OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "extensions/browser/guest_view/extension_view/extension_view_guest.h" | 5 #include "extensions/browser/guest_view/extension_view/extension_view_guest.h" |
6 | 6 |
7 #include "base/metrics/user_metrics.h" | 7 #include "base/metrics/user_metrics.h" |
8 #include "components/crx_file/id_util.h" | |
9 #include "content/public/browser/child_process_security_policy.h" | |
8 #include "content/public/browser/render_process_host.h" | 10 #include "content/public/browser/render_process_host.h" |
9 #include "content/public/common/result_codes.h" | 11 #include "content/public/common/result_codes.h" |
10 #include "extensions/browser/api/extensions_api_client.h" | 12 #include "extensions/browser/api/extensions_api_client.h" |
11 #include "extensions/browser/guest_view/extension_view/extension_view_constants. h" | 13 #include "extensions/browser/guest_view/extension_view/extension_view_constants. h" |
12 #include "extensions/common/constants.h" | 14 #include "extensions/common/constants.h" |
13 #include "extensions/common/extension_messages.h" | 15 #include "extensions/common/extension_messages.h" |
14 #include "extensions/strings/grit/extensions_strings.h" | 16 #include "extensions/strings/grit/extensions_strings.h" |
17 #include "net/base/net_errors.h" | |
15 | 18 |
16 using content::WebContents; | 19 using content::WebContents; |
17 using namespace extensions::core_api; | 20 using namespace extensions::core_api; |
18 | 21 |
19 namespace extensions { | 22 namespace extensions { |
20 | 23 |
21 // static | 24 // static |
22 const char ExtensionViewGuest::Type[] = "extensionview"; | 25 const char ExtensionViewGuest::Type[] = "extensionview"; |
23 | 26 |
24 ExtensionViewGuest::ExtensionViewGuest( | 27 ExtensionViewGuest::ExtensionViewGuest( |
25 content::WebContents* owner_web_contents) | 28 content::WebContents* owner_web_contents) |
26 : GuestView<ExtensionViewGuest>(owner_web_contents), | 29 : GuestView<ExtensionViewGuest>(owner_web_contents), |
27 extension_view_guest_delegate_( | 30 extension_view_guest_delegate_( |
28 extensions::ExtensionsAPIClient::Get() | 31 extensions::ExtensionsAPIClient::Get() |
29 ->CreateExtensionViewGuestDelegate(this)) { | 32 ->CreateExtensionViewGuestDelegate(this)) { |
30 } | 33 } |
31 | 34 |
32 ExtensionViewGuest::~ExtensionViewGuest() { | 35 ExtensionViewGuest::~ExtensionViewGuest() { |
33 } | 36 } |
34 | 37 |
35 // static | 38 // static |
36 extensions::GuestViewBase* ExtensionViewGuest::Create( | 39 extensions::GuestViewBase* ExtensionViewGuest::Create( |
37 content::WebContents* owner_web_contents) { | 40 content::WebContents* owner_web_contents) { |
38 return new ExtensionViewGuest(owner_web_contents); | 41 return new ExtensionViewGuest(owner_web_contents); |
39 } | 42 } |
40 | 43 |
41 void ExtensionViewGuest::NavigateGuest(const std::string& src, | 44 void ExtensionViewGuest::NavigateGuest(const std::string& src, |
42 bool force_navigation) { | 45 bool force_navigation) { |
43 if (src.empty()) | 46 GURL url = ResolveURL(src); |
47 | |
48 // Do not allow navigating a guest to schemes other than known safe schemes. | |
49 bool scheme_is_blocked = | |
50 (!content::ChildProcessSecurityPolicy::GetInstance()->IsWebSafeScheme( | |
Fady Samuel
2015/02/17 18:48:29
Wow, this works? chrome-extension:// is not a WebS
apacible
2015/02/17 20:07:30
Yeah, it does! I know chrome:// isn't a WebSafeSch
| |
51 url.scheme()) && | |
52 !url.SchemeIs(url::kAboutScheme)) || | |
53 url.SchemeIs(url::kJavaScriptScheme); | |
54 if (scheme_is_blocked || !url.is_valid()) { | |
55 NavigateGuest(url::kAboutBlankURL, true /* force_navigation */); | |
56 return; | |
57 } | |
58 | |
59 if (!force_navigation && (view_page_ == url)) | |
44 return; | 60 return; |
45 | 61 |
46 GURL url(src); | 62 GURL validated_url(url); |
apacible
2015/02/17 18:31:26
WebViewGuest creates a validated_url here, but is
Fady Samuel
2015/02/17 18:48:29
That's probably some old code that didn't get refa
apacible
2015/02/17 20:07:30
Acknowledged.
| |
47 if (!url.is_valid() && !force_navigation && (url == view_page_)) | 63 web_contents()->GetRenderProcessHost()->FilterURL(false, &validated_url); |
48 return; | 64 web_contents()->GetController().LoadURL(validated_url, content::Referrer(), |
49 | |
50 web_contents()->GetRenderProcessHost()->FilterURL(false, &url); | |
51 web_contents()->GetController().LoadURL(url, content::Referrer(), | |
52 ui::PAGE_TRANSITION_AUTO_TOPLEVEL, | 65 ui::PAGE_TRANSITION_AUTO_TOPLEVEL, |
53 std::string()); | 66 std::string()); |
54 | 67 |
55 view_page_ = url; | 68 view_page_ = validated_url; |
56 } | 69 } |
57 | 70 |
58 // GuestViewBase implementation. | 71 // GuestViewBase implementation. |
59 bool ExtensionViewGuest::CanRunInDetachedState() const { | 72 bool ExtensionViewGuest::CanRunInDetachedState() const { |
60 return true; | 73 return true; |
61 } | 74 } |
62 | 75 |
63 void ExtensionViewGuest::CreateWebContents( | 76 void ExtensionViewGuest::CreateWebContents( |
64 const base::DictionaryValue& create_params, | 77 const base::DictionaryValue& create_params, |
65 const WebContentsCreatedCallback& callback) { | 78 const WebContentsCreatedCallback& callback) { |
66 std::string str; | 79 // Gets the extension ID. |
67 if (!create_params.GetString(extensionview::kAttributeSrc, &str)) { | 80 create_params.GetString(extensionview::kAttributeExtension, &extension_id_); |
81 | |
82 if (!crx_file::id_util::IdIsValid(extension_id_)) { | |
68 callback.Run(nullptr); | 83 callback.Run(nullptr); |
69 return; | 84 return; |
70 } | 85 } |
71 | 86 |
72 GURL source(str); | 87 // Gets the extension URL. |
73 if (!source.is_valid()) { | 88 extension_url_ = |
89 extensions::Extension::GetBaseURLFromExtensionId(extension_id_); | |
90 | |
91 if (!extension_url_.is_valid()) { | |
92 callback.Run(nullptr); | |
93 return; | |
94 } | |
95 | |
96 // Get the src to build URL to render. | |
97 std::string src; | |
98 if (!create_params.GetString(extensionview::kAttributeSrc, &src)) { | |
74 callback.Run(nullptr); | 99 callback.Run(nullptr); |
75 return; | 100 return; |
76 } | 101 } |
77 | 102 |
78 content::SiteInstance* view_site_instance = | 103 content::SiteInstance* view_site_instance = |
79 content::SiteInstance::CreateForURL(browser_context(), source); | 104 content::SiteInstance::CreateForURL(browser_context(), |
105 extension_url_); | |
80 | 106 |
81 WebContents::CreateParams params(browser_context(), view_site_instance); | 107 WebContents::CreateParams params(browser_context(), view_site_instance); |
82 params.guest_delegate = this; | 108 params.guest_delegate = this; |
83 callback.Run(WebContents::Create(params)); | 109 callback.Run(WebContents::Create(params)); |
84 } | 110 } |
85 | 111 |
86 void ExtensionViewGuest::DidInitialize( | 112 void ExtensionViewGuest::DidInitialize( |
87 const base::DictionaryValue& create_params) { | 113 const base::DictionaryValue& create_params) { |
88 extension_function_dispatcher_.reset( | 114 extension_function_dispatcher_.reset( |
89 new extensions::ExtensionFunctionDispatcher(browser_context(), this)); | 115 new extensions::ExtensionFunctionDispatcher(browser_context(), this)); |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
122 extension_function_dispatcher_->Dispatch(params, | 148 extension_function_dispatcher_->Dispatch(params, |
123 web_contents()->GetRenderViewHost()); | 149 web_contents()->GetRenderViewHost()); |
124 } | 150 } |
125 | 151 |
126 void ExtensionViewGuest::ApplyAttributes(const base::DictionaryValue& params) { | 152 void ExtensionViewGuest::ApplyAttributes(const base::DictionaryValue& params) { |
127 std::string src; | 153 std::string src; |
128 params.GetString(extensionview::kAttributeSrc, &src); | 154 params.GetString(extensionview::kAttributeSrc, &src); |
129 NavigateGuest(src, false /* force_navigation */); | 155 NavigateGuest(src, false /* force_navigation */); |
130 } | 156 } |
131 | 157 |
158 GURL ExtensionViewGuest::ResolveURL(const std::string& src) { | |
159 if (src.empty()) | |
160 return GURL(); | |
161 | |
162 GURL default_url(base::StringPrintf("%s://%s/%s", | |
Fady Samuel
2015/02/17 18:48:29
This doesn't seem necessary to me.
return extensi
apacible
2015/02/17 20:07:30
Done, added inline.
| |
163 kExtensionScheme, | |
164 extension_id_.c_str(), | |
165 src.c_str())); | |
166 | |
167 return default_url.Resolve(src); | |
168 } | |
169 | |
132 } // namespace extensions | 170 } // namespace extensions |
OLD | NEW |