OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/chrome_content_browser_client_extensions_par t.h" | 5 #include "chrome/browser/extensions/chrome_content_browser_client_extensions_par t.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <set> | 9 #include <set> |
10 | 10 |
11 #include "base/command_line.h" | 11 #include "base/command_line.h" |
12 #include "chrome/browser/browser_process.h" | 12 #include "chrome/browser/browser_process.h" |
13 #include "chrome/browser/extensions/extension_service.h" | 13 #include "chrome/browser/extensions/extension_service.h" |
14 #include "chrome/browser/extensions/extension_web_ui.h" | 14 #include "chrome/browser/extensions/extension_web_ui.h" |
15 #include "chrome/browser/extensions/extension_webkit_preferences.h" | 15 #include "chrome/browser/extensions/extension_webkit_preferences.h" |
16 #include "chrome/browser/media_galleries/fileapi/media_file_system_backend.h" | 16 #include "chrome/browser/media_galleries/fileapi/media_file_system_backend.h" |
17 #include "chrome/browser/profiles/profile.h" | 17 #include "chrome/browser/profiles/profile.h" |
18 #include "chrome/browser/profiles/profile_io_data.h" | 18 #include "chrome/browser/profiles/profile_io_data.h" |
19 #include "chrome/browser/profiles/profile_manager.h" | 19 #include "chrome/browser/profiles/profile_manager.h" |
20 #include "chrome/browser/renderer_host/chrome_extension_message_filter.h" | 20 #include "chrome/browser/renderer_host/chrome_extension_message_filter.h" |
21 #include "chrome/browser/sync_file_system/local/sync_file_system_backend.h" | 21 #include "chrome/browser/sync_file_system/local/sync_file_system_backend.h" |
22 #include "chrome/common/chrome_constants.h" | 22 #include "chrome/common/chrome_constants.h" |
23 #include "chrome/common/chrome_switches.h" | 23 #include "chrome/common/chrome_switches.h" |
24 #include "chrome/common/extensions/extension_process_policy.h" | 24 #include "chrome/common/extensions/extension_process_policy.h" |
25 #include "components/guest_view/browser/guest_view_message_filter.h" | 25 #include "components/guest_view/browser/guest_view_message_filter.h" |
26 #include "content/public/browser/browser_thread.h" | 26 #include "content/public/browser/browser_thread.h" |
27 #include "content/public/browser/browser_url_handler.h" | 27 #include "content/public/browser/browser_url_handler.h" |
28 #include "content/public/browser/render_process_host.h" | 28 #include "content/public/browser/render_process_host.h" |
29 #include "content/public/browser/render_view_host.h" | 29 #include "content/public/browser/render_view_host.h" |
30 #include "content/public/browser/resource_dispatcher_host.h" | |
31 #include "content/public/browser/resource_dispatcher_host_interceptor.h" | |
30 #include "content/public/browser/site_instance.h" | 32 #include "content/public/browser/site_instance.h" |
31 #include "content/public/browser/vpn_service_proxy.h" | 33 #include "content/public/browser/vpn_service_proxy.h" |
32 #include "content/public/browser/web_contents.h" | 34 #include "content/public/browser/web_contents.h" |
33 #include "content/public/common/content_switches.h" | 35 #include "content/public/common/content_switches.h" |
34 #include "extensions/browser/api/web_request/web_request_api.h" | 36 #include "extensions/browser/api/web_request/web_request_api.h" |
35 #include "extensions/browser/api/web_request/web_request_api_helpers.h" | 37 #include "extensions/browser/api/web_request/web_request_api_helpers.h" |
38 #include "extensions/browser/bad_message.h" | |
36 #include "extensions/browser/extension_host.h" | 39 #include "extensions/browser/extension_host.h" |
37 #include "extensions/browser/extension_message_filter.h" | 40 #include "extensions/browser/extension_message_filter.h" |
38 #include "extensions/browser/extension_registry.h" | 41 #include "extensions/browser/extension_registry.h" |
39 #include "extensions/browser/extension_service_worker_message_filter.h" | 42 #include "extensions/browser/extension_service_worker_message_filter.h" |
40 #include "extensions/browser/extension_system.h" | 43 #include "extensions/browser/extension_system.h" |
41 #include "extensions/browser/guest_view/extensions_guest_view_message_filter.h" | 44 #include "extensions/browser/guest_view/extensions_guest_view_message_filter.h" |
42 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h" | 45 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h" |
43 #include "extensions/browser/info_map.h" | 46 #include "extensions/browser/info_map.h" |
44 #include "extensions/browser/io_thread_extension_message_filter.h" | 47 #include "extensions/browser/io_thread_extension_message_filter.h" |
45 #include "extensions/browser/view_type_utils.h" | 48 #include "extensions/browser/view_type_utils.h" |
(...skipping 219 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
265 registry->enabled_extensions().GetExtensionOrAppByURL(url); | 268 registry->enabled_extensions().GetExtensionOrAppByURL(url); |
266 if (new_extension && new_extension->is_hosted_app() && | 269 if (new_extension && new_extension->is_hosted_app() && |
267 new_extension->id() == kWebStoreAppId && | 270 new_extension->id() == kWebStoreAppId && |
268 !ProcessMap::Get(process_host->GetBrowserContext()) | 271 !ProcessMap::Get(process_host->GetBrowserContext()) |
269 ->Contains(new_extension->id(), process_host->GetID())) { | 272 ->Contains(new_extension->id(), process_host->GetID())) { |
270 return false; | 273 return false; |
271 } | 274 } |
272 return true; | 275 return true; |
273 } | 276 } |
274 | 277 |
275 bool ChromeContentBrowserClientExtensionsPart::IsIllegalOrigin( | |
276 content::ResourceContext* resource_context, | |
277 int child_process_id, | |
278 const GURL& origin) { | |
279 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
280 | |
281 // Consider non-extension URLs safe; they will be checked elsewhere. | |
282 if (!origin.SchemeIs(kExtensionScheme)) | |
283 return false; | |
284 | |
285 // If there is no extension installed for the URL, it couldn't have committed. | |
286 // (If the extension was recently uninstalled, the tab would have closed.) | |
287 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); | |
288 InfoMap* extension_info_map = io_data->GetExtensionInfoMap(); | |
289 const Extension* extension = | |
290 extension_info_map->extensions().GetExtensionOrAppByURL(origin); | |
291 if (!extension) | |
292 return true; | |
293 | |
294 // Check for platform app origins. These can only be committed by the app | |
295 // itself, or by one if its guests if there are accessible_resources. | |
296 const ProcessMap& process_map = extension_info_map->process_map(); | |
297 if (extension->is_platform_app() && | |
298 !process_map.Contains(extension->id(), child_process_id)) { | |
299 // This is a platform app origin not in the app's own process. If there are | |
300 // no accessible resources, this is illegal. | |
301 if (!extension->GetManifestData(manifest_keys::kWebviewAccessibleResources)) | |
302 return true; | |
303 | |
304 // If there are accessible resources, the origin is only legal if the given | |
305 // process is a guest of the app. | |
306 std::string owner_extension_id; | |
307 int owner_process_id; | |
308 WebViewRendererState::GetInstance()->GetOwnerInfo( | |
309 child_process_id, &owner_process_id, &owner_extension_id); | |
310 const Extension* owner_extension = | |
311 extension_info_map->extensions().GetByID(owner_extension_id); | |
312 return !owner_extension || owner_extension != extension; | |
313 } | |
314 | |
315 // With only the origin and not the full URL, we don't have enough information | |
316 // to validate hosted apps or web_accessible_resources in normal extensions. | |
317 // Assume they're legal. | |
318 return false; | |
319 } | |
320 | |
321 // static | 278 // static |
322 bool ChromeContentBrowserClientExtensionsPart::IsSuitableHost( | 279 bool ChromeContentBrowserClientExtensionsPart::IsSuitableHost( |
323 Profile* profile, | 280 Profile* profile, |
324 content::RenderProcessHost* process_host, | 281 content::RenderProcessHost* process_host, |
325 const GURL& site_url) { | 282 const GURL& site_url) { |
326 DCHECK(profile); | 283 DCHECK(profile); |
327 | 284 |
328 ExtensionRegistry* registry = ExtensionRegistry::Get(profile); | 285 ExtensionRegistry* registry = ExtensionRegistry::Get(profile); |
329 ProcessMap* process_map = ProcessMap::Get(profile); | 286 ProcessMap* process_map = ProcessMap::Get(profile); |
330 | 287 |
(...skipping 324 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
655 #if defined(ENABLE_WEBRTC) | 612 #if defined(ENABLE_WEBRTC) |
656 command_line->AppendSwitch(::switches::kEnableWebRtcHWH264Encoding); | 613 command_line->AppendSwitch(::switches::kEnableWebRtcHWH264Encoding); |
657 #endif | 614 #endif |
658 if (base::CommandLine::ForCurrentProcess()->HasSwitch( | 615 if (base::CommandLine::ForCurrentProcess()->HasSwitch( |
659 switches::kEnableMojoSerialService)) { | 616 switches::kEnableMojoSerialService)) { |
660 command_line->AppendSwitch(switches::kEnableMojoSerialService); | 617 command_line->AppendSwitch(switches::kEnableMojoSerialService); |
661 } | 618 } |
662 } | 619 } |
663 } | 620 } |
664 | 621 |
622 void ChromeContentBrowserClientExtensionsPart::ResourceDispatcherHostCreated() { | |
623 content::ResourceDispatcherHost::Get()->RegisterInterceptor( | |
624 "Origin", | |
625 kExtensionScheme, | |
626 base::Bind( | |
627 &ChromeContentBrowserClientExtensionsPart::OnHttpHeaderReceived)); | |
628 } | |
629 | |
630 // static. | |
631 void ChromeContentBrowserClientExtensionsPart::OnHttpHeaderReceived( | |
jam
2016/08/10 00:19:26
nit: why are these two methods part of ChromeConte
ananta
2016/08/10 00:30:02
I had moved them to the namespace. Forgot to uploa
| |
632 const std::string& header, | |
633 const std::string& value, | |
634 int child_id, | |
635 content::ResourceContext* resource_context, | |
636 OnHeaderProcessedCallback callback) override { | |
637 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
638 | |
639 GURL origin(value); | |
640 DCHECK(origin.SchemeIs(extensions::kExtensionScheme)); | |
641 | |
642 if (IsIllegalOrigin(resource_context, child_id, origin)) { | |
643 callback.Run(false, bad_message::INVALID_ORIGIN); | |
644 } else { | |
645 callback.Run(true, 0); | |
646 } | |
647 } | |
648 | |
649 // static. | |
650 bool ChromeContentBrowserClientExtensionsPart::IsIllegalOrigin( | |
651 content::ResourceContext* resource_context, | |
652 int child_id, | |
653 const GURL& origin) { | |
654 DCHECK_CURRENTLY_ON(BrowserThread::IO); | |
655 | |
656 // Consider non-extension URLs safe; they will be checked elsewhere. | |
657 if (!origin.SchemeIs(kExtensionScheme)) | |
658 return false; | |
659 | |
660 // If there is no extension installed for the URL, it couldn't have | |
661 // committed. | |
662 // (If the extension was recently uninstalled, the tab would have closed.) | |
663 ProfileIOData* io_data = | |
664 ProfileIOData::FromResourceContext(resource_context); | |
665 InfoMap* extension_info_map = io_data->GetExtensionInfoMap(); | |
666 const Extension* extension = | |
667 extension_info_map->extensions().GetExtensionOrAppByURL(origin); | |
668 if (!extension) | |
669 return true; | |
670 | |
671 // Check for platform app origins. These can only be committed by the app | |
672 // itself, or by one if its guests if there are accessible_resources. | |
673 const ProcessMap& process_map = extension_info_map->process_map(); | |
674 if (extension->is_platform_app() && | |
675 !process_map.Contains(extension->id(), child_id)) { | |
676 // This is a platform app origin not in the app's own process. If there | |
677 // are | |
678 // no accessible resources, this is illegal. | |
679 if (!extension->GetManifestData( | |
680 manifest_keys::kWebviewAccessibleResources)) | |
681 return true; | |
682 | |
683 // If there are accessible resources, the origin is only legal if the | |
684 // given | |
685 // process is a guest of the app. | |
686 std::string owner_extension_id; | |
687 int owner_process_id; | |
688 WebViewRendererState::GetInstance()->GetOwnerInfo( | |
689 child_id, &owner_process_id, &owner_extension_id); | |
690 const Extension* owner_extension = | |
691 extension_info_map->extensions().GetByID(owner_extension_id); | |
692 return !owner_extension || owner_extension != extension; | |
693 } | |
694 | |
695 // With only the origin and not the full URL, we don't have enough | |
696 // information | |
697 // to validate hosted apps or web_accessible_resources in normal extensions. | |
698 // Assume they're legal. | |
699 return false; | |
700 } | |
701 | |
665 } // namespace extensions | 702 } // namespace extensions |
OLD | NEW |