OLD | NEW |
(Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "modules/mediasession/MediaMetadataSanitizer.h" |
| 6 |
| 7 #include "modules/mediasession/MediaArtwork.h" |
| 8 #include "modules/mediasession/MediaMetadata.h" |
| 9 #include "modules/mediasession/MojoMediaMetadata.h" |
| 10 #include "public/platform/WebIconSizesParser.h" |
| 11 #include "public/platform/WebString.h" |
| 12 #include "url/url_constants.h" |
| 13 |
| 14 namespace blink { |
| 15 |
| 16 namespace { |
| 17 |
| 18 // Constants used by the sanitizer, must be consistent with |
| 19 // content::MediaMetdataSanitizer. |
| 20 |
| 21 // Maximum length of all strings inside MediaMetadata when it is sent over mojo. |
| 22 const size_t kMaxStringLength = 4 * 1024; |
| 23 |
| 24 // Maximum type length of MediaArtwork, which conforms to RFC 4288 |
| 25 // (https://tools.ietf.org/html/rfc4288). |
| 26 const size_t kMaxArtworkTypeLength = 2 * 127 + 1; |
| 27 |
| 28 // Maximum number of artwork images inside the MediaMetadata. |
| 29 const size_t kMaxNumberOfArtworkImages = 10; |
| 30 |
| 31 // Maximum of sizes in an artwork image. |
| 32 const size_t kMaxNumberOfArtworkSizes = 10; |
| 33 |
| 34 bool checkArtworkSrcSanity(const KURL& src) { |
| 35 if (!src.isValid()) |
| 36 return false; |
| 37 if (!src.protocolIs(url::kHttpScheme) && !src.protocolIs(url::kHttpsScheme) && |
| 38 !src.protocolIs(url::kDataScheme)) { |
| 39 return false; |
| 40 } |
| 41 DCHECK(src.getString().is8Bit()); |
| 42 if (src.getString().length() > url::kMaxURLChars) |
| 43 return false; |
| 44 return true; |
| 45 } |
| 46 |
| 47 Optional<MojoMediaArtwork> sanitizeArtworkAndConvertToMojo( |
| 48 const MediaArtwork* artwork) { |
| 49 DCHECK(artwork); |
| 50 |
| 51 KURL url = KURL(ParsedURLString, artwork->src()); |
| 52 |
| 53 if (!checkArtworkSrcSanity(url)) |
| 54 return WTF::nullopt; |
| 55 |
| 56 MojoMediaArtwork mojoArtwork; |
| 57 mojoArtwork.src = url; |
| 58 mojoArtwork.type = artwork->type().left(kMaxArtworkTypeLength); |
| 59 for (const auto& webSize : |
| 60 WebIconSizesParser::parseIconSizes(artwork->sizes())) { |
| 61 mojoArtwork.sizes.append(webSize); |
| 62 if (mojoArtwork.sizes.size() == kMaxNumberOfArtworkSizes) |
| 63 break; |
| 64 } |
| 65 return mojoArtwork; |
| 66 } |
| 67 |
| 68 } // anonymous namespace |
| 69 |
| 70 Optional<MojoMediaMetadata> MediaMetadataSanitizer::sanitizeAndConvertToMojo( |
| 71 const MediaMetadata* metadata) { |
| 72 if (!metadata) |
| 73 return WTF::nullopt; |
| 74 |
| 75 MojoMediaMetadata mojoMetadata; |
| 76 |
| 77 mojoMetadata.title = metadata->title().left(kMaxStringLength); |
| 78 mojoMetadata.artist = metadata->artist().left(kMaxStringLength); |
| 79 mojoMetadata.album = metadata->album().left(kMaxStringLength); |
| 80 |
| 81 for (const auto artwork : metadata->artwork()) { |
| 82 Optional<MojoMediaArtwork> mojoArtwork = |
| 83 sanitizeArtworkAndConvertToMojo(artwork.get()); |
| 84 if (mojoArtwork.has_value()) |
| 85 mojoMetadata.artwork.append(mojoArtwork.value()); |
| 86 if (mojoMetadata.artwork.size() == kMaxNumberOfArtworkImages) |
| 87 break; |
| 88 } |
| 89 return mojoMetadata; |
| 90 } |
| 91 |
| 92 } // namespace blink |
OLD | NEW |