OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "extensions/browser/guest_view/extension_view/extension_view_guest.h" | 5 #include "extensions/browser/guest_view/extension_view/extension_view_guest.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "components/crx_file/id_util.h" | 9 #include "components/crx_file/id_util.h" |
10 #include "components/guest_view/browser/guest_view_event.h" | 10 #include "components/guest_view/browser/guest_view_event.h" |
11 #include "content/public/browser/render_process_host.h" | 11 #include "content/public/browser/render_process_host.h" |
12 #include "content/public/common/result_codes.h" | 12 #include "content/public/common/result_codes.h" |
13 #include "extensions/browser/api/extensions_api_client.h" | 13 #include "extensions/browser/api/extensions_api_client.h" |
14 #include "extensions/browser/bad_message.h" | 14 #include "extensions/browser/bad_message.h" |
15 #include "extensions/browser/guest_view/extension_view/extension_view_constants.
h" | 15 #include "extensions/browser/guest_view/extension_view/extension_view_constants.
h" |
16 #include "extensions/browser/guest_view/extension_view/whitelist/extension_view_
whitelist.h" | 16 #include "extensions/browser/guest_view/extension_view/whitelist/extension_view_
whitelist.h" |
17 #include "extensions/common/constants.h" | 17 #include "extensions/common/constants.h" |
18 #include "extensions/common/extension_messages.h" | 18 #include "extensions/common/extension_messages.h" |
19 #include "extensions/strings/grit/extensions_strings.h" | 19 #include "extensions/strings/grit/extensions_strings.h" |
| 20 #include "url/origin.h" |
20 | 21 |
21 using content::WebContents; | 22 using content::WebContents; |
22 using guest_view::GuestViewBase; | 23 using guest_view::GuestViewBase; |
23 using guest_view::GuestViewEvent; | 24 using guest_view::GuestViewEvent; |
24 using namespace extensions::api; | 25 using namespace extensions::api; |
25 | 26 |
26 namespace extensions { | 27 namespace extensions { |
27 | 28 |
28 // static | 29 // static |
29 const char ExtensionViewGuest::Type[] = "extensionview"; | 30 const char ExtensionViewGuest::Type[] = "extensionview"; |
30 | 31 |
31 ExtensionViewGuest::ExtensionViewGuest(WebContents* owner_web_contents) | 32 ExtensionViewGuest::ExtensionViewGuest(WebContents* owner_web_contents) |
32 : GuestView<ExtensionViewGuest>(owner_web_contents) {} | 33 : GuestView<ExtensionViewGuest>(owner_web_contents) {} |
33 | 34 |
34 ExtensionViewGuest::~ExtensionViewGuest() { | 35 ExtensionViewGuest::~ExtensionViewGuest() { |
35 } | 36 } |
36 | 37 |
37 // static | 38 // static |
38 GuestViewBase* ExtensionViewGuest::Create(WebContents* owner_web_contents) { | 39 GuestViewBase* ExtensionViewGuest::Create(WebContents* owner_web_contents) { |
39 return new ExtensionViewGuest(owner_web_contents); | 40 return new ExtensionViewGuest(owner_web_contents); |
40 } | 41 } |
41 | 42 |
42 bool ExtensionViewGuest::NavigateGuest(const std::string& src, | 43 bool ExtensionViewGuest::NavigateGuest(const std::string& src, |
43 bool force_navigation) { | 44 bool force_navigation) { |
44 GURL url = extension_url_.Resolve(src); | 45 GURL url = extension_url_.Resolve(src); |
45 | 46 |
46 // If the URL is not valid, about:blank, or the same origin as the extension, | 47 // If the URL is not valid, about:blank, or the same origin as the extension, |
47 // then navigate to about:blank. | 48 // then navigate to about:blank. |
48 bool url_not_allowed = (url != GURL(url::kAboutBlankURL)) && | 49 bool url_not_allowed = url != GURL(url::kAboutBlankURL) && |
49 (url.GetOrigin() != extension_url_.GetOrigin()); | 50 !url::IsSameOriginWith(url, extension_url_); |
50 if (!url.is_valid() || url_not_allowed) | 51 if (!url.is_valid() || url_not_allowed) |
51 return NavigateGuest(url::kAboutBlankURL, true /* force_navigation */); | 52 return NavigateGuest(url::kAboutBlankURL, true /* force_navigation */); |
52 | 53 |
53 if (!force_navigation && (url_ == url)) | 54 if (!force_navigation && (url_ == url)) |
54 return false; | 55 return false; |
55 | 56 |
56 web_contents()->GetRenderProcessHost()->FilterURL(false, &url); | 57 web_contents()->GetRenderProcessHost()->FilterURL(false, &url); |
57 web_contents()->GetController().LoadURL(url, content::Referrer(), | 58 web_contents()->GetController().LoadURL(url, content::Referrer(), |
58 ui::PAGE_TRANSITION_AUTO_TOPLEVEL, | 59 ui::PAGE_TRANSITION_AUTO_TOPLEVEL, |
59 std::string()); | 60 std::string()); |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
128 | 129 |
129 scoped_ptr<base::DictionaryValue> args(new base::DictionaryValue()); | 130 scoped_ptr<base::DictionaryValue> args(new base::DictionaryValue()); |
130 args->SetString(guest_view::kUrl, url_.spec()); | 131 args->SetString(guest_view::kUrl, url_.spec()); |
131 DispatchEventToView(make_scoped_ptr( | 132 DispatchEventToView(make_scoped_ptr( |
132 new GuestViewEvent(extensionview::kEventLoadCommit, std::move(args)))); | 133 new GuestViewEvent(extensionview::kEventLoadCommit, std::move(args)))); |
133 } | 134 } |
134 | 135 |
135 void ExtensionViewGuest::DidNavigateMainFrame( | 136 void ExtensionViewGuest::DidNavigateMainFrame( |
136 const content::LoadCommittedDetails& details, | 137 const content::LoadCommittedDetails& details, |
137 const content::FrameNavigateParams& params) { | 138 const content::FrameNavigateParams& params) { |
138 if (attached() && (params.url.GetOrigin() != url_.GetOrigin())) { | 139 if (attached() && !url::IsSameOriginWith(params.url, url_)) { |
139 bad_message::ReceivedBadMessage(web_contents()->GetRenderProcessHost(), | 140 bad_message::ReceivedBadMessage(web_contents()->GetRenderProcessHost(), |
140 bad_message::EVG_BAD_ORIGIN); | 141 bad_message::EVG_BAD_ORIGIN); |
141 } | 142 } |
142 } | 143 } |
143 | 144 |
144 void ExtensionViewGuest::ApplyAttributes(const base::DictionaryValue& params) { | 145 void ExtensionViewGuest::ApplyAttributes(const base::DictionaryValue& params) { |
145 std::string src; | 146 std::string src; |
146 params.GetString(extensionview::kAttributeSrc, &src); | 147 params.GetString(extensionview::kAttributeSrc, &src); |
147 NavigateGuest(src, false /* force_navigation */); | 148 NavigateGuest(src, false /* force_navigation */); |
148 } | 149 } |
149 | 150 |
150 } // namespace extensions | 151 } // namespace extensions |
OLD | NEW |