OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/plugins/plugin_info_message_filter.h" | 5 #include "chrome/browser/plugins/plugin_info_message_filter.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <algorithm> | 9 #include <algorithm> |
10 #include <memory> | 10 #include <memory> |
(...skipping 23 matching lines...) Expand all Loading... |
34 #include "components/component_updater/component_updater_service.h" | 34 #include "components/component_updater/component_updater_service.h" |
35 #include "components/content_settings/core/browser/content_settings_utils.h" | 35 #include "components/content_settings/core/browser/content_settings_utils.h" |
36 #include "components/content_settings/core/browser/host_content_settings_map.h" | 36 #include "components/content_settings/core/browser/host_content_settings_map.h" |
37 #include "components/content_settings/core/common/content_settings.h" | 37 #include "components/content_settings/core/common/content_settings.h" |
38 #include "components/prefs/pref_service.h" | 38 #include "components/prefs/pref_service.h" |
39 #include "components/rappor/rappor_service.h" | 39 #include "components/rappor/rappor_service.h" |
40 #include "content/public/browser/browser_thread.h" | 40 #include "content/public/browser/browser_thread.h" |
41 #include "content/public/browser/plugin_service.h" | 41 #include "content/public/browser/plugin_service.h" |
42 #include "content/public/browser/plugin_service_filter.h" | 42 #include "content/public/browser/plugin_service_filter.h" |
43 #include "content/public/common/content_constants.h" | 43 #include "content/public/common/content_constants.h" |
| 44 #include "extensions/features/features.h" |
44 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" | 45 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
45 #include "ppapi/features/features.h" | 46 #include "ppapi/features/features.h" |
46 #include "url/gurl.h" | 47 #include "url/gurl.h" |
47 #include "url/origin.h" | 48 #include "url/origin.h" |
48 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR. | 49 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR. |
49 | 50 |
50 #if defined(ENABLE_EXTENSIONS) | 51 #if BUILDFLAG(ENABLE_EXTENSIONS) |
51 #include "components/guest_view/browser/guest_view_base.h" | 52 #include "components/guest_view/browser/guest_view_base.h" |
52 #include "extensions/browser/extension_registry.h" | 53 #include "extensions/browser/extension_registry.h" |
53 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h" | 54 #include "extensions/browser/guest_view/web_view/web_view_renderer_state.h" |
54 #include "extensions/common/constants.h" | 55 #include "extensions/common/constants.h" |
55 #include "extensions/common/extension.h" | 56 #include "extensions/common/extension.h" |
56 #include "extensions/common/manifest_handlers/webview_info.h" | 57 #include "extensions/common/manifest_handlers/webview_info.h" |
57 #endif | 58 #endif |
58 | 59 |
59 #if !defined(DISABLE_NACL) | 60 #if !defined(DISABLE_NACL) |
60 #include "components/nacl/common/nacl_constants.h" | 61 #include "components/nacl/common/nacl_constants.h" |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
111 main_frame_origin.GetURL(), | 112 main_frame_origin.GetURL(), |
112 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)); | 113 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)); |
113 rappor_service->RecordSample( | 114 rappor_service->RecordSample( |
114 "Plugins.FlashUrl", rappor::ETLD_PLUS_ONE_RAPPOR_TYPE, | 115 "Plugins.FlashUrl", rappor::ETLD_PLUS_ONE_RAPPOR_TYPE, |
115 net::registry_controlled_domains::GetDomainAndRegistry( | 116 net::registry_controlled_domains::GetDomainAndRegistry( |
116 url, | 117 url, |
117 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)); | 118 net::registry_controlled_domains::INCLUDE_PRIVATE_REGISTRIES)); |
118 } | 119 } |
119 } | 120 } |
120 | 121 |
121 #if defined(ENABLE_EXTENSIONS) | 122 #if BUILDFLAG(ENABLE_EXTENSIONS) |
122 // Returns whether a request from a plugin to load |resource| from a renderer | 123 // Returns whether a request from a plugin to load |resource| from a renderer |
123 // with process id |process_id| is a request for an internal resource by an app | 124 // with process id |process_id| is a request for an internal resource by an app |
124 // listed in |accessible_resources| in its manifest. | 125 // listed in |accessible_resources| in its manifest. |
125 bool IsPluginLoadingAccessibleResourceInWebView( | 126 bool IsPluginLoadingAccessibleResourceInWebView( |
126 extensions::ExtensionRegistry* extension_registry, | 127 extensions::ExtensionRegistry* extension_registry, |
127 int process_id, | 128 int process_id, |
128 const GURL& resource) { | 129 const GURL& resource) { |
129 extensions::WebViewRendererState* renderer_state = | 130 extensions::WebViewRendererState* renderer_state = |
130 extensions::WebViewRendererState::GetInstance(); | 131 extensions::WebViewRendererState::GetInstance(); |
131 std::string partition_id; | 132 std::string partition_id; |
132 if (!renderer_state->IsGuest(process_id) || | 133 if (!renderer_state->IsGuest(process_id) || |
133 !renderer_state->GetPartitionID(process_id, &partition_id)) { | 134 !renderer_state->GetPartitionID(process_id, &partition_id)) { |
134 return false; | 135 return false; |
135 } | 136 } |
136 | 137 |
137 const std::string extension_id = resource.host(); | 138 const std::string extension_id = resource.host(); |
138 const extensions::Extension* extension = extension_registry->GetExtensionById( | 139 const extensions::Extension* extension = extension_registry->GetExtensionById( |
139 extension_id, extensions::ExtensionRegistry::ENABLED); | 140 extension_id, extensions::ExtensionRegistry::ENABLED); |
140 if (!extension || !extensions::WebviewInfo::IsResourceWebviewAccessible( | 141 if (!extension || !extensions::WebviewInfo::IsResourceWebviewAccessible( |
141 extension, partition_id, resource.path())) { | 142 extension, partition_id, resource.path())) { |
142 return false; | 143 return false; |
143 } | 144 } |
144 | 145 |
145 // Make sure the renderer making the request actually belongs to the | 146 // Make sure the renderer making the request actually belongs to the |
146 // same extension. | 147 // same extension. |
147 std::string owner_extension; | 148 std::string owner_extension; |
148 return renderer_state->GetOwnerInfo(process_id, nullptr, &owner_extension) && | 149 return renderer_state->GetOwnerInfo(process_id, nullptr, &owner_extension) && |
149 owner_extension == extension_id; | 150 owner_extension == extension_id; |
150 } | 151 } |
151 #endif // defined(ENABLE_EXTENSIONS) | 152 #endif // BUILDFLAG(ENABLE_EXTENSIONS) |
152 | 153 |
153 } // namespace | 154 } // namespace |
154 | 155 |
155 PluginInfoMessageFilter::Context::Context(int render_process_id, | 156 PluginInfoMessageFilter::Context::Context(int render_process_id, |
156 Profile* profile) | 157 Profile* profile) |
157 : render_process_id_(render_process_id), | 158 : render_process_id_(render_process_id), |
158 resource_context_(profile->GetResourceContext()), | 159 resource_context_(profile->GetResourceContext()), |
159 #if defined(ENABLE_EXTENSIONS) | 160 #if BUILDFLAG(ENABLE_EXTENSIONS) |
160 extension_registry_(extensions::ExtensionRegistry::Get(profile)), | 161 extension_registry_(extensions::ExtensionRegistry::Get(profile)), |
161 #endif | 162 #endif |
162 host_content_settings_map_(HostContentSettingsMapFactory::GetForProfile( | 163 host_content_settings_map_(HostContentSettingsMapFactory::GetForProfile( |
163 profile)), | 164 profile)), |
164 plugin_prefs_(PluginPrefs::GetForProfile(profile)) { | 165 plugin_prefs_(PluginPrefs::GetForProfile(profile)) { |
165 allow_outdated_plugins_.Init(prefs::kPluginsAllowOutdated, | 166 allow_outdated_plugins_.Init(prefs::kPluginsAllowOutdated, |
166 profile->GetPrefs()); | 167 profile->GetPrefs()); |
167 allow_outdated_plugins_.MoveToThread( | 168 allow_outdated_plugins_.MoveToThread( |
168 content::BrowserThread::GetTaskRunnerForThread( | 169 content::BrowserThread::GetTaskRunnerForThread( |
169 content::BrowserThread::IO)); | 170 content::BrowserThread::IO)); |
(...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
348 | 349 |
349 // Check if the plugin is crashing too much. | 350 // Check if the plugin is crashing too much. |
350 if (PluginService::GetInstance()->IsPluginUnstable(plugin.path) && | 351 if (PluginService::GetInstance()->IsPluginUnstable(plugin.path) && |
351 !always_authorize_plugins_.GetValue() && | 352 !always_authorize_plugins_.GetValue() && |
352 plugin_setting != CONTENT_SETTING_BLOCK && | 353 plugin_setting != CONTENT_SETTING_BLOCK && |
353 uses_default_content_setting) { | 354 uses_default_content_setting) { |
354 *status = ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized; | 355 *status = ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized; |
355 return; | 356 return; |
356 } | 357 } |
357 | 358 |
358 #if defined(ENABLE_EXTENSIONS) | 359 #if BUILDFLAG(ENABLE_EXTENSIONS) |
359 // If an app has explicitly made internal resources available by listing them | 360 // If an app has explicitly made internal resources available by listing them |
360 // in |accessible_resources| in the manifest, then allow them to be loaded by | 361 // in |accessible_resources| in the manifest, then allow them to be loaded by |
361 // plugins inside a guest-view. | 362 // plugins inside a guest-view. |
362 if (params.url.SchemeIs(extensions::kExtensionScheme) && !is_managed && | 363 if (params.url.SchemeIs(extensions::kExtensionScheme) && !is_managed && |
363 plugin_setting == CONTENT_SETTING_BLOCK && | 364 plugin_setting == CONTENT_SETTING_BLOCK && |
364 IsPluginLoadingAccessibleResourceInWebView( | 365 IsPluginLoadingAccessibleResourceInWebView( |
365 extension_registry_, render_process_id_, params.url)) { | 366 extension_registry_, render_process_id_, params.url)) { |
366 plugin_setting = CONTENT_SETTING_ALLOW; | 367 plugin_setting = CONTENT_SETTING_ALLOW; |
367 } | 368 } |
368 #endif // defined(ENABLE_EXTENSIONS) | 369 #endif // BUILDFLAG(ENABLE_EXTENSIONS) |
369 | 370 |
370 if (plugin_setting == CONTENT_SETTING_DETECT_IMPORTANT_CONTENT || | 371 if (plugin_setting == CONTENT_SETTING_DETECT_IMPORTANT_CONTENT || |
371 (plugin_setting == CONTENT_SETTING_ALLOW && | 372 (plugin_setting == CONTENT_SETTING_ALLOW && |
372 PluginUtils::ShouldPreferHtmlOverPlugins(host_content_settings_map_) && | 373 PluginUtils::ShouldPreferHtmlOverPlugins(host_content_settings_map_) && |
373 !base::FeatureList::IsEnabled(features::kRunAllFlashInAllowMode))) { | 374 !base::FeatureList::IsEnabled(features::kRunAllFlashInAllowMode))) { |
374 *status = ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent; | 375 *status = ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent; |
375 } else if (plugin_setting == CONTENT_SETTING_BLOCK) { | 376 } else if (plugin_setting == CONTENT_SETTING_BLOCK) { |
376 // For managed users with the ASK policy, we allow manually running plugins | 377 // For managed users with the ASK policy, we allow manually running plugins |
377 // via context menu. This is the closest to admin intent. | 378 // via context menu. This is the closest to admin intent. |
378 *status = is_managed && !legacy_ask_user | 379 *status = is_managed && !legacy_ask_user |
379 ? ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy | 380 ? ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy |
380 : ChromeViewHostMsg_GetPluginInfo_Status::kBlocked; | 381 : ChromeViewHostMsg_GetPluginInfo_Status::kBlocked; |
381 } | 382 } |
382 | 383 |
383 #if defined(ENABLE_EXTENSIONS) | 384 #if BUILDFLAG(ENABLE_EXTENSIONS) |
384 // Allow an embedder of <webview> to block a plugin from being loaded inside | 385 // Allow an embedder of <webview> to block a plugin from being loaded inside |
385 // the guest. In order to do this, set the status to 'Unauthorized' here, | 386 // the guest. In order to do this, set the status to 'Unauthorized' here, |
386 // and update the status as appropriate depending on the response from the | 387 // and update the status as appropriate depending on the response from the |
387 // embedder. | 388 // embedder. |
388 if (*status == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed || | 389 if (*status == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed || |
389 *status == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked || | 390 *status == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked || |
390 *status == | 391 *status == |
391 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) { | 392 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) { |
392 if (extensions::WebViewRendererState::GetInstance()->IsGuest( | 393 if (extensions::WebViewRendererState::GetInstance()->IsGuest( |
393 render_process_id_)) | 394 render_process_id_)) |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
516 status == ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) { | 517 status == ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) { |
517 ChromePluginServiceFilter::GetInstance()->AuthorizePlugin( | 518 ChromePluginServiceFilter::GetInstance()->AuthorizePlugin( |
518 render_process_id_, path); | 519 render_process_id_, path); |
519 } | 520 } |
520 } | 521 } |
521 | 522 |
522 bool PluginInfoMessageFilter::Context::IsPluginEnabled( | 523 bool PluginInfoMessageFilter::Context::IsPluginEnabled( |
523 const content::WebPluginInfo& plugin) const { | 524 const content::WebPluginInfo& plugin) const { |
524 return plugin_prefs_->IsPluginEnabled(plugin); | 525 return plugin_prefs_->IsPluginEnabled(plugin); |
525 } | 526 } |
OLD | NEW |