Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(878)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chrome_content_browser_client.cc

Issue 338523007: Pepper: Whitelist dev channel APIs for some apps. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: gross pnacl hack Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | components/nacl/browser/nacl_host_message_filter.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chrome_content_browser_client.h" 5 #include "chrome/browser/chrome_content_browser_client.h"
6 6
7 #include <set> 7 #include <set>
8 #include <utility> 8 #include <utility>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after
273 using content::FileDescriptorInfo; 273 using content::FileDescriptorInfo;
274 #endif 274 #endif
275 275
276 namespace { 276 namespace {
277 277
278 // Cached version of the locale so we can return the locale on the I/O 278 // Cached version of the locale so we can return the locale on the I/O
279 // thread. 279 // thread.
280 base::LazyInstance<std::string> g_io_thread_application_locale; 280 base::LazyInstance<std::string> g_io_thread_application_locale;
281 281
282 #if defined(ENABLE_PLUGINS) 282 #if defined(ENABLE_PLUGINS)
283 // TODO(teravest): Add renderer-side API-specific checking for these APIs so
284 // that blanket permission isn't granted to all dev channel APIs for these.
285 // http://crbug.com/386743
286 const char* const kPredefinedAllowedDevChannelOrigins[] = {
287 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/383937
288 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/383937
289 };
290
283 const char* const kPredefinedAllowedFileHandleOrigins[] = { 291 const char* const kPredefinedAllowedFileHandleOrigins[] = {
284 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789 292 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789
285 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/234789 293 "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/234789
286 }; 294 };
287 295
288 const char* const kPredefinedAllowedSocketOrigins[] = { 296 const char* const kPredefinedAllowedSocketOrigins[] = {
289 "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client 297 "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client
290 "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client) 298 "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client)
291 "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126 299 "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126
292 "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop 300 "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop
(...skipping 342 matching lines...) Expand 10 before | Expand all | Expand 10 after
635 643
636 #endif // defined(OS_ANDROID) 644 #endif // defined(OS_ANDROID)
637 645
638 } // namespace 646 } // namespace
639 647
640 namespace chrome { 648 namespace chrome {
641 649
642 ChromeContentBrowserClient::ChromeContentBrowserClient() 650 ChromeContentBrowserClient::ChromeContentBrowserClient()
643 : prerender_tracker_(NULL) { 651 : prerender_tracker_(NULL) {
644 #if defined(ENABLE_PLUGINS) 652 #if defined(ENABLE_PLUGINS)
653 for (size_t i = 0; i < arraysize(kPredefinedAllowedDevChannelOrigins); ++i)
654 allowed_dev_channel_origins_.insert(kPredefinedAllowedDevChannelOrigins[i]);
645 for (size_t i = 0; i < arraysize(kPredefinedAllowedFileHandleOrigins); ++i) 655 for (size_t i = 0; i < arraysize(kPredefinedAllowedFileHandleOrigins); ++i)
646 allowed_file_handle_origins_.insert(kPredefinedAllowedFileHandleOrigins[i]); 656 allowed_file_handle_origins_.insert(kPredefinedAllowedFileHandleOrigins[i]);
647 for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i) 657 for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i)
648 allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]); 658 allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]);
649 #endif 659 #endif
650 660
651 permissions_policy_delegate_.reset( 661 permissions_policy_delegate_.reset(
652 new extensions::BrowserPermissionsPolicyDelegate()); 662 new extensions::BrowserPermissionsPolicyDelegate());
653 } 663 }
654 664
(...skipping 2133 matching lines...) Expand 10 before | Expand all | Expand 10 after
2788 bool ChromeContentBrowserClient::IsPluginAllowedToCallRequestOSFileHandle( 2798 bool ChromeContentBrowserClient::IsPluginAllowedToCallRequestOSFileHandle(
2789 content::BrowserContext* browser_context, 2799 content::BrowserContext* browser_context,
2790 const GURL& url) { 2800 const GURL& url) {
2791 #if defined(ENABLE_PLUGINS) 2801 #if defined(ENABLE_PLUGINS)
2792 Profile* profile = Profile::FromBrowserContext(browser_context); 2802 Profile* profile = Profile::FromBrowserContext(browser_context);
2793 const extensions::ExtensionSet* extension_set = NULL; 2803 const extensions::ExtensionSet* extension_set = NULL;
2794 if (profile) { 2804 if (profile) {
2795 extension_set = extensions::ExtensionSystem::Get(profile)-> 2805 extension_set = extensions::ExtensionSystem::Get(profile)->
2796 extension_service()->extensions(); 2806 extension_service()->extensions();
2797 } 2807 }
2798 // TODO(teravest): Populate allowed_file_handle_origins_ when FileIO is moved
2799 // from the renderer to the browser.
2800 return IsExtensionOrSharedModuleWhitelisted(url, extension_set, 2808 return IsExtensionOrSharedModuleWhitelisted(url, extension_set,
2801 allowed_file_handle_origins_) || 2809 allowed_file_handle_origins_) ||
2802 IsHostAllowedByCommandLine(url, extension_set, 2810 IsHostAllowedByCommandLine(url, extension_set,
2803 switches::kAllowNaClFileHandleAPI); 2811 switches::kAllowNaClFileHandleAPI);
2804 #else 2812 #else
2805 return false; 2813 return false;
2806 #endif 2814 #endif
2807 } 2815 }
2808 2816
2809 bool ChromeContentBrowserClient::IsPluginAllowedToUseDevChannelAPIs() { 2817 bool ChromeContentBrowserClient::IsPluginAllowedToUseDevChannelAPIs(
2818 content::BrowserContext* browser_context,
2819 const GURL& url) {
2810 #if defined(ENABLE_PLUGINS) 2820 #if defined(ENABLE_PLUGINS)
2811 // Allow access for tests. 2821 // Allow access for tests.
2812 if (CommandLine::ForCurrentProcess()->HasSwitch( 2822 if (CommandLine::ForCurrentProcess()->HasSwitch(
2813 switches::kEnablePepperTesting)) { 2823 switches::kEnablePepperTesting)) {
2814 return true; 2824 return true;
2815 } 2825 }
2816 2826
2827 Profile* profile = Profile::FromBrowserContext(browser_context);
2828 const extensions::ExtensionSet* extension_set = NULL;
2829 if (profile) {
2830 extension_set = extensions::ExtensionSystem::Get(profile)->
2831 extension_service()->extensions();
2832 }
2833
2834 // Allow access for whitelisted applications.
2835 if (IsExtensionOrSharedModuleWhitelisted(url,
2836 extension_set,
2837 allowed_dev_channel_origins_)) {
2838 return true;
2839 }
2840
2817 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel(); 2841 chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
2818 // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown" 2842 // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
2819 // releases of Chrome. Permitting "Unknown" allows these APIs to be used on 2843 // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
2820 // Chromium builds as well. 2844 // Chromium builds as well.
2821 return channel <= chrome::VersionInfo::CHANNEL_DEV; 2845 return channel <= chrome::VersionInfo::CHANNEL_DEV;
2822 #else 2846 #else
2823 return false; 2847 return false;
2824 #endif 2848 #endif
2825 } 2849 }
2826 2850
(...skipping 24 matching lines...) Expand all
2851 switches::kDisableWebRtcEncryption, 2875 switches::kDisableWebRtcEncryption,
2852 }; 2876 };
2853 to_command_line->CopySwitchesFrom(from_command_line, 2877 to_command_line->CopySwitchesFrom(from_command_line,
2854 kWebRtcDevSwitchNames, 2878 kWebRtcDevSwitchNames,
2855 arraysize(kWebRtcDevSwitchNames)); 2879 arraysize(kWebRtcDevSwitchNames));
2856 } 2880 }
2857 } 2881 }
2858 #endif // defined(ENABLE_WEBRTC) 2882 #endif // defined(ENABLE_WEBRTC)
2859 2883
2860 } // namespace chrome 2884 } // namespace chrome
OLDNEW
« no previous file with comments | « chrome/browser/chrome_content_browser_client.h ('k') | components/nacl/browser/nacl_host_message_filter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698