Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(235)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ui/cocoa/applescript/tab_applescript.mm

Issue 2477633003: [Mac] Add a feature flag to disable Javascript execution in Applescript (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/app/generated_resources.grd ('K') | « chrome/browser/ui/cocoa/applescript/error_applescript.mm ('k') | chrome/common/chrome_features.h » ('j') | chrome/common/chrome_features.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #import "chrome/browser/ui/cocoa/applescript/tab_applescript.h" 5 #import "chrome/browser/ui/cocoa/applescript/tab_applescript.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/files/file_path.h" 8 #include "base/files/file_path.h"
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #import "base/mac/scoped_nsobject.h" 10 #import "base/mac/scoped_nsobject.h"
11 #include "base/strings/sys_string_conversions.h" 11 #include "base/strings/sys_string_conversions.h"
12 #include "chrome/browser/printing/print_view_manager.h" 12 #include "chrome/browser/printing/print_view_manager.h"
13 #include "chrome/browser/sessions/session_tab_helper.h" 13 #include "chrome/browser/sessions/session_tab_helper.h"
14 #include "chrome/browser/ui/cocoa/applescript/apple_event_util.h" 14 #include "chrome/browser/ui/cocoa/applescript/apple_event_util.h"
15 #include "chrome/browser/ui/cocoa/applescript/error_applescript.h" 15 #include "chrome/browser/ui/cocoa/applescript/error_applescript.h"
16 #include "chrome/browser/ui/cocoa/applescript/metrics_applescript.h" 16 #include "chrome/browser/ui/cocoa/applescript/metrics_applescript.h"
17 #include "chrome/common/chrome_features.h"
17 #include "chrome/common/chrome_isolated_world_ids.h" 18 #include "chrome/common/chrome_isolated_world_ids.h"
18 #include "chrome/common/url_constants.h" 19 #include "chrome/common/url_constants.h"
19 #include "components/sessions/core/session_id.h" 20 #include "components/sessions/core/session_id.h"
20 #include "content/public/browser/navigation_controller.h" 21 #include "content/public/browser/navigation_controller.h"
21 #include "content/public/browser/navigation_entry.h" 22 #include "content/public/browser/navigation_entry.h"
22 #include "content/public/browser/render_frame_host.h" 23 #include "content/public/browser/render_frame_host.h"
23 #include "content/public/browser/render_view_host.h" 24 #include "content/public/browser/render_view_host.h"
24 #include "content/public/browser/save_page_type.h" 25 #include "content/public/browser/save_page_type.h"
25 #include "content/public/browser/web_contents.h" 26 #include "content/public/browser/web_contents.h"
26 #include "content/public/browser/web_contents_delegate.h" 27 #include "content/public/browser/web_contents_delegate.h"
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after
119 120
120 NavigationEntry* entry = webContents_->GetController().GetActiveEntry(); 121 NavigationEntry* entry = webContents_->GetController().GetActiveEntry();
121 if (!entry) { 122 if (!entry) {
122 return nil; 123 return nil;
123 } 124 }
124 const GURL& url = entry->GetVirtualURL(); 125 const GURL& url = entry->GetVirtualURL();
125 return base::SysUTF8ToNSString(url.spec()); 126 return base::SysUTF8ToNSString(url.spec());
126 } 127 }
127 128
128 - (void)setURL:(NSString*)aURL { 129 - (void)setURL:(NSString*)aURL {
130 GURL url(base::SysNSStringToUTF8(aURL));
131 if (!base::FeatureList::IsEnabled(features::kApplescriptExecuteJavascript)) {
132 if (url.SchemeIs(url::kJavaScriptScheme)) {
133 AppleScript::SetError(AppleScript::errJavascriptUnsupported);
134 return;
135 }
136 }
137
129 // If a scripter sets a URL before the node is added save it at a temporary 138 // If a scripter sets a URL before the node is added save it at a temporary
130 // location. 139 // location.
131 if (!webContents_) { 140 if (!webContents_) {
132 [self setTempURL:aURL]; 141 [self setTempURL:aURL];
133 return; 142 return;
134 } 143 }
135 144
136 GURL url(base::SysNSStringToUTF8(aURL));
137 // check for valid url. 145 // check for valid url.
138 if (!url.is_empty() && !url.is_valid()) { 146 if (!url.is_empty() && !url.is_valid()) {
139 AppleScript::SetError(AppleScript::errInvalidURL); 147 AppleScript::SetError(AppleScript::errInvalidURL);
140 return; 148 return;
141 } 149 }
142 150
143 NavigationEntry* entry = webContents_->GetController().GetActiveEntry(); 151 NavigationEntry* entry = webContents_->GetController().GetActiveEntry();
144 if (!entry) 152 if (!entry)
145 return; 153 return;
146 154
(...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after
280 if (entry) { 288 if (entry) {
281 webContents_->OpenURL( 289 webContents_->OpenURL(
282 OpenURLParams(GURL(content::kViewSourceScheme + std::string(":") + 290 OpenURLParams(GURL(content::kViewSourceScheme + std::string(":") +
283 entry->GetURL().spec()), 291 entry->GetURL().spec()),
284 Referrer(), WindowOpenDisposition::NEW_FOREGROUND_TAB, 292 Referrer(), WindowOpenDisposition::NEW_FOREGROUND_TAB,
285 ui::PAGE_TRANSITION_LINK, false)); 293 ui::PAGE_TRANSITION_LINK, false));
286 } 294 }
287 } 295 }
288 296
289 - (id)handlesExecuteJavascriptScriptCommand:(NSScriptCommand*)command { 297 - (id)handlesExecuteJavascriptScriptCommand:(NSScriptCommand*)command {
298 if (!base::FeatureList::IsEnabled(features::kApplescriptExecuteJavascript)) {
299 AppleScript::SetError(AppleScript::errJavascriptUnsupported);
300 return nil;
301 }
302
290 AppleScript::LogAppleScriptUMA( 303 AppleScript::LogAppleScriptUMA(
291 AppleScript::AppleScriptCommand::TAB_EXECUTE_JAVASCRIPT); 304 AppleScript::AppleScriptCommand::TAB_EXECUTE_JAVASCRIPT);
292 content::RenderFrameHost* frame = webContents_->GetMainFrame(); 305 content::RenderFrameHost* frame = webContents_->GetMainFrame();
293 if (!frame) { 306 if (!frame) {
294 NOTREACHED(); 307 NOTREACHED();
295 return nil; 308 return nil;
296 } 309 }
297 310
298 NSAppleEventManager* manager = [NSAppleEventManager sharedAppleEventManager]; 311 NSAppleEventManager* manager = [NSAppleEventManager sharedAppleEventManager];
299 NSAppleEventManagerSuspensionID suspensionID = 312 NSAppleEventManagerSuspensionID suspensionID =
300 [manager suspendCurrentAppleEvent]; 313 [manager suspendCurrentAppleEvent];
301 content::RenderFrameHost::JavaScriptResultCallback callback = 314 content::RenderFrameHost::JavaScriptResultCallback callback =
302 base::Bind(&ResumeAppleEventAndSendReply, suspensionID); 315 base::Bind(&ResumeAppleEventAndSendReply, suspensionID);
303 316
304 base::string16 script = base::SysNSStringToUTF16( 317 base::string16 script = base::SysNSStringToUTF16(
305 [[command evaluatedArguments] objectForKey:@"javascript"]); 318 [[command evaluatedArguments] objectForKey:@"javascript"]);
306 frame->ExecuteJavaScriptInIsolatedWorld( 319 frame->ExecuteJavaScriptInIsolatedWorld(
307 script, callback, chrome::ISOLATED_WORLD_ID_APPLESCRIPT); 320 script, callback, chrome::ISOLATED_WORLD_ID_APPLESCRIPT);
308 321
309 return nil; 322 return nil;
310 } 323 }
311 324
312 @end 325 @end
OLDNEW
« chrome/app/generated_resources.grd ('K') | « chrome/browser/ui/cocoa/applescript/error_applescript.mm ('k') | chrome/common/chrome_features.h » ('j') | chrome/common/chrome_features.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698