OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/plugins/plugin_info_message_filter.h" | 5 #include "chrome/browser/plugins/plugin_info_message_filter.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <algorithm> | 9 #include <algorithm> |
10 #include <memory> | 10 #include <memory> |
11 #include <utility> | 11 #include <utility> |
12 | 12 |
13 #include "base/bind.h" | 13 #include "base/bind.h" |
14 #include "base/memory/ptr_util.h" | 14 #include "base/memory/ptr_util.h" |
15 #include "base/memory/singleton.h" | 15 #include "base/memory/singleton.h" |
16 #include "base/metrics/histogram_macros.h" | 16 #include "base/metrics/histogram_macros.h" |
17 #include "base/strings/utf_string_conversions.h" | 17 #include "base/strings/utf_string_conversions.h" |
18 #include "base/task_runner_util.h" | 18 #include "base/task_runner_util.h" |
19 #include "base/threading/thread_task_runner_handle.h" | 19 #include "base/threading/thread_task_runner_handle.h" |
20 #include "build/build_config.h" | 20 #include "build/build_config.h" |
21 #include "chrome/browser/browser_process.h" | 21 #include "chrome/browser/browser_process.h" |
22 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 22 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
| 23 #include "chrome/browser/permissions/permission_result.h" |
23 #include "chrome/browser/plugins/chrome_plugin_service_filter.h" | 24 #include "chrome/browser/plugins/chrome_plugin_service_filter.h" |
24 #include "chrome/browser/plugins/plugin_finder.h" | 25 #include "chrome/browser/plugins/plugin_finder.h" |
25 #include "chrome/browser/plugins/plugin_metadata.h" | 26 #include "chrome/browser/plugins/plugin_metadata.h" |
26 #include "chrome/browser/plugins/plugin_prefs.h" | 27 #include "chrome/browser/plugins/plugin_prefs.h" |
27 #include "chrome/browser/plugins/plugin_utils.h" | 28 #include "chrome/browser/plugins/plugin_utils.h" |
28 #include "chrome/browser/plugins/plugins_field_trial.h" | 29 #include "chrome/browser/plugins/plugins_field_trial.h" |
29 #include "chrome/browser/profiles/profile.h" | 30 #include "chrome/browser/profiles/profile.h" |
30 #include "chrome/browser/ui/browser_otr_state.h" | 31 #include "chrome/browser/ui/browser_otr_state.h" |
31 #include "chrome/common/chrome_content_client.h" | 32 #include "chrome/common/chrome_content_client.h" |
32 #include "chrome/common/chrome_features.h" | 33 #include "chrome/common/chrome_features.h" |
(...skipping 282 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
315 const url::Origin& main_frame_origin, | 316 const url::Origin& main_frame_origin, |
316 const WebPluginInfo& plugin, | 317 const WebPluginInfo& plugin, |
317 PluginMetadata::SecurityStatus security_status, | 318 PluginMetadata::SecurityStatus security_status, |
318 const std::string& plugin_identifier, | 319 const std::string& plugin_identifier, |
319 ChromeViewHostMsg_GetPluginInfo_Status* status) const { | 320 ChromeViewHostMsg_GetPluginInfo_Status* status) const { |
320 if (security_status == PluginMetadata::SECURITY_STATUS_FULLY_TRUSTED) { | 321 if (security_status == PluginMetadata::SECURITY_STATUS_FULLY_TRUSTED) { |
321 *status = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed; | 322 *status = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed; |
322 return; | 323 return; |
323 } | 324 } |
324 | 325 |
325 ContentSetting plugin_setting = CONTENT_SETTING_DEFAULT; | 326 PermissionResult plugin_result(CONTENT_SETTING_DEFAULT, |
| 327 PermissionStatusSource::UNSPECIFIED); |
326 bool uses_default_content_setting = true; | 328 bool uses_default_content_setting = true; |
327 bool is_managed = false; | 329 bool is_managed = false; |
328 // Check plugin content settings. The primary URL is the top origin URL and | 330 // Check plugin content settings. The primary URL is the top origin URL and |
329 // the secondary URL is the plugin URL. | 331 // the secondary URL is the plugin URL. |
330 PluginUtils::GetPluginContentSetting( | 332 PluginUtils::GetPluginContentSetting( |
331 host_content_settings_map_, plugin, main_frame_origin, url, | 333 host_content_settings_map_, plugin, main_frame_origin, url, |
332 plugin_identifier, &plugin_setting, &uses_default_content_setting, | 334 plugin_identifier, &plugin_result, &uses_default_content_setting, |
333 &is_managed); | 335 &is_managed); |
334 | 336 |
335 // TODO(tommycli): Remove once we deprecate the plugin ASK policy. | 337 // TODO(tommycli): Remove once we deprecate the plugin ASK policy. |
336 bool legacy_ask_user = plugin_setting == CONTENT_SETTING_ASK; | 338 bool legacy_ask_user = plugin_result.content_setting == CONTENT_SETTING_ASK; |
337 plugin_setting = PluginsFieldTrial::EffectiveContentSetting( | 339 plugin_result.content_setting = PluginsFieldTrial::EffectiveContentSetting( |
338 host_content_settings_map_, CONTENT_SETTINGS_TYPE_PLUGINS, | 340 host_content_settings_map_, CONTENT_SETTINGS_TYPE_PLUGINS, |
339 plugin_setting); | 341 plugin_result.content_setting); |
340 | 342 |
341 DCHECK(plugin_setting != CONTENT_SETTING_DEFAULT); | 343 DCHECK(plugin_result.content_setting != CONTENT_SETTING_DEFAULT); |
342 DCHECK(plugin_setting != CONTENT_SETTING_ASK); | 344 DCHECK(plugin_result.content_setting != CONTENT_SETTING_ASK); |
343 | 345 |
344 if (*status == | 346 if (*status == |
345 ChromeViewHostMsg_GetPluginInfo_Status::kFlashHiddenPreferHtml) { | 347 ChromeViewHostMsg_GetPluginInfo_Status::kFlashHiddenPreferHtml) { |
346 if (plugin_setting == CONTENT_SETTING_BLOCK) { | 348 if (plugin_result.content_setting == CONTENT_SETTING_BLOCK) { |
347 *status = is_managed && !legacy_ask_user | 349 if (is_managed && !legacy_ask_user) { |
348 ? ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy | 350 *status = ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy; |
349 : ChromeViewHostMsg_GetPluginInfo_Status::kBlockedNoLoading; | 351 plugin_result.source = PermissionStatusSource::ENTERPRISE_POLICY; |
| 352 } else { |
| 353 *status = ChromeViewHostMsg_GetPluginInfo_Status::kBlockedNoLoading; |
| 354 } |
350 } | 355 } |
351 return; | 356 return; |
352 } | 357 } |
353 | 358 |
354 #if BUILDFLAG(ENABLE_PLUGINS) | 359 #if BUILDFLAG(ENABLE_PLUGINS) |
355 // Check if the plugin is outdated. | 360 // Check if the plugin is outdated. |
356 if (security_status == PluginMetadata::SECURITY_STATUS_OUT_OF_DATE && | 361 if (security_status == PluginMetadata::SECURITY_STATUS_OUT_OF_DATE && |
357 !allow_outdated_plugins_.GetValue()) { | 362 !allow_outdated_plugins_.GetValue()) { |
358 if (allow_outdated_plugins_.IsManaged()) { | 363 if (allow_outdated_plugins_.IsManaged()) { |
359 *status = ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed; | 364 *status = ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed; |
360 } else { | 365 } else { |
361 *status = ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked; | 366 *status = ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked; |
362 } | 367 } |
363 return; | 368 return; |
364 } | 369 } |
365 #endif // BUILDFLAG(ENABLE_PLUGINS) | 370 #endif // BUILDFLAG(ENABLE_PLUGINS) |
366 | 371 |
367 // Check if the plugin is crashing too much. | 372 // Check if the plugin is crashing too much. |
368 if (PluginService::GetInstance()->IsPluginUnstable(plugin.path) && | 373 if (PluginService::GetInstance()->IsPluginUnstable(plugin.path) && |
369 !always_authorize_plugins_.GetValue() && | 374 !always_authorize_plugins_.GetValue() && |
370 plugin_setting != CONTENT_SETTING_BLOCK && | 375 plugin_result.content_setting != CONTENT_SETTING_BLOCK && |
371 uses_default_content_setting) { | 376 uses_default_content_setting) { |
372 *status = ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized; | 377 *status = ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized; |
373 return; | 378 return; |
374 } | 379 } |
375 | 380 |
376 #if BUILDFLAG(ENABLE_EXTENSIONS) | 381 #if BUILDFLAG(ENABLE_EXTENSIONS) |
377 // If an app has explicitly made internal resources available by listing them | 382 // If an app has explicitly made internal resources available by listing them |
378 // in |accessible_resources| in the manifest, then allow them to be loaded by | 383 // in |accessible_resources| in the manifest, then allow them to be loaded by |
379 // plugins inside a guest-view. | 384 // plugins inside a guest-view. |
380 if (url.SchemeIs(extensions::kExtensionScheme) && !is_managed && | 385 if (url.SchemeIs(extensions::kExtensionScheme) && !is_managed && |
381 plugin_setting == CONTENT_SETTING_BLOCK && | 386 plugin_result.content_setting == CONTENT_SETTING_BLOCK && |
382 IsPluginLoadingAccessibleResourceInWebView(extension_registry_, | 387 IsPluginLoadingAccessibleResourceInWebView(extension_registry_, |
383 render_process_id_, url)) { | 388 render_process_id_, url)) { |
384 plugin_setting = CONTENT_SETTING_ALLOW; | 389 plugin_result.content_setting = CONTENT_SETTING_ALLOW; |
| 390 plugin_result.source = PermissionStatusSource::EXTENSION; |
385 } | 391 } |
386 #endif // BUILDFLAG(ENABLE_EXTENSIONS) | 392 #endif // BUILDFLAG(ENABLE_EXTENSIONS) |
387 | 393 |
388 if (plugin_setting == CONTENT_SETTING_DETECT_IMPORTANT_CONTENT || | 394 if (plugin_result.content_setting == |
389 (plugin_setting == CONTENT_SETTING_ALLOW && | 395 CONTENT_SETTING_DETECT_IMPORTANT_CONTENT || |
| 396 (plugin_result.content_setting == CONTENT_SETTING_ALLOW && |
390 PluginUtils::ShouldPreferHtmlOverPlugins(host_content_settings_map_) && | 397 PluginUtils::ShouldPreferHtmlOverPlugins(host_content_settings_map_) && |
391 !base::FeatureList::IsEnabled(features::kRunAllFlashInAllowMode))) { | 398 !base::FeatureList::IsEnabled(features::kRunAllFlashInAllowMode))) { |
392 *status = ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent; | 399 *status = ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent; |
393 } else if (plugin_setting == CONTENT_SETTING_BLOCK) { | 400 } else if (plugin_result.content_setting == CONTENT_SETTING_BLOCK) { |
394 // For managed users with the ASK policy, we allow manually running plugins | 401 // For managed users with the ASK policy, we allow manually running plugins |
395 // via context menu. This is the closest to admin intent. | 402 // via context menu. This is the closest to admin intent. |
396 *status = is_managed && !legacy_ask_user | 403 if (is_managed && !legacy_ask_user) { |
397 ? ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy | 404 *status = ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy; |
398 : ChromeViewHostMsg_GetPluginInfo_Status::kBlocked; | 405 plugin_result.source = PermissionStatusSource::ENTERPRISE_POLICY; |
| 406 } else { |
| 407 *status = ChromeViewHostMsg_GetPluginInfo_Status::kBlocked; |
| 408 } |
399 } | 409 } |
400 | 410 |
401 #if BUILDFLAG(ENABLE_EXTENSIONS) | 411 #if BUILDFLAG(ENABLE_EXTENSIONS) |
402 // Allow an embedder of <webview> to block a plugin from being loaded inside | 412 // Allow an embedder of <webview> to block a plugin from being loaded inside |
403 // the guest. In order to do this, set the status to 'Unauthorized' here, | 413 // the guest. In order to do this, set the status to 'Unauthorized' here, |
404 // and update the status as appropriate depending on the response from the | 414 // and update the status as appropriate depending on the response from the |
405 // embedder. | 415 // embedder. |
406 if (*status == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed || | 416 if (*status == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed || |
407 *status == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked || | 417 *status == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked || |
408 *status == | 418 *status == |
(...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
588 status == ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) { | 598 status == ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) { |
589 ChromePluginServiceFilter::GetInstance()->AuthorizePlugin( | 599 ChromePluginServiceFilter::GetInstance()->AuthorizePlugin( |
590 render_process_id_, path); | 600 render_process_id_, path); |
591 } | 601 } |
592 } | 602 } |
593 | 603 |
594 bool PluginInfoMessageFilter::Context::IsPluginEnabled( | 604 bool PluginInfoMessageFilter::Context::IsPluginEnabled( |
595 const content::WebPluginInfo& plugin) const { | 605 const content::WebPluginInfo& plugin) const { |
596 return plugin_prefs_->IsPluginEnabled(plugin); | 606 return plugin_prefs_->IsPluginEnabled(plugin); |
597 } | 607 } |
OLD | NEW |