| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/chrome_network_delegate.h" | 5 #include "chrome/browser/net/chrome_network_delegate.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "chrome/browser/browser_process.h" | 8 #include "chrome/browser/browser_process.h" |
| 9 #include "chrome/browser/content_settings/cookie_settings.h" | 9 #include "chrome/browser/content_settings/cookie_settings.h" |
| 10 #include "chrome/browser/content_settings/tab_specific_content_settings.h" | 10 #include "chrome/browser/content_settings/tab_specific_content_settings.h" |
| (...skipping 11 matching lines...) Expand all Loading... |
| 22 #include "content/public/browser/render_view_host.h" | 22 #include "content/public/browser/render_view_host.h" |
| 23 #include "content/public/browser/resource_request_info.h" | 23 #include "content/public/browser/resource_request_info.h" |
| 24 #include "net/base/host_port_pair.h" | 24 #include "net/base/host_port_pair.h" |
| 25 #include "net/base/net_errors.h" | 25 #include "net/base/net_errors.h" |
| 26 #include "net/base/net_log.h" | 26 #include "net/base/net_log.h" |
| 27 #include "net/cookies/cookie_monster.h" | 27 #include "net/cookies/cookie_monster.h" |
| 28 #include "net/http/http_request_headers.h" | 28 #include "net/http/http_request_headers.h" |
| 29 #include "net/http/http_response_headers.h" | 29 #include "net/http/http_response_headers.h" |
| 30 #include "net/url_request/url_request.h" | 30 #include "net/url_request/url_request.h" |
| 31 | 31 |
| 32 #if defined(OS_CHROMEOS) |
| 33 #include "base/chromeos/chromeos_version.h" |
| 34 #endif |
| 35 |
| 32 #if defined(ENABLE_CONFIGURATION_POLICY) | 36 #if defined(ENABLE_CONFIGURATION_POLICY) |
| 33 #include "chrome/browser/policy/url_blacklist_manager.h" | 37 #include "chrome/browser/policy/url_blacklist_manager.h" |
| 34 #endif | 38 #endif |
| 35 | 39 |
| 36 using content::BrowserThread; | 40 using content::BrowserThread; |
| 37 using content::RenderViewHost; | 41 using content::RenderViewHost; |
| 38 using content::ResourceRequestInfo; | 42 using content::ResourceRequestInfo; |
| 39 | 43 |
| 44 // By default we don't allow access to all file:// urls on ChromeOS but we do on |
| 45 // other platforms. |
| 46 #if defined(OS_CHROMEOS) |
| 47 bool ChromeNetworkDelegate::g_allow_file_access_ = false; |
| 48 #else |
| 49 bool ChromeNetworkDelegate::g_allow_file_access_ = true; |
| 50 #endif |
| 51 |
| 40 namespace { | 52 namespace { |
| 41 | 53 |
| 42 // If the |request| failed due to problems with a proxy, forward the error to | 54 // If the |request| failed due to problems with a proxy, forward the error to |
| 43 // the proxy extension API. | 55 // the proxy extension API. |
| 44 void ForwardProxyErrors(net::URLRequest* request, | 56 void ForwardProxyErrors(net::URLRequest* request, |
| 45 ExtensionEventRouterForwarder* event_router, | 57 ExtensionEventRouterForwarder* event_router, |
| 46 void* profile) { | 58 void* profile) { |
| 47 if (request->status().status() == net::URLRequestStatus::FAILED) { | 59 if (request->status().status() == net::URLRequestStatus::FAILED) { |
| 48 switch (request->status().error()) { | 60 switch (request->status().error()) { |
| 49 case net::ERR_PROXY_AUTH_UNSUPPORTED: | 61 case net::ERR_PROXY_AUTH_UNSUPPORTED: |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 127 | 139 |
| 128 // static | 140 // static |
| 129 void ChromeNetworkDelegate::InitializeReferrersEnabled( | 141 void ChromeNetworkDelegate::InitializeReferrersEnabled( |
| 130 BooleanPrefMember* enable_referrers, | 142 BooleanPrefMember* enable_referrers, |
| 131 PrefService* pref_service) { | 143 PrefService* pref_service) { |
| 132 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 144 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 133 enable_referrers->Init(prefs::kEnableReferrers, pref_service, NULL); | 145 enable_referrers->Init(prefs::kEnableReferrers, pref_service, NULL); |
| 134 enable_referrers->MoveToThread(BrowserThread::IO); | 146 enable_referrers->MoveToThread(BrowserThread::IO); |
| 135 } | 147 } |
| 136 | 148 |
| 149 // static |
| 150 void ChromeNetworkDelegate::AllowAccessToAllFiles() { |
| 151 g_allow_file_access_ = true; |
| 152 } |
| 153 |
| 137 int ChromeNetworkDelegate::OnBeforeURLRequest( | 154 int ChromeNetworkDelegate::OnBeforeURLRequest( |
| 138 net::URLRequest* request, | 155 net::URLRequest* request, |
| 139 const net::CompletionCallback& callback, | 156 const net::CompletionCallback& callback, |
| 140 GURL* new_url) { | 157 GURL* new_url) { |
| 141 #if defined(ENABLE_CONFIGURATION_POLICY) | 158 #if defined(ENABLE_CONFIGURATION_POLICY) |
| 142 // TODO(joaodasilva): This prevents extensions from seeing URLs that are | 159 // TODO(joaodasilva): This prevents extensions from seeing URLs that are |
| 143 // blocked. However, an extension might redirect the request to another URL, | 160 // blocked. However, an extension might redirect the request to another URL, |
| 144 // which is not blocked. | 161 // which is not blocked. |
| 145 if (url_blacklist_manager_ && | 162 if (url_blacklist_manager_ && |
| 146 url_blacklist_manager_->IsURLBlocked(request->url())) { | 163 url_blacklist_manager_->IsURLBlocked(request->url())) { |
| (...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 244 ChromeNetworkDelegate::OnAuthRequired( | 261 ChromeNetworkDelegate::OnAuthRequired( |
| 245 net::URLRequest* request, | 262 net::URLRequest* request, |
| 246 const net::AuthChallengeInfo& auth_info, | 263 const net::AuthChallengeInfo& auth_info, |
| 247 const AuthCallback& callback, | 264 const AuthCallback& callback, |
| 248 net::AuthCredentials* credentials) { | 265 net::AuthCredentials* credentials) { |
| 249 return ExtensionWebRequestEventRouter::GetInstance()->OnAuthRequired( | 266 return ExtensionWebRequestEventRouter::GetInstance()->OnAuthRequired( |
| 250 profile_, extension_info_map_.get(), request, auth_info, | 267 profile_, extension_info_map_.get(), request, auth_info, |
| 251 callback, credentials); | 268 callback, credentials); |
| 252 } | 269 } |
| 253 | 270 |
| 254 bool ChromeNetworkDelegate::CanGetCookies( | 271 bool ChromeNetworkDelegate::OnCanGetCookies( |
| 255 const net::URLRequest* request, | 272 const net::URLRequest& request, |
| 256 const net::CookieList& cookie_list) { | 273 const net::CookieList& cookie_list) { |
| 257 // NULL during tests, or when we're running in the system context. | 274 // NULL during tests, or when we're running in the system context. |
| 258 if (!cookie_settings_) | 275 if (!cookie_settings_) |
| 259 return true; | 276 return true; |
| 260 | 277 |
| 261 bool allow = cookie_settings_->IsReadingCookieAllowed( | 278 bool allow = cookie_settings_->IsReadingCookieAllowed( |
| 262 request->url(), request->first_party_for_cookies()); | 279 request.url(), request.first_party_for_cookies()); |
| 263 | 280 |
| 264 int render_process_id = -1; | 281 int render_process_id = -1; |
| 265 int render_view_id = -1; | 282 int render_view_id = -1; |
| 266 if (content::ResourceRequestInfo::GetRenderViewForRequest( | 283 if (content::ResourceRequestInfo::GetRenderViewForRequest( |
| 267 request, &render_process_id, &render_view_id)) { | 284 &request, &render_process_id, &render_view_id)) { |
| 268 BrowserThread::PostTask( | 285 BrowserThread::PostTask( |
| 269 BrowserThread::UI, FROM_HERE, | 286 BrowserThread::UI, FROM_HERE, |
| 270 base::Bind(&TabSpecificContentSettings::CookiesRead, | 287 base::Bind(&TabSpecificContentSettings::CookiesRead, |
| 271 render_process_id, render_view_id, | 288 render_process_id, render_view_id, |
| 272 request->url(), request->first_party_for_cookies(), | 289 request.url(), request.first_party_for_cookies(), |
| 273 cookie_list, !allow)); | 290 cookie_list, !allow)); |
| 274 } | 291 } |
| 275 | 292 |
| 276 return allow; | 293 return allow; |
| 277 } | 294 } |
| 278 | 295 |
| 279 bool ChromeNetworkDelegate::CanSetCookie( | 296 bool ChromeNetworkDelegate::OnCanSetCookie(const net::URLRequest& request, |
| 280 const net::URLRequest* request, | 297 const std::string& cookie_line, |
| 281 const std::string& cookie_line, | 298 net::CookieOptions* options) { |
| 282 net::CookieOptions* options) { | |
| 283 // NULL during tests, or when we're running in the system context. | 299 // NULL during tests, or when we're running in the system context. |
| 284 if (!cookie_settings_) | 300 if (!cookie_settings_) |
| 285 return true; | 301 return true; |
| 286 | 302 |
| 287 bool allow = cookie_settings_->IsSettingCookieAllowed( | 303 bool allow = cookie_settings_->IsSettingCookieAllowed( |
| 288 request->url(), request->first_party_for_cookies()); | 304 request.url(), request.first_party_for_cookies()); |
| 289 | 305 |
| 290 if (cookie_settings_->IsCookieSessionOnly(request->url())) | 306 if (cookie_settings_->IsCookieSessionOnly(request.url())) |
| 291 options->set_force_session(); | 307 options->set_force_session(); |
| 292 | 308 |
| 293 int render_process_id = -1; | 309 int render_process_id = -1; |
| 294 int render_view_id = -1; | 310 int render_view_id = -1; |
| 295 if (content::ResourceRequestInfo::GetRenderViewForRequest( | 311 if (content::ResourceRequestInfo::GetRenderViewForRequest( |
| 296 request, &render_process_id, &render_view_id)) { | 312 &request, &render_process_id, &render_view_id)) { |
| 297 BrowserThread::PostTask( | 313 BrowserThread::PostTask( |
| 298 BrowserThread::UI, FROM_HERE, | 314 BrowserThread::UI, FROM_HERE, |
| 299 base::Bind(&TabSpecificContentSettings::CookieChanged, | 315 base::Bind(&TabSpecificContentSettings::CookieChanged, |
| 300 render_process_id, render_view_id, | 316 render_process_id, render_view_id, |
| 301 request->url(), request->first_party_for_cookies(), | 317 request.url(), request.first_party_for_cookies(), |
| 302 cookie_line, *options, !allow)); | 318 cookie_line, *options, !allow)); |
| 303 } | 319 } |
| 304 | 320 |
| 305 return allow; | 321 return allow; |
| 306 } | 322 } |
| 323 |
| 324 bool ChromeNetworkDelegate::OnCanAccessFile(const net::URLRequest& request, |
| 325 const FilePath& path) const { |
| 326 if (g_allow_file_access_) |
| 327 return true; |
| 328 |
| 329 #if defined(OS_CHROMEOS) |
| 330 // ChromeOS uses a whitelist to only allow access to files residing in the |
| 331 // list of directories below. |
| 332 static const char* const kLocalAccessWhiteList[] = { |
| 333 "/home/chronos/user/Downloads", |
| 334 "/home/chronos/user/log", |
| 335 "/media", |
| 336 "/opt/oem", |
| 337 "/usr/share/chromeos-assets", |
| 338 "/tmp", |
| 339 "/var/log", |
| 340 }; |
| 341 |
| 342 // If we're running Chrome for ChromeOS on Linux, we want to allow file |
| 343 // access. |
| 344 if (!base::chromeos::IsRunningOnChromeOS()) |
| 345 return true; |
| 346 |
| 347 for (size_t i = 0; i < arraysize(kLocalAccessWhiteList); ++i) { |
| 348 const FilePath white_listed_path(kLocalAccessWhiteList[i]); |
| 349 // FilePath::operator== should probably handle trailing separators. |
| 350 if (white_listed_path == path.StripTrailingSeparators() || |
| 351 white_listed_path.IsParent(path)) { |
| 352 return true; |
| 353 } |
| 354 } |
| 355 return false; |
| 356 #else |
| 357 return true; |
| 358 #endif // defined(OS_CHROMEOS) |
| 359 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10068021:
Fix file access on Chrome for ChromeOS on Linux (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src