| Index: chrome/browser/plugins/chrome_content_browser_client_plugins_part.cc
|
| diff --git a/chrome/browser/plugins/chrome_content_browser_client_plugins_part.cc b/chrome/browser/plugins/chrome_content_browser_client_plugins_part.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..f7b2cdd88c2002753cc1b069fd8d8071c85bcfe5
|
| --- /dev/null
|
| +++ b/chrome/browser/plugins/chrome_content_browser_client_plugins_part.cc
|
| @@ -0,0 +1,167 @@
|
| +// Copyright (c) 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "chrome/browser/plugins/chrome_content_browser_client_plugins_part.h"
|
| +
|
| +#include "chrome/browser/extensions/extension_service.h"
|
| +#include "chrome/browser/plugins/plugin_info_message_filter.h"
|
| +#include "chrome/browser/profiles/profile.h"
|
| +#include "chrome/common/chrome_switches.h"
|
| +#include "chrome/common/chrome_version_info.h"
|
| +#include "chrome/common/pepper_permission_util.h"
|
| +#include "content/public/browser/render_process_host.h"
|
| +#include "extensions/browser/extension_system.h"
|
| +#include "extensions/common/constants.h"
|
| +#include "extensions/common/permissions/permissions_data.h"
|
| +#include "extensions/common/permissions/socket_permission.h"
|
| +
|
| +using namespace extensions;
|
| +
|
| +namespace plugins {
|
| +
|
| +// TODO(teravest): Add renderer-side API-specific checking for these APIs so
|
| +// that blanket permission isn't granted to all dev channel APIs for these.
|
| +// http://crbug.com/386743
|
| +const char* const kPredefinedAllowedDevChannelOrigins[] = {
|
| + "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/383937
|
| + "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/383937
|
| +};
|
| +
|
| +const char* const kPredefinedAllowedFileHandleOrigins[] = {
|
| + "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789
|
| + "4EB74897CB187C7633357C2FE832E0AD6A44883A" // see crbug.com/234789
|
| +};
|
| +
|
| +const char* const kPredefinedAllowedSocketOrigins[] = {
|
| + "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client
|
| + "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client)
|
| + "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126
|
| + "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop
|
| + "kgngmbheleoaphbjbaiobfdepmghbfah", // Pre-release Chrome Remote Desktop
|
| + "odkaodonbgfohohmklejpjiejmcipmib", // Dogfood Chrome Remote Desktop
|
| + "ojoimpklfciegopdfgeenehpalipignm", // Chromoting canary
|
| + "cbkkbcmdlboombapidmoeolnmdacpkch", // see crbug.com/129089
|
| + "hhnbmknkdabfoieppbbljkhkfjcmcbjh", // see crbug.com/134099
|
| + "mablfbjkhmhkmefkjjacnbaikjkipphg", // see crbug.com/134099
|
| + "pdeelgamlgannhelgoegilelnnojegoh", // see crbug.com/134099
|
| + "cabapfdbkniadpollkckdnedaanlciaj", // see crbug.com/134099
|
| + "mapljbgnjledlpdmlchihnmeclmefbba", // see crbug.com/134099
|
| + "ghbfeebgmiidnnmeobbbaiamklmpbpii", // see crbug.com/134099
|
| + "jdfhpkjeckflbbleddjlpimecpbjdeep", // see crbug.com/142514
|
| + "iabmpiboiopbgfabjmgeedhcmjenhbla", // see crbug.com/165080
|
| + "B7CF8A292249681AF81771650BA4CEEAF19A4560", // see crbug.com/165080
|
| + "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F", // see crbug.com/234789
|
| + "4EB74897CB187C7633357C2FE832E0AD6A44883A", // see crbug.com/234789
|
| + "7525AF4F66763A70A883C4700529F647B470E4D2", // see crbug.com/238084
|
| + "0B549507088E1564D672F7942EB87CA4DAD73972", // see crbug.com/238084
|
| + "864288364E239573E777D3E0E36864E590E95C74" // see crbug.com/238084
|
| +};
|
| +
|
| +ChromeContentBrowserClientPluginsPart::ChromeContentBrowserClientPluginsPart() {
|
| + for (size_t i = 0; i < arraysize(kPredefinedAllowedDevChannelOrigins); ++i)
|
| + allowed_dev_channel_origins_.insert(kPredefinedAllowedDevChannelOrigins[i]);
|
| + for (size_t i = 0; i < arraysize(kPredefinedAllowedFileHandleOrigins); ++i)
|
| + allowed_file_handle_origins_.insert(kPredefinedAllowedFileHandleOrigins[i]);
|
| + for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i)
|
| + allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]);
|
| +}
|
| +
|
| +ChromeContentBrowserClientPluginsPart::
|
| + ~ChromeContentBrowserClientPluginsPart() {
|
| +}
|
| +
|
| +void ChromeContentBrowserClientPluginsPart::RenderProcessWillLaunch(
|
| + content::RenderProcessHost* host) {
|
| + int id = host->GetID();
|
| + Profile* profile = Profile::FromBrowserContext(host->GetBrowserContext());
|
| + host->AddFilter(new PluginInfoMessageFilter(id, profile));
|
| +}
|
| +
|
| +bool
|
| +ChromeContentBrowserClientPluginsPart::IsPluginAllowedToCallRequestOSFileHandle(
|
| + content::BrowserContext* browser_context,
|
| + const GURL& url) {
|
| + const extensions::ExtensionSet* extension_set = NULL;
|
| +
|
| + const ExtensionService* ext_service =
|
| + extensions::ExtensionSystem::Get(browser_context)->extension_service();
|
| + if (ext_service) {
|
| + extension_set = ext_service->extensions();
|
| + }
|
| + return chrome::IsExtensionOrSharedModuleWhitelisted(
|
| + url, extension_set, allowed_file_handle_origins_) ||
|
| + chrome::IsHostAllowedByCommandLine(
|
| + url, extension_set, ::switches::kAllowNaClFileHandleAPI);
|
| +}
|
| +
|
| +bool ChromeContentBrowserClientPluginsPart::AllowPepperSocketAPI(
|
| + content::BrowserContext* browser_context,
|
| + const GURL& url,
|
| + bool private_api,
|
| + const content::SocketPermissionRequest* params) {
|
| + const extensions::ExtensionSet* extension_set = NULL;
|
| + const ExtensionService* ext_service =
|
| + extensions::ExtensionSystem::Get(browser_context)->extension_service();
|
| + if (ext_service) {
|
| + extension_set = ext_service->extensions();
|
| + }
|
| +
|
| + if (private_api) {
|
| + // Access to private socket APIs is controlled by the whitelist.
|
| + if (chrome::IsExtensionOrSharedModuleWhitelisted(
|
| + url, extension_set, allowed_socket_origins_)) {
|
| + return true;
|
| + }
|
| + } else {
|
| + // Access to public socket APIs is controlled by extension permissions.
|
| + if (url.is_valid() && url.SchemeIs(extensions::kExtensionScheme) &&
|
| + extension_set) {
|
| + const Extension* extension = extension_set->GetByID(url.host());
|
| + if (extension) {
|
| + const extensions::PermissionsData* permissions_data =
|
| + extension->permissions_data();
|
| + if (params) {
|
| + extensions::SocketPermission::CheckParam check_params(
|
| + params->type, params->host, params->port);
|
| + if (permissions_data->CheckAPIPermissionWithParam(
|
| + extensions::APIPermission::kSocket, &check_params)) {
|
| + return true;
|
| + }
|
| + } else if (permissions_data->HasAPIPermission(
|
| + extensions::APIPermission::kSocket)) {
|
| + return true;
|
| + }
|
| + }
|
| + }
|
| + }
|
| +
|
| + // Allow both public and private APIs if the command line says so.
|
| + return chrome::IsHostAllowedByCommandLine(
|
| + url, extension_set, ::switches::kAllowNaClSocketAPI);
|
| +}
|
| +
|
| +bool ChromeContentBrowserClientPluginsPart::IsPluginAllowedToUseDevChannelAPIs(
|
| + content::BrowserContext* browser_context,
|
| + const GURL& url) {
|
| + const extensions::ExtensionSet* extension_set = NULL;
|
| + const ExtensionService* ext_service =
|
| + extensions::ExtensionSystem::Get(browser_context)->extension_service();
|
| + if (ext_service) {
|
| + extension_set = ext_service->extensions();
|
| + }
|
| +
|
| + // Allow access for whitelisted applications.
|
| + if (chrome::IsExtensionOrSharedModuleWhitelisted(
|
| + url, extension_set, allowed_dev_channel_origins_)) {
|
| + return true;
|
| + }
|
| +
|
| + chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
|
| + // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
|
| + // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
|
| + // Chromium builds as well.
|
| + return channel <= chrome::VersionInfo::CHANNEL_DEV;
|
| +}
|
| +
|
| +} // namespace plugins
|
|
|
Chromium Code Reviews
Issue 591063003:
Split ChromeContentBrowserClient into smaller parts. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master