| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/renderer/script_injection.h" | 5 #include "extensions/renderer/script_injection.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 | 8 |
| 9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| (...skipping 22 matching lines...) Expand all Loading... |
| 33 | 33 |
| 34 typedef std::map<std::string, int> IsolatedWorldMap; | 34 typedef std::map<std::string, int> IsolatedWorldMap; |
| 35 base::LazyInstance<IsolatedWorldMap> g_isolated_worlds = | 35 base::LazyInstance<IsolatedWorldMap> g_isolated_worlds = |
| 36 LAZY_INSTANCE_INITIALIZER; | 36 LAZY_INSTANCE_INITIALIZER; |
| 37 | 37 |
| 38 const int64 kInvalidRequestId = -1; | 38 const int64 kInvalidRequestId = -1; |
| 39 | 39 |
| 40 // The id of the next pending injection. | 40 // The id of the next pending injection. |
| 41 int64 g_next_pending_id = 0; | 41 int64 g_next_pending_id = 0; |
| 42 | 42 |
| 43 bool ShouldDelayForPermission() { | 43 bool ShouldNotifyBrowserOfInjections() { |
| 44 return FeatureSwitch::scripts_require_action()->IsEnabled(); | 44 return !FeatureSwitch::scripts_require_action()->IsEnabled(); |
| 45 } | 45 } |
| 46 | 46 |
| 47 // Append all the child frames of |parent_frame| to |frames_vector|. | 47 // Append all the child frames of |parent_frame| to |frames_vector|. |
| 48 void AppendAllChildFrames(blink::WebFrame* parent_frame, | 48 void AppendAllChildFrames(blink::WebFrame* parent_frame, |
| 49 std::vector<blink::WebFrame*>* frames_vector) { | 49 std::vector<blink::WebFrame*>* frames_vector) { |
| 50 DCHECK(parent_frame); | 50 DCHECK(parent_frame); |
| 51 for (blink::WebFrame* child_frame = parent_frame->firstChild(); child_frame; | 51 for (blink::WebFrame* child_frame = parent_frame->firstChild(); child_frame; |
| 52 child_frame = child_frame->nextSibling()) { | 52 child_frame = child_frame->nextSibling()) { |
| 53 frames_vector->push_back(child_frame); | 53 frames_vector->push_back(child_frame); |
| 54 AppendAllChildFrames(child_frame, frames_vector); | 54 AppendAllChildFrames(child_frame, frames_vector); |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 138 if (request_id_ != kInvalidRequestId) | 138 if (request_id_ != kInvalidRequestId) |
| 139 return false; // We're waiting for permission right now, try again later. | 139 return false; // We're waiting for permission right now, try again later. |
| 140 | 140 |
| 141 if (!extension) { | 141 if (!extension) { |
| 142 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); | 142 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); |
| 143 return true; // We're done. | 143 return true; // We're done. |
| 144 } | 144 } |
| 145 | 145 |
| 146 switch (injector_->CanExecuteOnFrame( | 146 switch (injector_->CanExecuteOnFrame( |
| 147 extension, web_frame_, tab_id_, web_frame_->top()->document().url())) { | 147 extension, web_frame_, tab_id_, web_frame_->top()->document().url())) { |
| 148 case ScriptInjector::DENY_ACCESS: | 148 case PermissionsData::ACCESS_DENIED: |
| 149 NotifyWillNotInject(ScriptInjector::NOT_ALLOWED); | 149 NotifyWillNotInject(ScriptInjector::NOT_ALLOWED); |
| 150 return true; // We're done. | 150 return true; // We're done. |
| 151 case ScriptInjector::REQUEST_ACCESS: | 151 case PermissionsData::ACCESS_WITHHELD: |
| 152 RequestPermission(); | 152 RequestPermission(); |
| 153 if (ShouldDelayForPermission()) | 153 return false; // Wait around for permission. |
| 154 return false; // Wait around for permission. | 154 case PermissionsData::ACCESS_ALLOWED: |
| 155 // else fall through | |
| 156 case ScriptInjector::ALLOW_ACCESS: | |
| 157 Inject(extension, scripts_run_info); | 155 Inject(extension, scripts_run_info); |
| 158 return true; // We're done! | 156 return true; // We're done! |
| 159 } | 157 } |
| 160 | 158 |
| 161 // Some compilers don't realize that we always return from the switch() above. | 159 // Some compilers don't realize that we always return from the switch() above. |
| 162 // Make them happy. | 160 // Make them happy. |
| 163 return false; | 161 return false; |
| 164 } | 162 } |
| 165 | 163 |
| 166 bool ScriptInjection::OnPermissionGranted(const Extension* extension, | 164 bool ScriptInjection::OnPermissionGranted(const Extension* extension, |
| 167 ScriptsRunInfo* scripts_run_info) { | 165 ScriptsRunInfo* scripts_run_info) { |
| 168 if (!extension) { | 166 if (!extension) { |
| 169 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); | 167 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); |
| 170 return false; | 168 return false; |
| 171 } | 169 } |
| 172 | 170 |
| 173 Inject(extension, scripts_run_info); | 171 Inject(extension, scripts_run_info); |
| 174 return true; | 172 return true; |
| 175 } | 173 } |
| 176 | 174 |
| 177 void ScriptInjection::RequestPermission() { | 175 void ScriptInjection::RequestPermission() { |
| 178 content::RenderView* render_view = | 176 content::RenderView* render_view = |
| 179 content::RenderView::FromWebView(web_frame()->top()->view()); | 177 content::RenderView::FromWebView(web_frame()->top()->view()); |
| 180 | 178 |
| 181 // If the feature to delay for permission isn't enabled, then just send an | 179 // If we are just notifying the browser of the injection, then send an |
| 182 // invalid request (which is treated like a notification). | 180 // invalid request (which is treated like a notification). |
| 183 request_id_ = | 181 request_id_ = ShouldNotifyBrowserOfInjections() ? kInvalidRequestId |
| 184 ShouldDelayForPermission() ? g_next_pending_id++ : kInvalidRequestId; | 182 : g_next_pending_id++; |
| 185 render_view->Send(new ExtensionHostMsg_RequestScriptInjectionPermission( | 183 render_view->Send(new ExtensionHostMsg_RequestScriptInjectionPermission( |
| 186 render_view->GetRoutingID(), | 184 render_view->GetRoutingID(), |
| 187 extension_id_, | 185 extension_id_, |
| 186 injector_->script_type(), |
| 188 request_id_)); | 187 request_id_)); |
| 189 } | 188 } |
| 190 | 189 |
| 191 void ScriptInjection::NotifyWillNotInject( | 190 void ScriptInjection::NotifyWillNotInject( |
| 192 ScriptInjector::InjectFailureReason reason) { | 191 ScriptInjector::InjectFailureReason reason) { |
| 193 complete_ = true; | 192 complete_ = true; |
| 194 injector_->OnWillNotInject(reason); | 193 injector_->OnWillNotInject(reason); |
| 195 } | 194 } |
| 196 | 195 |
| 197 void ScriptInjection::Inject(const Extension* extension, | 196 void ScriptInjection::Inject(const Extension* extension, |
| 198 ScriptsRunInfo* scripts_run_info) { | 197 ScriptsRunInfo* scripts_run_info) { |
| 199 DCHECK(extension); | 198 DCHECK(extension); |
| 200 DCHECK(scripts_run_info); | 199 DCHECK(scripts_run_info); |
| 201 DCHECK(!complete_); | 200 DCHECK(!complete_); |
| 202 | 201 |
| 202 if (ShouldNotifyBrowserOfInjections()) |
| 203 RequestPermission(); |
| 204 |
| 203 std::vector<blink::WebFrame*> frame_vector; | 205 std::vector<blink::WebFrame*> frame_vector; |
| 204 frame_vector.push_back(web_frame_); | 206 frame_vector.push_back(web_frame_); |
| 205 if (injector_->ShouldExecuteInChildFrames()) | 207 if (injector_->ShouldExecuteInChildFrames()) |
| 206 AppendAllChildFrames(web_frame_, &frame_vector); | 208 AppendAllChildFrames(web_frame_, &frame_vector); |
| 207 | 209 |
| 208 scoped_ptr<blink::WebScopedUserGesture> gesture; | 210 scoped_ptr<blink::WebScopedUserGesture> gesture; |
| 209 if (injector_->IsUserGesture()) | 211 if (injector_->IsUserGesture()) |
| 210 gesture.reset(new blink::WebScopedUserGesture()); | 212 gesture.reset(new blink::WebScopedUserGesture()); |
| 211 | 213 |
| 212 bool inject_js = injector_->ShouldInjectJs(run_location_); | 214 bool inject_js = injector_->ShouldInjectJs(run_location_); |
| 213 bool inject_css = injector_->ShouldInjectCss(run_location_); | 215 bool inject_css = injector_->ShouldInjectCss(run_location_); |
| 214 DCHECK(inject_js || inject_css); | 216 DCHECK(inject_js || inject_css); |
| 215 | 217 |
| 216 scoped_ptr<base::ListValue> execution_results(new base::ListValue()); | 218 scoped_ptr<base::ListValue> execution_results(new base::ListValue()); |
| 217 GURL top_url = web_frame_->top()->document().url(); | 219 GURL top_url = web_frame_->top()->document().url(); |
| 218 for (std::vector<blink::WebFrame*>::iterator iter = frame_vector.begin(); | 220 for (std::vector<blink::WebFrame*>::iterator iter = frame_vector.begin(); |
| 219 iter != frame_vector.end(); | 221 iter != frame_vector.end(); |
| 220 ++iter) { | 222 ++iter) { |
| 221 blink::WebFrame* frame = *iter; | 223 blink::WebFrame* frame = *iter; |
| 222 | 224 |
| 223 // We recheck access here in the renderer for extra safety against races | 225 // We recheck access here in the renderer for extra safety against races |
| 224 // with navigation, but different frames can have different URLs, and the | 226 // with navigation, but different frames can have different URLs, and the |
| 225 // extension might only have access to a subset of them. | 227 // extension might only have access to a subset of them. |
| 226 // For child frames, we just skip ones the extension doesn't have access | 228 // For child frames, we just skip ones the extension doesn't have access |
| 227 // to and carry on. | 229 // to and carry on. |
| 228 // Note: we don't consider REQUEST_ACCESS because there is nowhere to | 230 // Note: we don't consider ACCESS_WITHHELD because there is nowhere to |
| 229 // surface a request for a child frame. | 231 // surface a request for a child frame. |
| 230 // TODO(rdevlin.cronin): We should ask for permission somehow. | 232 // TODO(rdevlin.cronin): We should ask for permission somehow. |
| 231 if (injector_->CanExecuteOnFrame(extension, frame, tab_id_, top_url) == | 233 if (injector_->CanExecuteOnFrame(extension, frame, tab_id_, top_url) == |
| 232 ScriptInjector::DENY_ACCESS) { | 234 PermissionsData::ACCESS_DENIED) { |
| 233 DCHECK(frame->parent()); | 235 DCHECK(frame->parent()); |
| 234 continue; | 236 continue; |
| 235 } | 237 } |
| 236 if (inject_js) | 238 if (inject_js) |
| 237 InjectJs(extension, frame, execution_results.get()); | 239 InjectJs(extension, frame, execution_results.get()); |
| 238 if (inject_css) | 240 if (inject_css) |
| 239 InjectCss(frame); | 241 InjectCss(frame); |
| 240 } | 242 } |
| 241 | 243 |
| 242 complete_ = true; | 244 complete_ = true; |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 306 std::vector<std::string> css_sources = | 308 std::vector<std::string> css_sources = |
| 307 injector_->GetCssSources(run_location_); | 309 injector_->GetCssSources(run_location_); |
| 308 for (std::vector<std::string>::const_iterator iter = css_sources.begin(); | 310 for (std::vector<std::string>::const_iterator iter = css_sources.begin(); |
| 309 iter != css_sources.end(); | 311 iter != css_sources.end(); |
| 310 ++iter) { | 312 ++iter) { |
| 311 frame->document().insertStyleSheet(blink::WebString::fromUTF8(*iter)); | 313 frame->document().insertStyleSheet(blink::WebString::fromUTF8(*iter)); |
| 312 } | 314 } |
| 313 } | 315 } |
| 314 | 316 |
| 315 } // namespace extensions | 317 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 348313003:
Create withheld permissions (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src