Chromium Code Reviews Chromium Code Reviews
Issue 288053002:
Block content scripts from executing until user grants permission (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/renderer/user_script_slave.h" | 5 #include "extensions/renderer/user_script_slave.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/memory/shared_memory.h" | 10 #include "base/memory/shared_memory.h" |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 23 #include "third_party/WebKit/public/web/WebFrame.h" | 23 #include "third_party/WebKit/public/web/WebFrame.h" |
| 24 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" | 24 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" |
| 25 #include "third_party/WebKit/public/web/WebSecurityPolicy.h" | 25 #include "third_party/WebKit/public/web/WebSecurityPolicy.h" |
| 26 #include "third_party/WebKit/public/web/WebView.h" | 26 #include "third_party/WebKit/public/web/WebView.h" |
| 27 #include "url/gurl.h" | 27 #include "url/gurl.h" |
| 28 | 28 |
| 29 using blink::WebFrame; | 29 using blink::WebFrame; |
| 30 using blink::WebSecurityOrigin; | 30 using blink::WebSecurityOrigin; |
| 31 using blink::WebSecurityPolicy; | 31 using blink::WebSecurityPolicy; |
| 32 using blink::WebString; | 32 using blink::WebString; |
| 33 using blink::WebView; | |
| 34 using content::RenderThread; | 33 using content::RenderThread; |
| 35 | 34 |
| 36 namespace extensions { | 35 namespace extensions { |
| 37 | 36 |
| 38 int UserScriptSlave::GetIsolatedWorldIdForExtension(const Extension* extension, | 37 int UserScriptSlave::GetIsolatedWorldIdForExtension(const Extension* extension, |
| 39 WebFrame* frame) { | 38 WebFrame* frame) { |
| 40 static int g_next_isolated_world_id = | 39 static int g_next_isolated_world_id = |
| 41 ExtensionsRendererClient::Get()->GetLowestIsolatedWorldId(); | 40 ExtensionsRendererClient::Get()->GetLowestIsolatedWorldId(); |
| 42 | 41 |
| 43 int id = 0; | 42 int id = 0; |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 94 DCHECK(!(*iter)->extension_id().empty()); | 93 DCHECK(!(*iter)->extension_id().empty()); |
| 95 extension_ids->insert((*iter)->extension_id()); | 94 extension_ids->insert((*iter)->extension_id()); |
| 96 } | 95 } |
| 97 } | 96 } |
| 98 | 97 |
| 99 const Extension* UserScriptSlave::GetExtension( | 98 const Extension* UserScriptSlave::GetExtension( |
| 100 const std::string& extension_id) { | 99 const std::string& extension_id) { |
| 101 return extensions_->GetByID(extension_id); | 100 return extensions_->GetByID(extension_id); |
| 102 } | 101 } |
| 103 | 102 |
| 104 bool UserScriptSlave::UpdateScripts(base::SharedMemoryHandle shared_memory) { | 103 bool UserScriptSlave::UpdateScripts( |
| 105 script_injections_.clear(); | 104 base::SharedMemoryHandle shared_memory, |
| 106 | 105 const std::set<std::string>& changed_extensions) { |
| 107 bool only_inject_incognito = | 106 bool only_inject_incognito = |
| 108 ExtensionsRendererClient::Get()->IsIncognitoProcess(); | 107 ExtensionsRendererClient::Get()->IsIncognitoProcess(); |
| 109 | 108 |
| 110 // Create the shared memory object (read only). | 109 // Create the shared memory object (read only). |
| 111 shared_memory_.reset(new base::SharedMemory(shared_memory, true)); | 110 shared_memory_.reset(new base::SharedMemory(shared_memory, true)); |
| 112 if (!shared_memory_.get()) | 111 if (!shared_memory_.get()) |
| 113 return false; | 112 return false; |
| 114 | 113 |
| 115 // First get the size of the memory block. | 114 // First get the size of the memory block. |
| 116 if (!shared_memory_->Map(sizeof(Pickle::Header))) | 115 if (!shared_memory_->Map(sizeof(Pickle::Header))) |
| 117 return false; | 116 return false; |
| 118 Pickle::Header* pickle_header = | 117 Pickle::Header* pickle_header = |
| 119 reinterpret_cast<Pickle::Header*>(shared_memory_->memory()); | 118 reinterpret_cast<Pickle::Header*>(shared_memory_->memory()); |
| 120 | 119 |
| 121 // Now map in the rest of the block. | 120 // Now map in the rest of the block. |
| 122 int pickle_size = sizeof(Pickle::Header) + pickle_header->payload_size; | 121 int pickle_size = sizeof(Pickle::Header) + pickle_header->payload_size; |
| 123 shared_memory_->Unmap(); | 122 shared_memory_->Unmap(); |
| 124 if (!shared_memory_->Map(pickle_size)) | 123 if (!shared_memory_->Map(pickle_size)) |
| 125 return false; | 124 return false; |
| 126 | 125 |
| 127 // Unpickle scripts. | 126 // Unpickle scripts. |
| 128 uint64 num_scripts = 0; | 127 uint64 num_scripts = 0; |
| 129 Pickle pickle(reinterpret_cast<char*>(shared_memory_->memory()), pickle_size); | 128 Pickle pickle(reinterpret_cast<char*>(shared_memory_->memory()), pickle_size); |
| 130 PickleIterator iter(pickle); | 129 PickleIterator iter(pickle); |
| 131 CHECK(pickle.ReadUInt64(&iter, &num_scripts)); | 130 CHECK(pickle.ReadUInt64(&iter, &num_scripts)); |
| 132 | 131 |
| 132 // If we pass no explicit extension ids, we should refresh all extensions. | |
| 133 bool include_all_extensions = changed_extensions.empty(); | |
| 134 | |
| 135 // If we include all extensions, then we clear the script injections and | |
| 136 // start from scratch. If not, then clear only the scripts for extension ids | |
| 137 // that we are updating. This is important to maintain pending script | |
| 138 // injection state for each ScriptInjection. | |
| 139 if (include_all_extensions) { | |
| 140 script_injections_.clear(); | |
| 141 } else { | |
| 142 for (ScopedVector<ScriptInjection>::iterator iter = | |
| 143 script_injections_.begin(); | |
| 144 iter != script_injections_.end();) { | |
| 145 if (changed_extensions.count((*iter)->extension_id()) > 0) | |
| 146 iter = script_injections_.erase(iter); | |
| 147 else | |
| 148 ++iter; | |
| 149 } | |
| 150 } | |
| 151 | |
| 133 script_injections_.reserve(num_scripts); | 152 script_injections_.reserve(num_scripts); |
| 134 for (uint64 i = 0; i < num_scripts; ++i) { | 153 for (uint64 i = 0; i < num_scripts; ++i) { |
| 135 scoped_ptr<UserScript> script(new UserScript()); | 154 scoped_ptr<UserScript> script(new UserScript()); |
| 136 script->Unpickle(pickle, &iter); | 155 script->Unpickle(pickle, &iter); |
| 137 | 156 |
| 138 // Note that this is a pointer into shared memory. We don't own it. It gets | 157 // Note that this is a pointer into shared memory. We don't own it. It gets |
| 139 // cleared up when the last renderer or browser process drops their | 158 // cleared up when the last renderer or browser process drops their |
| 140 // reference to the shared memory. | 159 // reference to the shared memory. |
| 141 for (size_t j = 0; j < script->js_scripts().size(); ++j) { | 160 for (size_t j = 0; j < script->js_scripts().size(); ++j) { |
| 142 const char* body = NULL; | 161 const char* body = NULL; |
| 143 int body_length = 0; | 162 int body_length = 0; |
| 144 CHECK(pickle.ReadData(&iter, &body, &body_length)); | 163 CHECK(pickle.ReadData(&iter, &body, &body_length)); |
| 145 script->js_scripts()[j].set_external_content( | 164 script->js_scripts()[j].set_external_content( |
| 146 base::StringPiece(body, body_length)); | 165 base::StringPiece(body, body_length)); |
| 147 } | 166 } |
| 148 for (size_t j = 0; j < script->css_scripts().size(); ++j) { | 167 for (size_t j = 0; j < script->css_scripts().size(); ++j) { |
| 149 const char* body = NULL; | 168 const char* body = NULL; |
| 150 int body_length = 0; | 169 int body_length = 0; |
| 151 CHECK(pickle.ReadData(&iter, &body, &body_length)); | 170 CHECK(pickle.ReadData(&iter, &body, &body_length)); |
| 152 script->css_scripts()[j].set_external_content( | 171 script->css_scripts()[j].set_external_content( |
| 153 base::StringPiece(body, body_length)); | 172 base::StringPiece(body, body_length)); |
| 154 } | 173 } |
| 155 | 174 |
| 156 if (only_inject_incognito && !script->is_incognito_enabled()) | 175 // Don't add the script if it shouldn't shouldn't run in this tab, or if |
| 157 continue; // This script shouldn't run in an incognito tab. | 176 // we don't need to reload that extension. |
| 177 // It's a shame we don't catch this sooner, but since we lump all the user | |
| 178 // scripts together, we can't skip parsing any. | |
| 179 if ((only_inject_incognito && !script->is_incognito_enabled()) || | |
| 180 (!include_all_extensions && | |
| 181 changed_extensions.count(script->extension_id()) == 0)) { | |
| 182 continue; | |
| 183 } | |
| 158 | 184 |
| 159 script_injections_.push_back(new ScriptInjection(script.Pass(), this)); | 185 script_injections_.push_back(new ScriptInjection(script.Pass(), this)); |
| 160 } | 186 } |
| 161 | 187 |
| 162 return true; | 188 return true; |
| 163 } | 189 } |
| 164 | 190 |
| 165 void UserScriptSlave::InjectScripts(WebFrame* frame, | 191 void UserScriptSlave::InjectScripts(WebFrame* frame, |
| 166 UserScript::RunLocation location) { | 192 UserScript::RunLocation location) { |
| 167 GURL document_url = ScriptInjection::GetDocumentUrlForFrame(frame); | 193 GURL document_url = ScriptInjection::GetDocumentUrlForFrame(frame); |
| 168 if (document_url.is_empty()) | 194 if (document_url.is_empty()) |
| 169 return; | 195 return; |
| 170 | 196 |
| 171 content::RenderView* top_render_view = | |
| 172 content::RenderView::FromWebView(frame->top()->view()); | |
| 173 | |
| 174 ScriptInjection::ScriptsRunInfo scripts_run_info; | 197 ScriptInjection::ScriptsRunInfo scripts_run_info; |
| 175 for (ScopedVector<ScriptInjection>::const_iterator iter = | 198 for (ScopedVector<ScriptInjection>::const_iterator iter = |
| 176 script_injections_.begin(); | 199 script_injections_.begin(); |
| 177 iter != script_injections_.end(); | 200 iter != script_injections_.end(); |
| 178 ++iter) { | 201 ++iter) { |
| 179 ScriptInjection* injection = *iter; | 202 (*iter)->InjectIfAllowed(frame, location, document_url, &scripts_run_info); |
| 180 if (!injection->WantsToRun(frame, location, document_url)) | |
| 181 continue; | |
| 182 | |
| 183 const Extension* extension = GetExtension(injection->extension_id()); | |
| 184 DCHECK(extension); | |
| 185 | |
| 186 if (PermissionsData::RequiresActionForScriptExecution(extension)) { | |
| 187 // TODO(rdevlin.cronin): Right now, this is just a notification, but soon | |
| 188 // we should block without user consent. | |
| 189 top_render_view->Send( | |
| 190 new ExtensionHostMsg_NotifyExtensionScriptExecution( | |
| 191 top_render_view->GetRoutingID(), | |
| 192 extension->id(), | |
| 193 top_render_view->GetPageId())); | |
| 194 } | |
| 195 | |
| 196 injection->Inject(frame, location, &scripts_run_info); | |
| 197 } | 203 } |
| 198 | 204 |
| 199 LogScriptsRun(frame, location, scripts_run_info); | 205 LogScriptsRun(frame, location, scripts_run_info); |
| 200 } | 206 } |
| 201 | 207 |
| 208 void UserScriptSlave::OnContentScriptGrantedPermission( | |
| 209 content::RenderView* render_view, int request_id) { | |
| 210 ScriptInjection::ScriptsRunInfo run_info; | |
| 211 blink::WebFrame* frame = NULL; | |
| 212 // Notify the injections that a request to inject has been granted. | |
| 213 for (ScopedVector<ScriptInjection>::iterator iter = | |
| 214 script_injections_.begin(); | |
| 215 iter != script_injections_.end(); | |
| 216 ++iter) { | |
| 217 if ((*iter)->NotifyScriptPermitted(request_id, | |
| 218 render_view, | |
| 219 &run_info, | |
| 220 &frame)) { | |
| 221 DCHECK(frame); | |
| 222 LogScriptsRun(frame, UserScript::RUN_DEFERRED, run_info); | |
| 223 break; | |
| 224 } | |
| 225 } | |
| 226 } | |
| 227 | |
| 228 void UserScriptSlave::FrameDetached(blink::WebFrame* frame) { | |
| 229 for (ScopedVector<ScriptInjection>::iterator iter = | |
| 230 script_injections_.begin(); | |
| 231 iter != script_injections_.end(); | |
| 232 ++iter) { | |
| 233 (*iter)->FrameDetached(frame); | |
| 234 } | |
| 235 } | |
| 236 | |
| 202 void UserScriptSlave::LogScriptsRun( | 237 void UserScriptSlave::LogScriptsRun( |
| 203 blink::WebFrame* frame, | 238 blink::WebFrame* frame, |
| 204 UserScript::RunLocation location, | 239 UserScript::RunLocation location, |
| 205 const ScriptInjection::ScriptsRunInfo& info) { | 240 const ScriptInjection::ScriptsRunInfo& info) { |
| 206 // Notify the browser if any extensions are now executing scripts. | 241 // Notify the browser if any extensions are now executing scripts. |
| 207 if (!info.executing_scripts.empty()) { | 242 if (!info.executing_scripts.empty()) { |
| 208 content::RenderView* render_view = | 243 content::RenderView* render_view = |
| 209 content::RenderView::FromWebView(frame->view()); | 244 content::RenderView::FromWebView(frame->view()); |
| 210 render_view->Send(new ExtensionHostMsg_ContentScriptsExecuting( | 245 render_view->Send(new ExtensionHostMsg_ContentScriptsExecuting( |
| 211 render_view->GetRoutingID(), | 246 render_view->GetRoutingID(), |
| 212 info.executing_scripts, | 247 info.executing_scripts, |
| 213 render_view->GetPageId(), | 248 render_view->GetPageId(), |
| 214 ScriptContext::GetDataSourceURLForFrame(frame))); | 249 ScriptContext::GetDataSourceURLForFrame(frame))); |
| 215 } | 250 } |
| 216 | 251 |
| 217 if (location == UserScript::DOCUMENT_START) { | 252 switch (location) { |
| 218 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectStart_CssCount", | 253 case UserScript::DOCUMENT_START: |
| 219 info.num_css); | 254 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectStart_CssCount", |
| 220 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectStart_ScriptCount", info.num_js); | 255 info.num_css); |
| 221 if (info.num_css || info.num_js) | 256 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectStart_ScriptCount", |
| 222 UMA_HISTOGRAM_TIMES("Extensions.InjectStart_Time", info.timer.Elapsed()); | 257 info.num_js); |
| 223 } else if (location == UserScript::DOCUMENT_END) { | 258 if (info.num_css || info.num_js) |
| 224 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectEnd_ScriptCount", info.num_js); | 259 UMA_HISTOGRAM_TIMES("Extensions.InjectStart_Time", |
| 225 if (info.num_js) | 260 info.timer.Elapsed()); |
| 226 UMA_HISTOGRAM_TIMES("Extensions.InjectEnd_Time", info.timer.Elapsed()); | 261 break; |
| 227 } else if (location == UserScript::DOCUMENT_IDLE) { | 262 case UserScript::DOCUMENT_END: |
| 228 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectIdle_ScriptCount", info.num_js); | 263 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectEnd_ScriptCount", info.num_js); |
| 229 if (info.num_js) | 264 if (info.num_js) |
| 230 UMA_HISTOGRAM_TIMES("Extensions.InjectIdle_Time", info.timer.Elapsed()); | 265 UMA_HISTOGRAM_TIMES("Extensions.InjectEnd_Time", info.timer.Elapsed()); |
| 231 } else { | 266 break; |
| 232 NOTREACHED(); | 267 case UserScript::DOCUMENT_IDLE: |
| 268 UMA_HISTOGRAM_COUNTS_100("Extensions.InjectIdle_ScriptCount", | |
| 269 info.num_js); | |
| 270 if (info.num_js) | |
| 271 UMA_HISTOGRAM_TIMES("Extensions.InjectIdle_Time", info.timer.Elapsed()); | |
| 272 break; | |
| 273 case UserScript::RUN_DEFERRED: | |
| 274 // TODO(rdevlin.cronin): Add histograms. | |
| 275 break; | |
| 276 case UserScript::UNDEFINED: | |
|
not at google - send to devlin
2014/05/21 17:36:23
does anybody actually used UNDEFINED? can we kill
Devlin
2014/05/21 18:28:28
UserScriptScheduler uses it as a "before anything
| |
| 277 case UserScript::RUN_LOCATION_LAST: | |
| 278 NOTREACHED(); | |
| 233 } | 279 } |
| 234 } | 280 } |
| 235 | 281 |
| 236 } // namespace extensions | 282 } // namespace extensions |
| OLD | NEW |
