| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/renderer/content_setting.h" | 5 #include "extensions/renderer/content_setting.h" |
| 6 | 6 |
| 7 #include "base/memory/ptr_util.h" | 7 #include "base/memory/ptr_util.h" |
| 8 #include "base/strings/stringprintf.h" | 8 #include "base/strings/stringprintf.h" |
| 9 #include "base/values.h" | 9 #include "base/values.h" |
| 10 #include "content/public/common/console_message_level.h" | 10 #include "content/public/common/console_message_level.h" |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 102 .SetMethod("clear", &ContentSetting::Clear) | 102 .SetMethod("clear", &ContentSetting::Clear) |
| 103 .SetMethod("getResourceIdentifiers", | 103 .SetMethod("getResourceIdentifiers", |
| 104 &ContentSetting::GetResourceIdentifiers); | 104 &ContentSetting::GetResourceIdentifiers); |
| 105 } | 105 } |
| 106 | 106 |
| 107 void ContentSetting::Get(gin::Arguments* arguments) { | 107 void ContentSetting::Get(gin::Arguments* arguments) { |
| 108 HandleFunction("get", arguments); | 108 HandleFunction("get", arguments); |
| 109 } | 109 } |
| 110 | 110 |
| 111 void ContentSetting::Set(gin::Arguments* arguments) { | 111 void ContentSetting::Set(gin::Arguments* arguments) { |
| 112 v8::Isolate* isolate = arguments->isolate(); | |
| 113 v8::HandleScope handle_scope(isolate); | |
| 114 v8::Local<v8::Context> context = arguments->GetHolderCreationContext(); | |
| 115 | |
| 116 v8::Local<v8::Value> value = arguments->PeekNext(); | |
| 117 // The set schema included in the Schema object is generic, since it varies | |
| 118 // per-setting. However, this is only ever for a single setting, so we can | |
| 119 // enforce the types more thoroughly. | |
| 120 std::string error; | |
| 121 if (!value.IsEmpty() && !argument_spec_.ParseArgument( | |
| 122 context, value, *type_refs_, nullptr, &error)) { | |
| 123 arguments->ThrowTypeError("Invalid invocation"); | |
| 124 return; | |
| 125 } | |
| 126 HandleFunction("set", arguments); | 112 HandleFunction("set", arguments); |
| 127 } | 113 } |
| 128 | 114 |
| 129 void ContentSetting::Clear(gin::Arguments* arguments) { | 115 void ContentSetting::Clear(gin::Arguments* arguments) { |
| 130 HandleFunction("clear", arguments); | 116 HandleFunction("clear", arguments); |
| 131 } | 117 } |
| 132 | 118 |
| 133 void ContentSetting::GetResourceIdentifiers(gin::Arguments* arguments) { | 119 void ContentSetting::GetResourceIdentifiers(gin::Arguments* arguments) { |
| 134 HandleFunction("getResourceIdentifiers", arguments); | 120 HandleFunction("getResourceIdentifiers", arguments); |
| 135 } | 121 } |
| 136 | 122 |
| 137 void ContentSetting::HandleFunction(const std::string& method_name, | 123 void ContentSetting::HandleFunction(const std::string& method_name, |
| 138 gin::Arguments* arguments) { | 124 gin::Arguments* arguments) { |
| 139 v8::Isolate* isolate = arguments->isolate(); | 125 v8::Isolate* isolate = arguments->isolate(); |
| 140 v8::HandleScope handle_scope(isolate); | 126 v8::HandleScope handle_scope(isolate); |
| 141 v8::Local<v8::Context> context = arguments->GetHolderCreationContext(); | 127 v8::Local<v8::Context> context = arguments->GetHolderCreationContext(); |
| 142 | 128 |
| 143 std::vector<v8::Local<v8::Value>> argument_list = arguments->GetAll(); | 129 std::vector<v8::Local<v8::Value>> argument_list = arguments->GetAll(); |
| 144 | 130 |
| 145 std::string full_name = "contentSettings.ContentSetting." + method_name; | 131 std::string full_name = "contentSettings.ContentSetting." + method_name; |
| 146 std::unique_ptr<base::ListValue> converted_arguments; | 132 std::unique_ptr<base::ListValue> converted_arguments; |
| 147 v8::Local<v8::Function> callback; | 133 v8::Local<v8::Function> callback; |
| 148 std::string error; | 134 std::string error; |
| 149 if (!type_refs_->GetTypeMethodSignature(full_name)->ParseArgumentsToJSON( | 135 if (!type_refs_->GetTypeMethodSignature(full_name)->ParseArgumentsToJSON( |
| 150 context, argument_list, *type_refs_, &converted_arguments, &callback, | 136 context, argument_list, *type_refs_, &converted_arguments, &callback, |
| 151 &error)) { | 137 &error)) { |
| 152 arguments->ThrowTypeError("Invalid invocation"); | 138 arguments->ThrowTypeError("Invalid invocation: " + error); |
| 153 return; | 139 return; |
| 154 } | 140 } |
| 155 | 141 |
| 156 if (IsDeprecated(pref_name_)) { | 142 if (IsDeprecated(pref_name_)) { |
| 157 console::AddMessage(ScriptContextSet::GetContextByV8Context(context), | 143 console::AddMessage(ScriptContextSet::GetContextByV8Context(context), |
| 158 content::CONSOLE_MESSAGE_LEVEL_WARNING, | 144 content::CONSOLE_MESSAGE_LEVEL_WARNING, |
| 159 base::StringPrintf("contentSettings.%s is deprecated.", | 145 base::StringPrintf("contentSettings.%s is deprecated.", |
| 160 pref_name_.c_str())); | 146 pref_name_.c_str())); |
| 161 // If a callback was provided, call it immediately. | 147 // If a callback was provided, call it immediately. |
| 162 if (!callback.IsEmpty()) { | 148 if (!callback.IsEmpty()) { |
| 163 std::vector<v8::Local<v8::Value>> args; | 149 std::vector<v8::Local<v8::Value>> args; |
| 164 if (method_name == "get") { | 150 if (method_name == "get") { |
| 165 // Deprecated settings are always set to "allow". Populate the result to | 151 // Deprecated settings are always set to "allow". Populate the result to |
| 166 // avoid breaking extensions. | 152 // avoid breaking extensions. |
| 167 v8::Local<v8::Object> object = v8::Object::New(isolate); | 153 v8::Local<v8::Object> object = v8::Object::New(isolate); |
| 168 v8::Maybe<bool> result = object->DefineOwnProperty( | 154 v8::Maybe<bool> result = object->DefineOwnProperty( |
| 169 context, gin::StringToSymbol(isolate, "setting"), | 155 context, gin::StringToSymbol(isolate, "setting"), |
| 170 gin::StringToSymbol(isolate, "allow")); | 156 gin::StringToSymbol(isolate, "allow")); |
| 171 // Since we just defined this object, DefineOwnProperty() should never | 157 // Since we just defined this object, DefineOwnProperty() should never |
| 172 // fail. | 158 // fail. |
| 173 CHECK(result.ToChecked()); | 159 CHECK(result.ToChecked()); |
| 174 args.push_back(object); | 160 args.push_back(object); |
| 175 } | 161 } |
| 176 run_js_.Run(callback, context, args.size(), args.data()); | 162 run_js_.Run(callback, context, args.size(), args.data()); |
| 177 } | 163 } |
| 178 return; | 164 return; |
| 179 } | 165 } |
| 180 | 166 |
| 167 if (method_name == "set") { |
| 168 v8::Local<v8::Value> value = argument_list[0]; |
| 169 // The set schema included in the Schema object is generic, since it varies |
| 170 // per-setting. However, this is only ever for a single setting, so we can |
| 171 // enforce the types more thoroughly. |
| 172 // Note: we do this *after* checking if the setting is deprecated, since |
| 173 // this validation will fail for deprecated settings. |
| 174 std::string error; |
| 175 if (!value.IsEmpty() && !argument_spec_.ParseArgument( |
| 176 context, value, *type_refs_, nullptr, &error)) { |
| 177 arguments->ThrowTypeError("Invalid invocation: " + error); |
| 178 return; |
| 179 } |
| 180 } |
| 181 |
| 181 converted_arguments->Insert(0u, base::MakeUnique<base::Value>(pref_name_)); | 182 converted_arguments->Insert(0u, base::MakeUnique<base::Value>(pref_name_)); |
| 182 request_handler_->StartRequest( | 183 request_handler_->StartRequest( |
| 183 context, "contentSettings." + method_name, std::move(converted_arguments), | 184 context, "contentSettings." + method_name, std::move(converted_arguments), |
| 184 callback, v8::Local<v8::Function>(), binding::RequestThread::UI); | 185 callback, v8::Local<v8::Function>(), binding::RequestThread::UI); |
| 185 } | 186 } |
| 186 | 187 |
| 187 } // namespace extensions | 188 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2903803004:
[Extensions Bindings] Fix content settings validation (Closed)
