| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/active_script_controller.h" | 5 #include "chrome/browser/extensions/active_script_controller.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 103 if (list.size() == 1u) | 103 if (list.size() == 1u) |
| 104 LocationBarController::NotifyChange(web_contents()); | 104 LocationBarController::NotifyChange(web_contents()); |
| 105 } | 105 } |
| 106 | 106 |
| 107 void ActiveScriptController::OnActiveTabPermissionGranted( | 107 void ActiveScriptController::OnActiveTabPermissionGranted( |
| 108 const Extension* extension) { | 108 const Extension* extension) { |
| 109 RunPendingForExtension(extension); | 109 RunPendingForExtension(extension); |
| 110 } | 110 } |
| 111 | 111 |
| 112 void ActiveScriptController::OnAdInjectionDetected( | 112 void ActiveScriptController::OnAdInjectionDetected( |
| 113 const std::set<std::string> ad_injectors) { | 113 const std::set<std::string>& ad_injectors) { |
| 114 // We're only interested in data if there are ad injectors detected. | 114 // We're only interested in data if there are ad injectors detected. |
| 115 if (ad_injectors.empty()) | 115 if (ad_injectors.empty()) |
| 116 return; | 116 return; |
| 117 | 117 |
| 118 size_t num_preventable_ad_injectors = | 118 size_t num_preventable_ad_injectors = |
| 119 base::STLSetIntersection<std::set<std::string> >( | 119 base::STLSetIntersection<std::set<std::string> >( |
| 120 ad_injectors, permitted_extensions_).size(); | 120 ad_injectors, permitted_extensions_).size(); |
| 121 | 121 |
| 122 UMA_HISTOGRAM_COUNTS_100( | 122 UMA_HISTOGRAM_COUNTS_100( |
| 123 "Extensions.ActiveScriptController.PreventableAdInjectors", | 123 "Extensions.ActiveScriptController.PreventableAdInjectors", |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 206 ++request) { | 206 ++request) { |
| 207 // Only run if it's on the proper page. | 207 // Only run if it's on the proper page. |
| 208 if (request->page_id == page_id) | 208 if (request->page_id == page_id) |
| 209 request->closure.Run(); | 209 request->closure.Run(); |
| 210 } | 210 } |
| 211 | 211 |
| 212 // Inform the location bar that the action is now gone. | 212 // Inform the location bar that the action is now gone. |
| 213 LocationBarController::NotifyChange(web_contents()); | 213 LocationBarController::NotifyChange(web_contents()); |
| 214 } | 214 } |
| 215 | 215 |
| 216 void ActiveScriptController::OnNotifyExtensionScriptExecution( | 216 void ActiveScriptController::OnRequestContentScriptPermission( |
| 217 const std::string& extension_id, | 217 const std::string& extension_id, |
| 218 int page_id) { | 218 int page_id, |
| 219 int request_id) { |
| 219 if (!Extension::IdIsValid(extension_id)) { | 220 if (!Extension::IdIsValid(extension_id)) { |
| 220 NOTREACHED() << "'" << extension_id << "' is not a valid id."; | 221 NOTREACHED() << "'" << extension_id << "' is not a valid id."; |
| 221 return; | 222 return; |
| 222 } | 223 } |
| 223 | 224 |
| 224 const Extension* extension = | 225 const Extension* extension = |
| 225 ExtensionRegistry::Get(web_contents()->GetBrowserContext()) | 226 ExtensionRegistry::Get(web_contents()->GetBrowserContext()) |
| 226 ->enabled_extensions().GetByID(extension_id); | 227 ->enabled_extensions().GetByID(extension_id); |
| 227 // We shouldn't allow extensions which are no longer enabled to run any | 228 // We shouldn't allow extensions which are no longer enabled to run any |
| 228 // scripts. Ignore the request. | 229 // scripts. Ignore the request. |
| 229 if (!extension) | 230 if (!extension) |
| 230 return; | 231 return; |
| 231 | 232 |
| 232 // Right now, we allow all content scripts to execute, but notify the | 233 // If the request id is -1, that signals that the content script has already |
| 233 // controller of them. | 234 // ran (because this feature is not enabled). Add the extension to the list of |
| 234 // TODO(rdevlin.cronin): Fix this in a future CL. | 235 // permitted extensions (for metrics), and return immediately. |
| 235 if (RequiresUserConsentForScriptInjection(extension)) | 236 if (request_id == -1) { |
| 236 RequestScriptInjection(extension, page_id, base::Bind(&base::DoNothing)); | 237 DCHECK(!enabled_); |
| 238 permitted_extensions_.insert(extension->id()); |
| 239 return; |
| 240 } |
| 241 |
| 242 if (RequiresUserConsentForScriptInjection(extension)) { |
| 243 // This base::Unretained() is safe, because the callback is only invoked by |
| 244 // this object. |
| 245 RequestScriptInjection( |
| 246 extension, |
| 247 page_id, |
| 248 base::Bind(&ActiveScriptController::GrantContentScriptPermission, |
| 249 base::Unretained(this), |
| 250 request_id)); |
| 251 } else { |
| 252 GrantContentScriptPermission(request_id); |
| 253 } |
| 254 } |
| 255 |
| 256 void ActiveScriptController::GrantContentScriptPermission(int request_id) { |
| 257 content::RenderViewHost* render_view_host = |
| 258 web_contents()->GetRenderViewHost(); |
| 259 if (render_view_host) { |
| 260 render_view_host->Send(new ExtensionMsg_GrantContentScriptPermission( |
| 261 render_view_host->GetRoutingID(), |
| 262 request_id)); |
| 263 } |
| 237 } | 264 } |
| 238 | 265 |
| 239 bool ActiveScriptController::OnMessageReceived(const IPC::Message& message) { | 266 bool ActiveScriptController::OnMessageReceived(const IPC::Message& message) { |
| 240 bool handled = true; | 267 bool handled = true; |
| 241 IPC_BEGIN_MESSAGE_MAP(ActiveScriptController, message) | 268 IPC_BEGIN_MESSAGE_MAP(ActiveScriptController, message) |
| 242 IPC_MESSAGE_HANDLER(ExtensionHostMsg_NotifyExtensionScriptExecution, | 269 IPC_MESSAGE_HANDLER(ExtensionHostMsg_RequestContentScriptPermission, |
| 243 OnNotifyExtensionScriptExecution) | 270 OnRequestContentScriptPermission) |
| 244 IPC_MESSAGE_UNHANDLED(handled = false) | 271 IPC_MESSAGE_UNHANDLED(handled = false) |
| 245 IPC_END_MESSAGE_MAP() | 272 IPC_END_MESSAGE_MAP() |
| 246 return handled; | 273 return handled; |
| 247 } | 274 } |
| 248 | 275 |
| 249 void ActiveScriptController::LogUMA() const { | 276 void ActiveScriptController::LogUMA() const { |
| 250 UMA_HISTOGRAM_COUNTS_100( | 277 UMA_HISTOGRAM_COUNTS_100( |
| 251 "Extensions.ActiveScriptController.ShownActiveScriptsOnPage", | 278 "Extensions.ActiveScriptController.ShownActiveScriptsOnPage", |
| 252 pending_requests_.size()); | 279 pending_requests_.size()); |
| 253 | 280 |
| 254 // We only log the permitted extensions metric if the feature is enabled, | 281 // We only log the permitted extensions metric if the feature is enabled, |
| 255 // because otherwise the data will be boring (100% allowed). | 282 // because otherwise the data will be boring (100% allowed). |
| 256 if (enabled_) { | 283 if (enabled_) { |
| 257 UMA_HISTOGRAM_COUNTS_100( | 284 UMA_HISTOGRAM_COUNTS_100( |
| 258 "Extensions.ActiveScriptController.PermittedExtensions", | 285 "Extensions.ActiveScriptController.PermittedExtensions", |
| 259 permitted_extensions_.size()); | 286 permitted_extensions_.size()); |
| 260 UMA_HISTOGRAM_COUNTS_100( | 287 UMA_HISTOGRAM_COUNTS_100( |
| 261 "Extensions.ActiveScriptController.DeniedExtensions", | 288 "Extensions.ActiveScriptController.DeniedExtensions", |
| 262 pending_requests_.size()); | 289 pending_requests_.size()); |
| 263 } | 290 } |
| 264 } | 291 } |
| 265 | 292 |
| 266 } // namespace extensions | 293 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 288053002:
Block content scripts from executing until user grants permission (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src