h" |
| 55 #include "chrome/browser/plugins/plugin_info_message_filter.h" | 54 #include "chrome/browser/plugins/plugin_info_message_filter.h" |
| 56 #include "chrome/browser/prefs/scoped_user_pref_update.h" | 55 #include "chrome/browser/prefs/scoped_user_pref_update.h" |
| 57 #include "chrome/browser/prerender/prerender_manager.h" | 56 #include "chrome/browser/prerender/prerender_manager.h" |
| 58 #include "chrome/browser/prerender/prerender_manager_factory.h" | 57 #include "chrome/browser/prerender/prerender_manager_factory.h" |
| 59 #include "chrome/browser/prerender/prerender_message_filter.h" | 58 #include "chrome/browser/prerender/prerender_message_filter.h" |
| 60 #include "chrome/browser/prerender/prerender_tracker.h" | 59 #include "chrome/browser/prerender/prerender_tracker.h" |
| 61 #include "chrome/browser/printing/printing_message_filter.h" | 60 #include "chrome/browser/printing/printing_message_filter.h" |
| 62 #include "chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.h" | 61 #include "chrome/browser/profiles/chrome_browser_main_extra_parts_profiles.h" |
| 63 #include "chrome/browser/profiles/profile.h" | 62 #include "chrome/browser/profiles/profile.h" |
| (...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 195 using extensions::APIPermission; | 194 using extensions::APIPermission; |
| 196 using extensions::Extension; | 195 using extensions::Extension; |
| 197 using extensions::Manifest; | 196 using extensions::Manifest; |
| 198 | 197 |
| 199 namespace { | 198 namespace { |
| 200 | 199 |
| 201 // Cached version of the locale so we can return the locale on the I/O | 200 // Cached version of the locale so we can return the locale on the I/O |
| 202 // thread. | 201 // thread. |
| 203 base::LazyInstance<std::string> g_io_thread_application_locale; | 202 base::LazyInstance<std::string> g_io_thread_application_locale; |
| 204 | 203 |
| 204 #if defined(ENABLE_PLUGINS) |
| 205 const char* kPredefinedAllowedSocketOrigins[] = { | 205 const char* kPredefinedAllowedSocketOrigins[] = { |
| 206 "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client | 206 "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client |
| 207 "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client) | 207 "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client) |
| 208 "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126 | 208 "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126 |
| 209 "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop | 209 "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop |
| 210 "kgngmbheleoaphbjbaiobfdepmghbfah", // Pre-release Chrome Remote Desktop | 210 "kgngmbheleoaphbjbaiobfdepmghbfah", // Pre-release Chrome Remote Desktop |
| 211 "odkaodonbgfohohmklejpjiejmcipmib", // Dogfood Chrome Remote Desktop | 211 "odkaodonbgfohohmklejpjiejmcipmib", // Dogfood Chrome Remote Desktop |
| 212 "ojoimpklfciegopdfgeenehpalipignm", // Chromoting canary | 212 "ojoimpklfciegopdfgeenehpalipignm", // Chromoting canary |
| 213 "cbkkbcmdlboombapidmoeolnmdacpkch", // see crbug.com/129089 | 213 "cbkkbcmdlboombapidmoeolnmdacpkch", // see crbug.com/129089 |
| 214 "hhnbmknkdabfoieppbbljkhkfjcmcbjh", // see crbug.com/134099 | 214 "hhnbmknkdabfoieppbbljkhkfjcmcbjh", // see crbug.com/134099 |
| 215 "mablfbjkhmhkmefkjjacnbaikjkipphg", // see crbug.com/134099 | 215 "mablfbjkhmhkmefkjjacnbaikjkipphg", // see crbug.com/134099 |
| 216 "pdeelgamlgannhelgoegilelnnojegoh", // see crbug.com/134099 | 216 "pdeelgamlgannhelgoegilelnnojegoh", // see crbug.com/134099 |
| 217 "cabapfdbkniadpollkckdnedaanlciaj", // see crbug.com/134099 | 217 "cabapfdbkniadpollkckdnedaanlciaj", // see crbug.com/134099 |
| 218 "mapljbgnjledlpdmlchihnmeclmefbba", // see crbug.com/134099 | 218 "mapljbgnjledlpdmlchihnmeclmefbba", // see crbug.com/134099 |
| 219 "ghbfeebgmiidnnmeobbbaiamklmpbpii", // see crbug.com/134099 | 219 "ghbfeebgmiidnnmeobbbaiamklmpbpii", // see crbug.com/134099 |
| 220 "jdfhpkjeckflbbleddjlpimecpbjdeep", // see crbug.com/142514 | 220 "jdfhpkjeckflbbleddjlpimecpbjdeep", // see crbug.com/142514 |
| 221 "iabmpiboiopbgfabjmgeedhcmjenhbla", // see crbug.com/165080 | 221 "iabmpiboiopbgfabjmgeedhcmjenhbla", // see crbug.com/165080 |
| 222 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789 | 222 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789 |
| 223 "7525AF4F66763A70A883C4700529F647B470E4D2", // see crbug.com/238084 | 223 "7525AF4F66763A70A883C4700529F647B470E4D2", // see crbug.com/238084 |
| 224 "0B549507088E1564D672F7942EB87CA4DAD73972", // see crbug.com/238084 | 224 "0B549507088E1564D672F7942EB87CA4DAD73972", // see crbug.com/238084 |
| 225 "864288364E239573E777D3E0E36864E590E95C74" // see crbug.com/238084 | 225 "864288364E239573E777D3E0E36864E590E95C74" // see crbug.com/238084 |
| 226 }; | 226 }; |
| 227 #endif |
| 227 | 228 |
| 228 // Returns a copy of the given url with its host set to given host and path set | 229 // Returns a copy of the given url with its host set to given host and path set |
| 229 // to given path. Other parts of the url will be the same. | 230 // to given path. Other parts of the url will be the same. |
| 230 GURL ReplaceURLHostAndPath(const GURL& url, | 231 GURL ReplaceURLHostAndPath(const GURL& url, |
| 231 const std::string& host, | 232 const std::string& host, |
| 232 const std::string& path) { | 233 const std::string& path) { |
| 233 url_canon::Replacements<char> replacements; | 234 url_canon::Replacements<char> replacements; |
| 234 replacements.SetHost(host.c_str(), | 235 replacements.SetHost(host.c_str(), |
| 235 url_parse::Component(0, host.length())); | 236 url_parse::Component(0, host.length())); |
| 236 replacements.SetPath(path.c_str(), | 237 replacements.SetPath(path.c_str(), |
| (...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 456 effective_url = effective_url.ReplaceComponents(replacements); | 457 effective_url = effective_url.ReplaceComponents(replacements); |
| 457 return effective_url; | 458 return effective_url; |
| 458 } | 459 } |
| 459 #endif | 460 #endif |
| 460 | 461 |
| 461 void SetApplicationLocaleOnIOThread(const std::string& locale) { | 462 void SetApplicationLocaleOnIOThread(const std::string& locale) { |
| 462 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 463 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 463 g_io_thread_application_locale.Get() = locale; | 464 g_io_thread_application_locale.Get() = locale; |
| 464 } | 465 } |
| 465 | 466 |
| 466 std::string HashHost(const std::string& host) { | |
| 467 const std::string id_hash = base::SHA1HashString(host); | |
| 468 DCHECK(id_hash.length() == base::kSHA1Length); | |
| 469 return base::HexEncode(id_hash.c_str(), id_hash.length()); | |
| 470 } | |
| 471 | |
| 472 bool HostIsInSet(const std::string& host, const std::set<std::string>& set) { | |
| 473 return set.count(host) > 0 || set.count(HashHost(host)) > 0; | |
| 474 } | |
| 475 | |
| 476 } // namespace | 467 } // namespace |
| 477 | 468 |
| 478 namespace chrome { | 469 namespace chrome { |
| 479 | 470 |
| 480 ChromeContentBrowserClient::ChromeContentBrowserClient() { | 471 ChromeContentBrowserClient::ChromeContentBrowserClient() { |
| 472 #if defined(ENABLE_PLUGINS) |
| 481 for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i) | 473 for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i) |
| 482 allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]); | 474 allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]); |
| 475 #endif |
| 483 | 476 |
| 484 permissions_policy_delegate_.reset( | 477 permissions_policy_delegate_.reset( |
| 485 new extensions::BrowserPermissionsPolicyDelegate()); | 478 new extensions::BrowserPermissionsPolicyDelegate()); |
| 486 } | 479 } |
| 487 | 480 |
| 488 ChromeContentBrowserClient::~ChromeContentBrowserClient() { | 481 ChromeContentBrowserClient::~ChromeContentBrowserClient() { |
| 489 } | 482 } |
| 490 | 483 |
| 491 // static | 484 // static |
| 492 void ChromeContentBrowserClient::RegisterUserPrefs( | 485 void ChromeContentBrowserClient::RegisterUserPrefs( |
| (...skipping 1641 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2134 return false; | 2127 return false; |
| 2135 | 2128 |
| 2136 return extension->HasAPIPermission(APIPermission::kWebView) || | 2129 return extension->HasAPIPermission(APIPermission::kWebView) || |
| 2137 extension->HasAPIPermission(APIPermission::kAdView); | 2130 extension->HasAPIPermission(APIPermission::kAdView); |
| 2138 } | 2131 } |
| 2139 | 2132 |
| 2140 bool ChromeContentBrowserClient::AllowPepperSocketAPI( | 2133 bool ChromeContentBrowserClient::AllowPepperSocketAPI( |
| 2141 content::BrowserContext* browser_context, | 2134 content::BrowserContext* browser_context, |
| 2142 const GURL& url, | 2135 const GURL& url, |
| 2143 const content::SocketPermissionRequest& params) { | 2136 const content::SocketPermissionRequest& params) { |
| 2144 if (!url.is_valid()) | 2137 #if defined(ENABLE_PLUGINS) |
| 2145 return false; | 2138 return IsExtensionOrSharedModuleWhitelisted( |
| 2146 | 2139 Profile::FromBrowserContext(browser_context), |
| 2147 std::string host = url.host(); | 2140 url, |
| 2148 if (url.SchemeIs(extensions::kExtensionScheme) && | 2141 allowed_socket_origins_, |
| 2149 HostIsInSet(host, allowed_socket_origins_)) { | 2142 switches::kAllowNaClSocketAPI); |
| 2150 return true; | 2143 #else |
| 2151 } | |
| 2152 | |
| 2153 Profile* profile = Profile::FromBrowserContext(browser_context); | |
| 2154 const Extension* extension = NULL; | |
| 2155 ExtensionService* extension_service = !profile ? NULL : | |
| 2156 extensions::ExtensionSystem::Get(profile)->extension_service(); | |
| 2157 if (extension_service) { | |
| 2158 extension = extension_service->extensions()-> | |
| 2159 GetExtensionOrAppByURL(ExtensionURLInfo(url)); | |
| 2160 } | |
| 2161 | |
| 2162 // Check the modules that are imported by this extension to see if any of them | |
| 2163 // is whitelisted. | |
| 2164 if (extension) { | |
| 2165 const std::vector<extensions::SharedModuleInfo::ImportInfo>& imports = | |
| 2166 extensions::SharedModuleInfo::GetImports(extension); | |
| 2167 std::vector<extensions::SharedModuleInfo::ImportInfo>::const_iterator it; | |
| 2168 for (it = imports.begin(); it != imports.end(); ++it) { | |
| 2169 const Extension* imported_extension = extension_service-> | |
| 2170 GetExtensionById(it->extension_id, false); | |
| 2171 if (imported_extension && | |
| 2172 extensions::SharedModuleInfo::IsSharedModule(imported_extension) && | |
| 2173 HostIsInSet(it->extension_id, allowed_socket_origins_)) { | |
| 2174 return true; | |
| 2175 } | |
| 2176 } | |
| 2177 } | |
| 2178 | |
| 2179 // Need to check this now and not on construction because otherwise it won't | |
| 2180 // work with browser_tests. | |
| 2181 const CommandLine& command_line = *CommandLine::ForCurrentProcess(); | |
| 2182 std::string allowed_list = | |
| 2183 command_line.GetSwitchValueASCII(switches::kAllowNaClSocketAPI); | |
| 2184 if (allowed_list == "*") { | |
| 2185 // The wildcard allows socket API only for packaged and platform apps. | |
| 2186 return extension && | |
| 2187 (extension->GetType() == Manifest::TYPE_LEGACY_PACKAGED_APP || | |
| 2188 extension->GetType() == Manifest::TYPE_PLATFORM_APP); | |
| 2189 } else if (!allowed_list.empty()) { | |
| 2190 base::StringTokenizer t(allowed_list, ","); | |
| 2191 while (t.GetNext()) { | |
| 2192 if (t.token() == host) | |
| 2193 return true; | |
| 2194 } | |
| 2195 } | |
| 2196 | |
| 2197 return false; | 2144 return false; |
| 2145 #endif |
| 2198 } | 2146 } |
| 2199 | 2147 |
| 2200 base::FilePath ChromeContentBrowserClient::GetHyphenDictionaryDirectory() { | 2148 base::FilePath ChromeContentBrowserClient::GetHyphenDictionaryDirectory() { |
| 2201 base::FilePath directory; | 2149 base::FilePath directory; |
| 2202 PathService::Get(chrome::DIR_APP_DICTIONARIES, &directory); | 2150 PathService::Get(chrome::DIR_APP_DICTIONARIES, &directory); |
| 2203 return directory.Append(FILE_PATH_LITERAL("Hyphen")); | 2151 return directory.Append(FILE_PATH_LITERAL("Hyphen")); |
| 2204 } | 2152 } |
| 2205 | 2153 |
| 2206 ui::SelectFilePolicy* ChromeContentBrowserClient::CreateSelectFilePolicy( | 2154 ui::SelectFilePolicy* ChromeContentBrowserClient::CreateSelectFilePolicy( |
| 2207 WebContents* web_contents) { | 2155 WebContents* web_contents) { |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2325 #if defined(USE_NSS) | 2273 #if defined(USE_NSS) |
| 2326 crypto::CryptoModuleBlockingPasswordDelegate* | 2274 crypto::CryptoModuleBlockingPasswordDelegate* |
| 2327 ChromeContentBrowserClient::GetCryptoPasswordDelegate( | 2275 ChromeContentBrowserClient::GetCryptoPasswordDelegate( |
| 2328 const GURL& url) { | 2276 const GURL& url) { |
| 2329 return chrome::NewCryptoModuleBlockingDialogDelegate( | 2277 return chrome::NewCryptoModuleBlockingDialogDelegate( |
| 2330 chrome::kCryptoModulePasswordKeygen, url.host()); | 2278 chrome::kCryptoModulePasswordKeygen, url.host()); |
| 2331 } | 2279 } |
| 2332 #endif | 2280 #endif |
| 2333 | 2281 |
| 2334 } // namespace chrome | 2282 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 15521002:
Flag and whitelist to allow crxfs api in NaCl (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master