Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(95)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: extensions/renderer/user_script_injector.cc

Issue 959413003: Implement <webview>.addContentScript/removeContentScript API [1] (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Add a test for the lifetime of content scripts. Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« extensions/renderer/resources/guest_view/web_view/web_view_api_methods.js ('K') | « extensions/renderer/resources/guest_view/web_view/web_view_api_methods.js ('k') | extensions/renderer/user_script_set_manager.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: extensions/renderer/user_script_injector.cc
diff --git a/extensions/renderer/user_script_injector.cc b/extensions/renderer/user_script_injector.cc
index 5a42ffa71b03f1a26c0d1fda54ff0427c341471c..59d8c36dac5f9dc10b4edc4981ccda5a8bc0bd80 100644
--- a/extensions/renderer/user_script_injector.cc
+++ b/extensions/renderer/user_script_injector.cc
@@ -8,8 +8,10 @@
#include "base/lazy_instance.h"
#include "content/public/common/url_constants.h"
+#include "content/public/renderer/render_thread.h"
#include "content/public/renderer/render_view.h"
#include "extensions/common/extension.h"
+#include "extensions/common/guest_view/guest_view_messages.h"
#include "extensions/common/permissions/permissions_data.h"
#include "extensions/renderer/injection_host.h"
#include "extensions/renderer/script_context.h"
@@ -25,11 +27,42 @@ namespace extensions {
namespace {
+struct RoutingInfoKey {
+ int routing_id;
+ int script_id;
+
+ RoutingInfoKey(int routing_id, int script_id) {
+ this->routing_id = routing_id;
Devlin 2015/04/13 19:21:48 no need for "this"
Xi Han 2015/04/14 19:05:52 Updated.
+ this->script_id = script_id;
+ }
+
+ bool operator<(const RoutingInfoKey& other) const {
+ if (routing_id != other.routing_id)
+ return routing_id < other.routing_id;
+
+ if (script_id != other.script_id)
+ return script_id < other.script_id;
+ return false; // keys are equal.
+ }
+};
+
+using RoutingInfoMap = std::map<RoutingInfoKey, bool>;
+
// These two strings are injected before and after the Greasemonkey API and
// user script to wrap it in an anonymous scope.
const char kUserScriptHead[] = "(function (unsafeWindow) {\n";
const char kUserScriptTail[] = "\n})(window);";
+// A map records whether a given |script_id| from a webview-added user script
+// is allowed to inject on the render of given |routing_id|.
+// Once a script is added, the decision of whether or not allowed to inject
+// won't be changed.
+// Even if the script is removed by the webview, the user scipt will be removed
+// from the render as well. Therefore, there won't be any query from this
+// removed |script_id| and |routing_id| pair.
+base::LazyInstance<RoutingInfoMap> g_routing_info_map =
+ LAZY_INSTANCE_INITIALIZER;
+
// Greasemonkey API source that is injected with the scripts.
struct GreasemonkeyApiJsString {
GreasemonkeyApiJsString();
@@ -131,17 +164,35 @@ PermissionsData::AccessType UserScriptInjector::CanExecuteOnFrame(
web_frame, web_frame->document().url(), script_->match_about_blank());
PermissionsData::AccessType can_execute = injection_host->CanExecuteOnFrame(
effective_document_url, top_url, tab_id, is_declarative_);
-
if (script_->consumer_instance_type() !=
- UserScript::ConsumerInstanceType::WEBVIEW ||
+ UserScript::ConsumerInstanceType::WEBVIEW ||
can_execute == PermissionsData::ACCESS_DENIED)
return can_execute;
int routing_id = content::RenderView::FromWebView(web_frame->top()->view())
->GetRoutingID();
- return script_->routing_info().render_view_id == routing_id
- ? PermissionsData::ACCESS_ALLOWED
- : PermissionsData::ACCESS_DENIED;
+
+ RoutingInfoKey key(routing_id, script_->id());
+
+ RoutingInfoMap& map = g_routing_info_map.Get();
+ auto iter = map.find(key);
+
+ bool allowed = false;
+ if (iter != map.end()) {
+ allowed = iter->second;
+ } else {
+ // Send a SYNC IPC message to the browser to check if this is allowed. This
+ // is not ideal, but is mitigated by the fact that this is only done for
+ // webviews, and then only once per host.
+ // TODO(hanxi): Find a more efficient way to do this.
+ content::RenderThread::Get()->Send(
+ new GuestViewHostMsg_CanExecuteContentScriptSync(
+ routing_id, script_->id(), &allowed));
+ map.insert(std::pair<RoutingInfoKey, bool>(key, allowed));
+ }
+
+ return allowed ? PermissionsData::ACCESS_ALLOWED
+ : PermissionsData::ACCESS_DENIED;
}
std::vector<blink::WebScriptSource> UserScriptInjector::GetJsSources(
« extensions/renderer/resources/guest_view/web_view/web_view_api_methods.js ('K') | « extensions/renderer/resources/guest_view/web_view/web_view_api_methods.js ('k') | extensions/renderer/user_script_set_manager.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698