OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/renderer/content_settings_observer.h" | 5 #include "chrome/renderer/content_settings_observer.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/metrics/histogram.h" | 8 #include "base/metrics/histogram.h" |
9 #include "chrome/common/chrome_switches.h" | 9 #include "chrome/common/chrome_switches.h" |
10 #include "chrome/common/render_messages.h" | 10 #include "chrome/common/render_messages.h" |
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
226 temporarily_allowed_plugins_.clear(); | 226 temporarily_allowed_plugins_.clear(); |
227 } | 227 } |
228 | 228 |
229 GURL url = frame->document().url(); | 229 GURL url = frame->document().url(); |
230 // If we start failing this DCHECK, please makes sure we don't regress | 230 // If we start failing this DCHECK, please makes sure we don't regress |
231 // this bug: http://code.google.com/p/chromium/issues/detail?id=79304 | 231 // this bug: http://code.google.com/p/chromium/issues/detail?id=79304 |
232 DCHECK(frame->document().securityOrigin().toString() == "null" || | 232 DCHECK(frame->document().securityOrigin().toString() == "null" || |
233 !url.SchemeIs(content::kDataScheme)); | 233 !url.SchemeIs(content::kDataScheme)); |
234 } | 234 } |
235 | 235 |
236 bool ContentSettingsObserver::allowDatabase(WebFrame* frame, | 236 bool ContentSettingsObserver::allowDatabase( |
237 const WebString& name, | 237 blink::WebFrame* frame, |
| 238 const blink::WebString& name, |
| 239 const blink::WebString& display_name, |
| 240 unsigned long estimated_size) { |
| 241 return allowDatabase(name, display_name, estimated_size); |
| 242 } |
| 243 |
| 244 bool ContentSettingsObserver::allowFileSystem(blink::WebFrame* frame) { |
| 245 return allowFileSystem(); |
| 246 } |
| 247 |
| 248 bool ContentSettingsObserver::allowImage(blink::WebFrame* frame, |
| 249 bool enabled_per_settings, |
| 250 const blink::WebURL& image_url) { |
| 251 return allowImage(enabled_per_settings, image_url); |
| 252 } |
| 253 |
| 254 bool ContentSettingsObserver::allowIndexedDB( |
| 255 blink::WebFrame* frame, |
| 256 const blink::WebString& name, |
| 257 const blink::WebSecurityOrigin& origin) { |
| 258 return allowIndexedDB(name, origin); |
| 259 } |
| 260 |
| 261 bool ContentSettingsObserver::allowPlugins(blink::WebFrame* frame, |
| 262 bool enabled_per_settings) { |
| 263 return allowPlugins(enabled_per_settings); |
| 264 } |
| 265 |
| 266 bool ContentSettingsObserver::allowScript(blink::WebFrame* frame, |
| 267 bool enabled_per_settings) { |
| 268 return allowScript(enabled_per_settings); |
| 269 } |
| 270 |
| 271 bool ContentSettingsObserver::allowScriptFromSource( |
| 272 blink::WebFrame* frame, |
| 273 bool enabled_per_settings, |
| 274 const blink::WebURL& script_url) { |
| 275 return allowScriptFromSource(enabled_per_settings, script_url); |
| 276 } |
| 277 |
| 278 bool ContentSettingsObserver::allowStorage(blink::WebFrame* frame, bool local) { |
| 279 return allowStorage(local); |
| 280 } |
| 281 |
| 282 bool ContentSettingsObserver::allowReadFromClipboard(blink::WebFrame* frame, |
| 283 bool default_value) { |
| 284 return allowReadFromClipboard(default_value); |
| 285 } |
| 286 |
| 287 bool ContentSettingsObserver::allowWriteToClipboard(blink::WebFrame* frame, |
| 288 bool default_value) { |
| 289 return allowWriteToClipboard(default_value); |
| 290 } |
| 291 |
| 292 bool ContentSettingsObserver::allowWebComponents(blink::WebFrame* frame, |
| 293 bool default_value) { |
| 294 return allowWebComponents(default_value); |
| 295 } |
| 296 |
| 297 bool ContentSettingsObserver::allowMutationEvents(blink::WebFrame* frame, |
| 298 bool default_value) { |
| 299 return allowMutationEvents(default_value); |
| 300 } |
| 301 |
| 302 bool ContentSettingsObserver::allowPushState(blink::WebFrame* frame) { |
| 303 return allowPushState(); |
| 304 } |
| 305 |
| 306 void ContentSettingsObserver::didNotAllowPlugins(blink::WebFrame* frame) { |
| 307 return didNotAllowPlugins(); |
| 308 } |
| 309 |
| 310 void ContentSettingsObserver::didNotAllowScript(blink::WebFrame* frame) { |
| 311 return didNotAllowScript(); |
| 312 } |
| 313 |
| 314 bool ContentSettingsObserver::allowDisplayingInsecureContent( |
| 315 blink::WebFrame* frame, |
| 316 bool allowed_per_settings, |
| 317 const blink::WebSecurityOrigin& context, |
| 318 const blink::WebURL& url) { |
| 319 return allowDisplayingInsecureContent(allowed_per_settings, context, url); |
| 320 } |
| 321 |
| 322 bool ContentSettingsObserver::allowRunningInsecureContent( |
| 323 blink::WebFrame* frame, |
| 324 bool allowed_per_settings, |
| 325 const blink::WebSecurityOrigin& context, |
| 326 const blink::WebURL& url) { |
| 327 return allowRunningInsecureContent(allowed_per_settings, context, url); |
| 328 } |
| 329 |
| 330 bool ContentSettingsObserver::allowDatabase(const WebString& name, |
238 const WebString& display_name, | 331 const WebString& display_name, |
239 unsigned long estimated_size) { | 332 unsigned long estimated_size) { |
| 333 WebFrame* frame = render_frame()->GetWebFrame(); |
240 if (frame->document().securityOrigin().isUnique() || | 334 if (frame->document().securityOrigin().isUnique() || |
241 frame->top()->document().securityOrigin().isUnique()) | 335 frame->top()->document().securityOrigin().isUnique()) |
242 return false; | 336 return false; |
243 | 337 |
244 bool result = false; | 338 bool result = false; |
245 Send(new ChromeViewHostMsg_AllowDatabase( | 339 Send(new ChromeViewHostMsg_AllowDatabase( |
246 routing_id(), GURL(frame->document().securityOrigin().toString()), | 340 routing_id(), GURL(frame->document().securityOrigin().toString()), |
247 GURL(frame->top()->document().securityOrigin().toString()), | 341 GURL(frame->top()->document().securityOrigin().toString()), |
248 name, display_name, &result)); | 342 name, display_name, &result)); |
249 return result; | 343 return result; |
250 } | 344 } |
251 | 345 |
252 bool ContentSettingsObserver::allowFileSystem(WebFrame* frame) { | 346 bool ContentSettingsObserver::allowFileSystem() { |
| 347 WebFrame* frame = render_frame()->GetWebFrame(); |
253 if (frame->document().securityOrigin().isUnique() || | 348 if (frame->document().securityOrigin().isUnique() || |
254 frame->top()->document().securityOrigin().isUnique()) | 349 frame->top()->document().securityOrigin().isUnique()) |
255 return false; | 350 return false; |
256 | 351 |
257 bool result = false; | 352 bool result = false; |
258 Send(new ChromeViewHostMsg_AllowFileSystem( | 353 Send(new ChromeViewHostMsg_AllowFileSystem( |
259 routing_id(), GURL(frame->document().securityOrigin().toString()), | 354 routing_id(), GURL(frame->document().securityOrigin().toString()), |
260 GURL(frame->top()->document().securityOrigin().toString()), &result)); | 355 GURL(frame->top()->document().securityOrigin().toString()), &result)); |
261 return result; | 356 return result; |
262 } | 357 } |
263 | 358 |
264 bool ContentSettingsObserver::allowImage(WebFrame* frame, | 359 bool ContentSettingsObserver::allowImage(bool enabled_per_settings, |
265 bool enabled_per_settings, | |
266 const WebURL& image_url) { | 360 const WebURL& image_url) { |
267 bool allow = enabled_per_settings; | 361 bool allow = enabled_per_settings; |
268 if (enabled_per_settings) { | 362 if (enabled_per_settings) { |
269 if (is_interstitial_page_) | 363 if (is_interstitial_page_) |
270 return true; | 364 return true; |
| 365 |
| 366 WebFrame* frame = render_frame()->GetWebFrame(); |
271 if (IsWhitelistedForContentSettings(frame)) | 367 if (IsWhitelistedForContentSettings(frame)) |
272 return true; | 368 return true; |
273 | 369 |
274 if (content_setting_rules_) { | 370 if (content_setting_rules_) { |
275 GURL secondary_url(image_url); | 371 GURL secondary_url(image_url); |
276 allow = GetContentSettingFromRules( | 372 allow = GetContentSettingFromRules( |
277 content_setting_rules_->image_rules, | 373 content_setting_rules_->image_rules, |
278 frame, secondary_url) != CONTENT_SETTING_BLOCK; | 374 frame, secondary_url) != CONTENT_SETTING_BLOCK; |
279 } | 375 } |
280 } | 376 } |
281 if (!allow) | 377 if (!allow) |
282 DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES); | 378 DidBlockContentType(CONTENT_SETTINGS_TYPE_IMAGES); |
283 return allow; | 379 return allow; |
284 } | 380 } |
285 | 381 |
286 bool ContentSettingsObserver::allowIndexedDB(WebFrame* frame, | 382 bool ContentSettingsObserver::allowIndexedDB(const WebString& name, |
287 const WebString& name, | |
288 const WebSecurityOrigin& origin) { | 383 const WebSecurityOrigin& origin) { |
| 384 WebFrame* frame = render_frame()->GetWebFrame(); |
289 if (frame->document().securityOrigin().isUnique() || | 385 if (frame->document().securityOrigin().isUnique() || |
290 frame->top()->document().securityOrigin().isUnique()) | 386 frame->top()->document().securityOrigin().isUnique()) |
291 return false; | 387 return false; |
292 | 388 |
293 bool result = false; | 389 bool result = false; |
294 Send(new ChromeViewHostMsg_AllowIndexedDB( | 390 Send(new ChromeViewHostMsg_AllowIndexedDB( |
295 routing_id(), GURL(frame->document().securityOrigin().toString()), | 391 routing_id(), GURL(frame->document().securityOrigin().toString()), |
296 GURL(frame->top()->document().securityOrigin().toString()), | 392 GURL(frame->top()->document().securityOrigin().toString()), |
297 name, &result)); | 393 name, &result)); |
298 return result; | 394 return result; |
299 } | 395 } |
300 | 396 |
301 bool ContentSettingsObserver::allowPlugins(WebFrame* frame, | 397 bool ContentSettingsObserver::allowPlugins(bool enabled_per_settings) { |
302 bool enabled_per_settings) { | |
303 return enabled_per_settings; | 398 return enabled_per_settings; |
304 } | 399 } |
305 | 400 |
306 bool ContentSettingsObserver::allowScript(WebFrame* frame, | 401 bool ContentSettingsObserver::allowScript(bool enabled_per_settings) { |
307 bool enabled_per_settings) { | |
308 if (!enabled_per_settings) | 402 if (!enabled_per_settings) |
309 return false; | 403 return false; |
310 if (is_interstitial_page_) | 404 if (is_interstitial_page_) |
311 return true; | 405 return true; |
312 | 406 |
| 407 WebFrame* frame = render_frame()->GetWebFrame(); |
313 std::map<WebFrame*, bool>::const_iterator it = | 408 std::map<WebFrame*, bool>::const_iterator it = |
314 cached_script_permissions_.find(frame); | 409 cached_script_permissions_.find(frame); |
315 if (it != cached_script_permissions_.end()) | 410 if (it != cached_script_permissions_.end()) |
316 return it->second; | 411 return it->second; |
317 | 412 |
318 // Evaluate the content setting rules before | 413 // Evaluate the content setting rules before |
319 // |IsWhitelistedForContentSettings|; if there is only the default rule | 414 // |IsWhitelistedForContentSettings|; if there is only the default rule |
320 // allowing all scripts, it's quicker this way. | 415 // allowing all scripts, it's quicker this way. |
321 bool allow = true; | 416 bool allow = true; |
322 if (content_setting_rules_) { | 417 if (content_setting_rules_) { |
323 ContentSetting setting = GetContentSettingFromRules( | 418 ContentSetting setting = GetContentSettingFromRules( |
324 content_setting_rules_->script_rules, | 419 content_setting_rules_->script_rules, |
325 frame, | 420 frame, |
326 GURL(frame->document().securityOrigin().toString())); | 421 GURL(frame->document().securityOrigin().toString())); |
327 allow = setting != CONTENT_SETTING_BLOCK; | 422 allow = setting != CONTENT_SETTING_BLOCK; |
328 } | 423 } |
329 allow = allow || IsWhitelistedForContentSettings(frame); | 424 allow = allow || IsWhitelistedForContentSettings(frame); |
330 | 425 |
331 cached_script_permissions_[frame] = allow; | 426 cached_script_permissions_[frame] = allow; |
332 return allow; | 427 return allow; |
333 } | 428 } |
334 | 429 |
335 bool ContentSettingsObserver::allowScriptFromSource( | 430 bool ContentSettingsObserver::allowScriptFromSource( |
336 WebFrame* frame, | |
337 bool enabled_per_settings, | 431 bool enabled_per_settings, |
338 const blink::WebURL& script_url) { | 432 const blink::WebURL& script_url) { |
339 if (!enabled_per_settings) | 433 if (!enabled_per_settings) |
340 return false; | 434 return false; |
341 if (is_interstitial_page_) | 435 if (is_interstitial_page_) |
342 return true; | 436 return true; |
343 | 437 |
344 bool allow = true; | 438 bool allow = true; |
| 439 WebFrame* frame = render_frame()->GetWebFrame(); |
345 if (content_setting_rules_) { | 440 if (content_setting_rules_) { |
346 ContentSetting setting = GetContentSettingFromRules( | 441 ContentSetting setting = GetContentSettingFromRules( |
347 content_setting_rules_->script_rules, | 442 content_setting_rules_->script_rules, |
348 frame, | 443 frame, |
349 GURL(script_url)); | 444 GURL(script_url)); |
350 allow = setting != CONTENT_SETTING_BLOCK; | 445 allow = setting != CONTENT_SETTING_BLOCK; |
351 } | 446 } |
352 return allow || IsWhitelistedForContentSettings(frame); | 447 return allow || IsWhitelistedForContentSettings(frame); |
353 } | 448 } |
354 | 449 |
355 bool ContentSettingsObserver::allowStorage(WebFrame* frame, bool local) { | 450 bool ContentSettingsObserver::allowStorage(bool local) { |
| 451 WebFrame* frame = render_frame()->GetWebFrame(); |
356 if (frame->document().securityOrigin().isUnique() || | 452 if (frame->document().securityOrigin().isUnique() || |
357 frame->top()->document().securityOrigin().isUnique()) | 453 frame->top()->document().securityOrigin().isUnique()) |
358 return false; | 454 return false; |
359 bool result = false; | 455 bool result = false; |
360 | 456 |
361 StoragePermissionsKey key( | 457 StoragePermissionsKey key( |
362 GURL(frame->document().securityOrigin().toString()), local); | 458 GURL(frame->document().securityOrigin().toString()), local); |
363 std::map<StoragePermissionsKey, bool>::const_iterator permissions = | 459 std::map<StoragePermissionsKey, bool>::const_iterator permissions = |
364 cached_storage_permissions_.find(key); | 460 cached_storage_permissions_.find(key); |
365 if (permissions != cached_storage_permissions_.end()) | 461 if (permissions != cached_storage_permissions_.end()) |
366 return permissions->second; | 462 return permissions->second; |
367 | 463 |
368 Send(new ChromeViewHostMsg_AllowDOMStorage( | 464 Send(new ChromeViewHostMsg_AllowDOMStorage( |
369 routing_id(), GURL(frame->document().securityOrigin().toString()), | 465 routing_id(), GURL(frame->document().securityOrigin().toString()), |
370 GURL(frame->top()->document().securityOrigin().toString()), | 466 GURL(frame->top()->document().securityOrigin().toString()), |
371 local, &result)); | 467 local, &result)); |
372 cached_storage_permissions_[key] = result; | 468 cached_storage_permissions_[key] = result; |
373 return result; | 469 return result; |
374 } | 470 } |
375 | 471 |
376 bool ContentSettingsObserver::allowReadFromClipboard(WebFrame* frame, | 472 bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) { |
377 bool default_value) { | |
378 bool allowed = false; | 473 bool allowed = false; |
| 474 WebFrame* frame = render_frame()->GetWebFrame(); |
379 // TODO(dcheng): Should we consider a toURL() method on WebSecurityOrigin? | 475 // TODO(dcheng): Should we consider a toURL() method on WebSecurityOrigin? |
380 Send(new ChromeViewHostMsg_CanTriggerClipboardRead( | 476 Send(new ChromeViewHostMsg_CanTriggerClipboardRead( |
381 GURL(frame->document().securityOrigin().toString()), &allowed)); | 477 GURL(frame->document().securityOrigin().toString()), &allowed)); |
382 return allowed; | 478 return allowed; |
383 } | 479 } |
384 | 480 |
385 bool ContentSettingsObserver::allowWriteToClipboard(WebFrame* frame, | 481 bool ContentSettingsObserver::allowWriteToClipboard(bool default_value) { |
386 bool default_value) { | |
387 bool allowed = false; | 482 bool allowed = false; |
| 483 WebFrame* frame = render_frame()->GetWebFrame(); |
388 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( | 484 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( |
389 GURL(frame->document().securityOrigin().toString()), &allowed)); | 485 GURL(frame->document().securityOrigin().toString()), &allowed)); |
390 return allowed; | 486 return allowed; |
391 } | 487 } |
392 | 488 |
393 bool ContentSettingsObserver::allowWebComponents(WebFrame* frame, | 489 bool ContentSettingsObserver::allowWebComponents(bool default_value) { |
394 bool defaultValue) { | 490 if (default_value) |
395 if (defaultValue) | |
396 return true; | 491 return true; |
397 | 492 |
| 493 WebFrame* frame = render_frame()->GetWebFrame(); |
398 WebSecurityOrigin origin = frame->document().securityOrigin(); | 494 WebSecurityOrigin origin = frame->document().securityOrigin(); |
399 if (EqualsASCII(origin.protocol(), content::kChromeUIScheme)) | 495 if (EqualsASCII(origin.protocol(), content::kChromeUIScheme)) |
400 return true; | 496 return true; |
401 | 497 |
402 if (const extensions::Extension* extension = GetExtension(origin)) { | 498 if (const extensions::Extension* extension = GetExtension(origin)) { |
403 if (extension->HasAPIPermission(APIPermission::kExperimental)) | 499 if (extension->HasAPIPermission(APIPermission::kExperimental)) |
404 return true; | 500 return true; |
405 } | 501 } |
406 | 502 |
407 return false; | 503 return false; |
408 } | 504 } |
409 | 505 |
410 bool ContentSettingsObserver::allowMutationEvents(WebFrame* frame, | 506 bool ContentSettingsObserver::allowMutationEvents(bool default_value) { |
411 bool default_value) { | 507 WebFrame* frame = render_frame()->GetWebFrame(); |
412 WebSecurityOrigin origin = frame->document().securityOrigin(); | 508 WebSecurityOrigin origin = frame->document().securityOrigin(); |
413 const extensions::Extension* extension = GetExtension(origin); | 509 const extensions::Extension* extension = GetExtension(origin); |
414 if (extension && extension->is_platform_app()) | 510 if (extension && extension->is_platform_app()) |
415 return false; | 511 return false; |
416 return default_value; | 512 return default_value; |
417 } | 513 } |
418 | 514 |
419 bool ContentSettingsObserver::allowPushState(WebFrame* frame) { | 515 bool ContentSettingsObserver::allowPushState() { |
| 516 WebFrame* frame = render_frame()->GetWebFrame(); |
420 WebSecurityOrigin origin = frame->document().securityOrigin(); | 517 WebSecurityOrigin origin = frame->document().securityOrigin(); |
421 const extensions::Extension* extension = GetExtension(origin); | 518 const extensions::Extension* extension = GetExtension(origin); |
422 return !extension || !extension->is_platform_app(); | 519 return !extension || !extension->is_platform_app(); |
423 } | 520 } |
424 | 521 |
425 static void SendInsecureContentSignal(int signal) { | 522 static void SendInsecureContentSignal(int signal) { |
426 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, | 523 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, |
427 INSECURE_CONTENT_NUM_EVENTS); | 524 INSECURE_CONTENT_NUM_EVENTS); |
428 } | 525 } |
429 | 526 |
430 bool ContentSettingsObserver::allowDisplayingInsecureContent( | 527 bool ContentSettingsObserver::allowDisplayingInsecureContent( |
431 blink::WebFrame* frame, | |
432 bool allowed_per_settings, | 528 bool allowed_per_settings, |
433 const blink::WebSecurityOrigin& origin, | 529 const blink::WebSecurityOrigin& origin, |
434 const blink::WebURL& resource_url) { | 530 const blink::WebURL& resource_url) { |
435 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY); | 531 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY); |
436 | 532 |
437 std::string origin_host(origin.host().utf8()); | 533 std::string origin_host(origin.host().utf8()); |
| 534 WebFrame* frame = render_frame()->GetWebFrame(); |
438 GURL frame_gurl(frame->document().url()); | 535 GURL frame_gurl(frame->document().url()); |
439 if (IsHostInDomain(origin_host, kGoogleDotCom)) { | 536 if (IsHostInDomain(origin_host, kGoogleDotCom)) { |
440 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE); | 537 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE); |
441 if (StartsWithASCII(frame_gurl.path(), kGoogleSupportPathPrefix, false)) { | 538 if (StartsWithASCII(frame_gurl.path(), kGoogleSupportPathPrefix, false)) { |
442 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT); | 539 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_SUPPORT); |
443 } else if (StartsWithASCII(frame_gurl.path(), | 540 } else if (StartsWithASCII(frame_gurl.path(), |
444 kGoogleIntlPathPrefix, | 541 kGoogleIntlPathPrefix, |
445 false)) { | 542 false)) { |
446 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_INTL); | 543 SendInsecureContentSignal(INSECURE_CONTENT_DISPLAY_HOST_GOOGLE_INTL); |
447 } | 544 } |
(...skipping 29 matching lines...) Expand all Loading... |
477 | 574 |
478 if (allowed_per_settings || allow_displaying_insecure_content_) | 575 if (allowed_per_settings || allow_displaying_insecure_content_) |
479 return true; | 576 return true; |
480 | 577 |
481 Send(new ChromeViewHostMsg_DidBlockDisplayingInsecureContent(routing_id())); | 578 Send(new ChromeViewHostMsg_DidBlockDisplayingInsecureContent(routing_id())); |
482 | 579 |
483 return false; | 580 return false; |
484 } | 581 } |
485 | 582 |
486 bool ContentSettingsObserver::allowRunningInsecureContent( | 583 bool ContentSettingsObserver::allowRunningInsecureContent( |
487 blink::WebFrame* frame, | |
488 bool allowed_per_settings, | 584 bool allowed_per_settings, |
489 const blink::WebSecurityOrigin& origin, | 585 const blink::WebSecurityOrigin& origin, |
490 const blink::WebURL& resource_url) { | 586 const blink::WebURL& resource_url) { |
491 std::string origin_host(origin.host().utf8()); | 587 std::string origin_host(origin.host().utf8()); |
| 588 WebFrame* frame = render_frame()->GetWebFrame(); |
492 GURL frame_gurl(frame->document().url()); | 589 GURL frame_gurl(frame->document().url()); |
493 DCHECK_EQ(frame_gurl.host(), origin_host); | 590 DCHECK_EQ(frame_gurl.host(), origin_host); |
494 | 591 |
495 bool is_google = IsHostInDomain(origin_host, kGoogleDotCom); | 592 bool is_google = IsHostInDomain(origin_host, kGoogleDotCom); |
496 if (is_google) { | 593 if (is_google) { |
497 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE); | 594 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE); |
498 if (StartsWithASCII(frame_gurl.path(), kGoogleSupportPathPrefix, false)) { | 595 if (StartsWithASCII(frame_gurl.path(), kGoogleSupportPathPrefix, false)) { |
499 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT); | 596 SendInsecureContentSignal(INSECURE_CONTENT_RUN_HOST_GOOGLE_SUPPORT); |
500 } else if (StartsWithASCII(frame_gurl.path(), | 597 } else if (StartsWithASCII(frame_gurl.path(), |
501 kGoogleIntlPathPrefix, | 598 kGoogleIntlPathPrefix, |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
542 SendInsecureContentSignal(INSECURE_CONTENT_RUN_SWF); | 639 SendInsecureContentSignal(INSECURE_CONTENT_RUN_SWF); |
543 | 640 |
544 if (!allow_running_insecure_content_ && !allowed_per_settings) { | 641 if (!allow_running_insecure_content_ && !allowed_per_settings) { |
545 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT); | 642 DidBlockContentType(CONTENT_SETTINGS_TYPE_MIXEDSCRIPT); |
546 return false; | 643 return false; |
547 } | 644 } |
548 | 645 |
549 return true; | 646 return true; |
550 } | 647 } |
551 | 648 |
552 void ContentSettingsObserver::didNotAllowPlugins(WebFrame* frame) { | 649 void ContentSettingsObserver::didNotAllowPlugins() { |
553 DidBlockContentType(CONTENT_SETTINGS_TYPE_PLUGINS); | 650 DidBlockContentType(CONTENT_SETTINGS_TYPE_PLUGINS); |
554 } | 651 } |
555 | 652 |
556 void ContentSettingsObserver::didNotAllowScript(WebFrame* frame) { | 653 void ContentSettingsObserver::didNotAllowScript() { |
557 DidBlockContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT); | 654 DidBlockContentType(CONTENT_SETTINGS_TYPE_JAVASCRIPT); |
558 } | 655 } |
559 | 656 |
560 bool ContentSettingsObserver::AreNPAPIPluginsBlocked() const { | 657 bool ContentSettingsObserver::AreNPAPIPluginsBlocked() const { |
561 return npapi_plugins_blocked_; | 658 return npapi_plugins_blocked_; |
562 } | 659 } |
563 | 660 |
564 void ContentSettingsObserver::OnLoadBlockedPlugins( | 661 void ContentSettingsObserver::OnLoadBlockedPlugins( |
565 const std::string& identifier) { | 662 const std::string& identifier) { |
566 temporarily_allowed_plugins_.insert(identifier); | 663 temporarily_allowed_plugins_.insert(identifier); |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
649 | 746 |
650 // If the scheme is file:, an empty file name indicates a directory listing, | 747 // If the scheme is file:, an empty file name indicates a directory listing, |
651 // which requires JavaScript to function properly. | 748 // which requires JavaScript to function properly. |
652 if (EqualsASCII(origin.protocol(), content::kFileScheme)) { | 749 if (EqualsASCII(origin.protocol(), content::kFileScheme)) { |
653 return document_url.SchemeIs(content::kFileScheme) && | 750 return document_url.SchemeIs(content::kFileScheme) && |
654 document_url.ExtractFileName().empty(); | 751 document_url.ExtractFileName().empty(); |
655 } | 752 } |
656 | 753 |
657 return false; | 754 return false; |
658 } | 755 } |
OLD | NEW |