Chromium Code Reviews Chromium Code Reviews
Issue 922403002:
[Extensions] Adjust script injection reporting to the browser side (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/renderer/script_injection.h" | 5 #include "extensions/renderer/script_injection.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 | 8 |
| 9 #include "base/lazy_instance.h" | 9 #include "base/lazy_instance.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/timer/elapsed_timer.h" | 11 #include "base/timer/elapsed_timer.h" |
| 12 #include "base/values.h" | 12 #include "base/values.h" |
| 13 #include "content/public/child/v8_value_converter.h" | 13 #include "content/public/child/v8_value_converter.h" |
| 14 #include "content/public/renderer/render_view.h" | 14 #include "content/public/renderer/render_view.h" |
| 15 #include "extensions/common/extension.h" | 15 #include "extensions/common/extension.h" |
| 16 #include "extensions/common/extension_messages.h" | 16 #include "extensions/common/extension_messages.h" |
| 17 #include "extensions/common/feature_switch.h" | |
| 18 #include "extensions/common/manifest_handlers/csp_info.h" | 17 #include "extensions/common/manifest_handlers/csp_info.h" |
| 19 #include "extensions/renderer/dom_activity_logger.h" | 18 #include "extensions/renderer/dom_activity_logger.h" |
| 20 #include "extensions/renderer/extension_groups.h" | 19 #include "extensions/renderer/extension_groups.h" |
| 21 #include "extensions/renderer/extensions_renderer_client.h" | 20 #include "extensions/renderer/extensions_renderer_client.h" |
| 22 #include "third_party/WebKit/public/platform/WebString.h" | 21 #include "third_party/WebKit/public/platform/WebString.h" |
| 23 #include "third_party/WebKit/public/web/WebDocument.h" | 22 #include "third_party/WebKit/public/web/WebDocument.h" |
| 24 #include "third_party/WebKit/public/web/WebLocalFrame.h" | 23 #include "third_party/WebKit/public/web/WebLocalFrame.h" |
| 25 #include "third_party/WebKit/public/web/WebScopedUserGesture.h" | 24 #include "third_party/WebKit/public/web/WebScopedUserGesture.h" |
| 26 #include "third_party/WebKit/public/web/WebScriptSource.h" | 25 #include "third_party/WebKit/public/web/WebScriptSource.h" |
| 27 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" | 26 #include "third_party/WebKit/public/web/WebSecurityOrigin.h" |
| 28 #include "url/gurl.h" | 27 #include "url/gurl.h" |
| 29 | 28 |
| 30 namespace extensions { | 29 namespace extensions { |
| 31 | 30 |
| 32 namespace { | 31 namespace { |
| 33 | 32 |
| 34 typedef std::map<std::string, int> IsolatedWorldMap; | 33 typedef std::map<std::string, int> IsolatedWorldMap; |
| 35 base::LazyInstance<IsolatedWorldMap> g_isolated_worlds = | 34 base::LazyInstance<IsolatedWorldMap> g_isolated_worlds = |
| 36 LAZY_INSTANCE_INITIALIZER; | 35 LAZY_INSTANCE_INITIALIZER; |
| 37 | 36 |
| 38 const int64 kInvalidRequestId = -1; | 37 const int64 kInvalidRequestId = -1; |
| 39 | 38 |
| 40 // The id of the next pending injection. | 39 // The id of the next pending injection. |
| 41 int64 g_next_pending_id = 0; | 40 int64 g_next_pending_id = 0; |
| 42 | 41 |
| 43 bool ShouldNotifyBrowserOfInjections() { | |
| 44 return !FeatureSwitch::scripts_require_action()->IsEnabled(); | |
| 45 } | |
| 46 | |
| 47 // Append all the child frames of |parent_frame| to |frames_vector|. | 42 // Append all the child frames of |parent_frame| to |frames_vector|. |
| 48 void AppendAllChildFrames(blink::WebFrame* parent_frame, | 43 void AppendAllChildFrames(blink::WebFrame* parent_frame, |
| 49 std::vector<blink::WebFrame*>* frames_vector) { | 44 std::vector<blink::WebFrame*>* frames_vector) { |
| 50 DCHECK(parent_frame); | 45 DCHECK(parent_frame); |
| 51 for (blink::WebFrame* child_frame = parent_frame->firstChild(); child_frame; | 46 for (blink::WebFrame* child_frame = parent_frame->firstChild(); child_frame; |
| 52 child_frame = child_frame->nextSibling()) { | 47 child_frame = child_frame->nextSibling()) { |
| 53 frames_vector->push_back(child_frame); | 48 frames_vector->push_back(child_frame); |
| 54 AppendAllChildFrames(child_frame, frames_vector); | 49 AppendAllChildFrames(child_frame, frames_vector); |
| 55 } | 50 } |
| 56 } | 51 } |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 145 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); | 140 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); |
| 146 return true; // We're done. | 141 return true; // We're done. |
| 147 } | 142 } |
| 148 | 143 |
| 149 switch (injector_->CanExecuteOnFrame( | 144 switch (injector_->CanExecuteOnFrame( |
| 150 extension, web_frame_, tab_id_, web_frame_->top()->document().url())) { | 145 extension, web_frame_, tab_id_, web_frame_->top()->document().url())) { |
| 151 case PermissionsData::ACCESS_DENIED: | 146 case PermissionsData::ACCESS_DENIED: |
| 152 NotifyWillNotInject(ScriptInjector::NOT_ALLOWED); | 147 NotifyWillNotInject(ScriptInjector::NOT_ALLOWED); |
| 153 return true; // We're done. | 148 return true; // We're done. |
| 154 case PermissionsData::ACCESS_WITHHELD: | 149 case PermissionsData::ACCESS_WITHHELD: |
| 155 RequestPermission(); | 150 SendInjectionMessage(true /* request permission */); |
| 156 return false; // Wait around for permission. | 151 return false; // Wait around for permission. |
| 157 case PermissionsData::ACCESS_ALLOWED: | 152 case PermissionsData::ACCESS_ALLOWED: |
| 158 Inject(extension, scripts_run_info); | 153 Inject(extension, scripts_run_info); |
| 159 return true; // We're done! | 154 return true; // We're done! |
| 160 } | 155 } |
| 161 | 156 |
| 162 // Some compilers don't realize that we always return from the switch() above. | 157 // Some compilers don't realize that we always return from the switch() above. |
| 163 // Make them happy. | 158 // Make them happy. |
|
not at google - send to devlin
2015/02/13 23:09:32
(btw: not really, it's possible to case any random
Devlin
2015/02/17 21:52:18
Done.
| |
| 164 return false; | 159 return false; |
| 165 } | 160 } |
| 166 | 161 |
| 167 bool ScriptInjection::OnPermissionGranted(const Extension* extension, | 162 bool ScriptInjection::OnPermissionGranted(const Extension* extension, |
| 168 ScriptsRunInfo* scripts_run_info) { | 163 ScriptsRunInfo* scripts_run_info) { |
| 169 if (!extension) { | 164 if (!extension) { |
| 170 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); | 165 NotifyWillNotInject(ScriptInjector::EXTENSION_REMOVED); |
| 171 return false; | 166 return false; |
| 172 } | 167 } |
| 173 | 168 |
| 174 Inject(extension, scripts_run_info); | 169 Inject(extension, scripts_run_info); |
| 175 return true; | 170 return true; |
| 176 } | 171 } |
| 177 | 172 |
| 178 void ScriptInjection::RequestPermission() { | 173 void ScriptInjection::SendInjectionMessage(bool request_permission) { |
| 179 content::RenderView* render_view = | 174 content::RenderView* render_view = |
| 180 content::RenderView::FromWebView(web_frame()->top()->view()); | 175 content::RenderView::FromWebView(web_frame()->top()->view()); |
| 181 | 176 |
| 182 // If we are just notifying the browser of the injection, then send an | 177 // If we are just notifying the browser of the injection, then send an |
| 183 // invalid request (which is treated like a notification). | 178 // invalid request (which is treated like a notification). |
| 184 request_id_ = ShouldNotifyBrowserOfInjections() ? kInvalidRequestId | 179 request_id_ = request_permission ? g_next_pending_id++ : kInvalidRequestId; |
| 185 : g_next_pending_id++; | |
| 186 render_view->Send(new ExtensionHostMsg_RequestScriptInjectionPermission( | 180 render_view->Send(new ExtensionHostMsg_RequestScriptInjectionPermission( |
| 187 render_view->GetRoutingID(), | 181 render_view->GetRoutingID(), |
| 188 extension_id_, | 182 extension_id_, |
| 189 injector_->script_type(), | 183 injector_->script_type(), |
| 190 request_id_)); | 184 request_id_)); |
| 191 } | 185 } |
| 192 | 186 |
| 193 void ScriptInjection::NotifyWillNotInject( | 187 void ScriptInjection::NotifyWillNotInject( |
| 194 ScriptInjector::InjectFailureReason reason) { | 188 ScriptInjector::InjectFailureReason reason) { |
| 195 complete_ = true; | 189 complete_ = true; |
| 196 injector_->OnWillNotInject(reason); | 190 injector_->OnWillNotInject(reason); |
| 197 } | 191 } |
| 198 | 192 |
| 193 void ScriptInjection::NotifyBrowserOfInjection(const Extension* extension) { | |
| 194 // We notify the browser of any injection if the extension has no withheld | |
| 195 // permissions (i.e., the permissions weren't restricted), but would have | |
| 196 // otherwise been affected by the scripts-require-action feature. | |
| 197 if (extension->permissions_data()->withheld_permissions()->IsEmpty() && | |
| 198 PermissionsData::ScriptsMayRequireActionForExtension( | |
| 199 extension, | |
| 200 extension->permissions_data()->active_permissions().get())) { | |
| 201 SendInjectionMessage(false /* don't request permission */); | |
| 202 } | |
| 203 } | |
| 204 | |
| 199 void ScriptInjection::Inject(const Extension* extension, | 205 void ScriptInjection::Inject(const Extension* extension, |
| 200 ScriptsRunInfo* scripts_run_info) { | 206 ScriptsRunInfo* scripts_run_info) { |
| 201 DCHECK(extension); | 207 DCHECK(extension); |
| 202 DCHECK(scripts_run_info); | 208 DCHECK(scripts_run_info); |
| 203 DCHECK(!complete_); | 209 DCHECK(!complete_); |
| 204 | 210 |
| 205 if (ShouldNotifyBrowserOfInjections()) | 211 NotifyBrowserOfInjection(extension); |
| 206 RequestPermission(); | |
| 207 | 212 |
| 208 std::vector<blink::WebFrame*> frame_vector; | 213 std::vector<blink::WebFrame*> frame_vector; |
| 209 frame_vector.push_back(web_frame_); | 214 frame_vector.push_back(web_frame_); |
| 210 if (injector_->ShouldExecuteInChildFrames()) | 215 if (injector_->ShouldExecuteInChildFrames()) |
| 211 AppendAllChildFrames(web_frame_, &frame_vector); | 216 AppendAllChildFrames(web_frame_, &frame_vector); |
| 212 | 217 |
| 213 scoped_ptr<blink::WebScopedUserGesture> gesture; | 218 scoped_ptr<blink::WebScopedUserGesture> gesture; |
| 214 if (injector_->IsUserGesture()) | 219 if (injector_->IsUserGesture()) |
| 215 gesture.reset(new blink::WebScopedUserGesture()); | 220 gesture.reset(new blink::WebScopedUserGesture()); |
| 216 | 221 |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 313 std::vector<std::string> css_sources = | 318 std::vector<std::string> css_sources = |
| 314 injector_->GetCssSources(run_location_); | 319 injector_->GetCssSources(run_location_); |
| 315 for (std::vector<std::string>::const_iterator iter = css_sources.begin(); | 320 for (std::vector<std::string>::const_iterator iter = css_sources.begin(); |
| 316 iter != css_sources.end(); | 321 iter != css_sources.end(); |
| 317 ++iter) { | 322 ++iter) { |
| 318 frame->document().insertStyleSheet(blink::WebString::fromUTF8(*iter)); | 323 frame->document().insertStyleSheet(blink::WebString::fromUTF8(*iter)); |
| 319 } | 324 } |
| 320 } | 325 } |
| 321 | 326 |
| 322 } // namespace extensions | 327 } // namespace extensions |
| OLD | NEW |
