| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/content_settings_observer.h" | 5 #include "chrome/renderer/content_settings_observer.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/metrics/histogram.h" | 8 #include "base/metrics/histogram.h" |
| 9 #include "chrome/common/chrome_switches.h" | 9 #include "chrome/common/chrome_switches.h" |
| 10 #include "chrome/common/render_messages.h" | 10 #include "chrome/common/render_messages.h" |
| 11 #include "chrome/common/url_constants.h" | 11 #include "chrome/common/url_constants.h" |
| 12 #include "content/public/renderer/document_state.h" | 12 #include "content/public/renderer/document_state.h" |
| 13 #include "content/public/renderer/navigation_state.h" | 13 #include "content/public/renderer/navigation_state.h" |
| 14 #include "content/public/renderer/render_frame.h" | 14 #include "content/public/renderer/render_frame.h" |
| 15 #include "content/public/renderer/render_view.h" | 15 #include "content/public/renderer/render_view.h" |
| 16 #include "third_party/WebKit/public/platform/WebPermissionCallbacks.h" | 16 #include "third_party/WebKit/public/platform/WebPermissionCallbacks.h" |
| 17 #include "third_party/WebKit/public/platform/WebURL.h" | 17 #include "third_party/WebKit/public/platform/WebURL.h" |
| 18 #include "third_party/WebKit/public/web/WebDataSource.h" | 18 #include "third_party/WebKit/public/web/WebDataSource.h" |
| 19 #include "third_party/WebKit/public/web/WebDocument.h" | 19 #include "third_party/WebKit/public/web/WebDocument.h" |
| 20 #include "third_party/WebKit/public/web/WebFrame.h" | 20 #include "third_party/WebKit/public/web/WebFrame.h" |
| 21 #include "third_party/WebKit/public/web/WebFrameClient.h" | 21 #include "third_party/WebKit/public/web/WebFrameClient.h" |
| 22 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" | 22 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" |
| 23 #include "third_party/WebKit/public/web/WebView.h" | 23 #include "third_party/WebKit/public/web/WebView.h" |
| 24 | 24 |
| 25 #if defined(ENABLE_EXTENSIONS) | 25 #if defined(ENABLE_EXTENSIONS) |
| 26 #include "chrome/common/extensions/chrome_extension_messages.h" | 26 #include "chrome/common/extensions/chrome_extension_messages.h" |
| 27 #include "extensions/common/constants.h" | 27 #include "extensions/common/constants.h" |
| 28 #include "extensions/common/extension.h" | 28 #include "extensions/common/extension.h" |
| 29 #include "extensions/common/permissions/api_permission.h" |
| 30 #include "extensions/common/permissions/permissions_data.h" |
| 29 #include "extensions/renderer/dispatcher.h" | 31 #include "extensions/renderer/dispatcher.h" |
| 30 #endif | 32 #endif |
| 31 | 33 |
| 32 using blink::WebDataSource; | 34 using blink::WebDataSource; |
| 33 using blink::WebDocument; | 35 using blink::WebDocument; |
| 34 using blink::WebFrame; | 36 using blink::WebFrame; |
| 35 using blink::WebPermissionCallbacks; | 37 using blink::WebPermissionCallbacks; |
| 36 using blink::WebSecurityOrigin; | 38 using blink::WebSecurityOrigin; |
| 37 using blink::WebString; | 39 using blink::WebString; |
| 38 using blink::WebURL; | 40 using blink::WebURL; |
| (...skipping 364 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 403 routing_id(), GURL(frame->document().securityOrigin().toString()), | 405 routing_id(), GURL(frame->document().securityOrigin().toString()), |
| 404 GURL(frame->top()->document().securityOrigin().toString()), | 406 GURL(frame->top()->document().securityOrigin().toString()), |
| 405 local, &result)); | 407 local, &result)); |
| 406 cached_storage_permissions_[key] = result; | 408 cached_storage_permissions_[key] = result; |
| 407 return result; | 409 return result; |
| 408 } | 410 } |
| 409 | 411 |
| 410 bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) { | 412 bool ContentSettingsObserver::allowReadFromClipboard(bool default_value) { |
| 411 bool allowed = false; | 413 bool allowed = false; |
| 412 #if defined(ENABLE_EXTENSIONS) | 414 #if defined(ENABLE_EXTENSIONS) |
| 413 WebFrame* frame = render_frame()->GetWebFrame(); | 415 extensions::ScriptContext* calling_context = |
| 414 // TODO(dcheng): Should we consider a toURL() method on WebSecurityOrigin? | 416 extension_dispatcher_->script_context_set().GetCalling(); |
| 415 Send(new ChromeViewHostMsg_CanTriggerClipboardRead( | 417 if (calling_context) { |
| 416 GURL(frame->document().securityOrigin().toString()), &allowed)); | 418 const extensions::Extension* extension = |
| 419 calling_context->effective_extension(); |
| 420 allowed = extension && |
| 421 extension->permissions_data()->HasAPIPermission( |
| 422 extensions::APIPermission::kClipboardRead); |
| 423 } |
| 417 #endif | 424 #endif |
| 418 return allowed; | 425 return allowed; |
| 419 } | 426 } |
| 420 | 427 |
| 421 bool ContentSettingsObserver::allowWriteToClipboard(bool default_value) { | 428 bool ContentSettingsObserver::allowWriteToClipboard(bool default_value) { |
| 422 bool allowed = false; | 429 bool allowed = false; |
| 423 #if defined(ENABLE_EXTENSIONS) | 430 #if defined(ENABLE_EXTENSIONS) |
| 424 WebFrame* frame = render_frame()->GetWebFrame(); | 431 // All blessed extension pages could historically write to the clipboard, so |
| 425 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( | 432 // preserve that for compatibility. |
| 426 GURL(frame->document().securityOrigin().toString()), &allowed)); | 433 extensions::ScriptContext* calling_context = |
| 434 extension_dispatcher_->script_context_set().GetCalling(); |
| 435 if (calling_context) { |
| 436 if (calling_context->effective_context_type() == |
| 437 extensions::Feature::BLESSED_EXTENSION_CONTEXT) { |
| 438 allowed = true; |
| 439 } else { |
| 440 const extensions::Extension* extension = |
| 441 calling_context->effective_extension(); |
| 442 allowed = extension && |
| 443 extension->permissions_data()->HasAPIPermission( |
| 444 extensions::APIPermission::kClipboardWrite); |
| 445 } |
| 446 } |
| 427 #endif | 447 #endif |
| 428 return allowed; | 448 return allowed; |
| 429 } | 449 } |
| 430 | 450 |
| 431 bool ContentSettingsObserver::allowMutationEvents(bool default_value) { | 451 bool ContentSettingsObserver::allowMutationEvents(bool default_value) { |
| 432 return IsPlatformApp() ? false : default_value; | 452 return IsPlatformApp() ? false : default_value; |
| 433 } | 453 } |
| 434 | 454 |
| 435 bool ContentSettingsObserver::allowPushState() { | 455 bool ContentSettingsObserver::allowPushState() { |
| 436 return !IsPlatformApp(); | 456 return !IsPlatformApp(); |
| (...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 695 | 715 |
| 696 // If the scheme is file:, an empty file name indicates a directory listing, | 716 // If the scheme is file:, an empty file name indicates a directory listing, |
| 697 // which requires JavaScript to function properly. | 717 // which requires JavaScript to function properly. |
| 698 if (EqualsASCII(origin.protocol(), url::kFileScheme)) { | 718 if (EqualsASCII(origin.protocol(), url::kFileScheme)) { |
| 699 return document_url.SchemeIs(url::kFileScheme) && | 719 return document_url.SchemeIs(url::kFileScheme) && |
| 700 document_url.ExtractFileName().empty(); | 720 document_url.ExtractFileName().empty(); |
| 701 } | 721 } |
| 702 | 722 |
| 703 return false; | 723 return false; |
| 704 } | 724 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 498513002:
Respect the clipboardRead and clipboardWrite permissions in content scripts. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src