| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/chrome_render_view_observer.h" | 5 #include "chrome/renderer/chrome_render_view_observer.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/debug/trace_event.h" | 10 #include "base/debug/trace_event.h" |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 63 using WebKit::WebIconURL; | 63 using WebKit::WebIconURL; |
| 64 using WebKit::WebRect; | 64 using WebKit::WebRect; |
| 65 using WebKit::WebSecurityOrigin; | 65 using WebKit::WebSecurityOrigin; |
| 66 using WebKit::WebSize; | 66 using WebKit::WebSize; |
| 67 using WebKit::WebString; | 67 using WebKit::WebString; |
| 68 using WebKit::WebTouchEvent; | 68 using WebKit::WebTouchEvent; |
| 69 using WebKit::WebURL; | 69 using WebKit::WebURL; |
| 70 using WebKit::WebURLRequest; | 70 using WebKit::WebURLRequest; |
| 71 using WebKit::WebView; | 71 using WebKit::WebView; |
| 72 using WebKit::WebVector; | 72 using WebKit::WebVector; |
| 73 using extensions::APIPermission; |
| 73 using webkit_glue::ImageResourceFetcher; | 74 using webkit_glue::ImageResourceFetcher; |
| 74 | 75 |
| 75 // Delay in milliseconds that we'll wait before capturing the page contents | 76 // Delay in milliseconds that we'll wait before capturing the page contents |
| 76 // and thumbnail. | 77 // and thumbnail. |
| 77 static const int kDelayForCaptureMs = 500; | 78 static const int kDelayForCaptureMs = 500; |
| 78 | 79 |
| 79 // Typically, we capture the page data once the page is loaded. | 80 // Typically, we capture the page data once the page is loaded. |
| 80 // Sometimes, the page never finishes to load, preventing the page capture | 81 // Sometimes, the page never finishes to load, preventing the page capture |
| 81 // To workaround this problem, we always perform a capture after the following | 82 // To workaround this problem, we always perform a capture after the following |
| 82 // delay. | 83 // delay. |
| (...skipping 392 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 475 | 476 |
| 476 bool ChromeRenderViewObserver::allowWriteToClipboard(WebFrame* frame, | 477 bool ChromeRenderViewObserver::allowWriteToClipboard(WebFrame* frame, |
| 477 bool default_value) { | 478 bool default_value) { |
| 478 bool allowed = false; | 479 bool allowed = false; |
| 479 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( | 480 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( |
| 480 routing_id(), GURL(frame->document().securityOrigin().toString().utf8()), | 481 routing_id(), GURL(frame->document().securityOrigin().toString().utf8()), |
| 481 &allowed)); | 482 &allowed)); |
| 482 return allowed; | 483 return allowed; |
| 483 } | 484 } |
| 484 | 485 |
| 485 bool ChromeRenderViewObserver::IsExperimentalWebFeatureAllowed( | 486 bool ChromeRenderViewObserver::HasExtensionPermission( |
| 486 const WebDocument& document) { | 487 const WebSecurityOrigin& origin, APIPermission::ID permission) const { |
| 487 // Experimental Web API is enabled when | 488 if (!EqualsASCII(origin.protocol(), chrome::kExtensionScheme)) |
| 488 // - The specific API is allowed from command line flag, or | 489 return false; |
| 489 // - If the document is running extensions or apps which | 490 |
| 490 // has the "experimental" permission, or | 491 const std::string extension_id = origin.host().utf8().data(); |
| 491 // - The document is running Web UI. | 492 if (!extension_dispatcher_->IsExtensionActive(extension_id)) |
| 492 WebSecurityOrigin origin = document.securityOrigin(); | 493 return false; |
| 493 if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme)) | 494 |
| 494 return true; | |
| 495 const extensions::Extension* extension = | 495 const extensions::Extension* extension = |
| 496 extension_dispatcher_->extensions()->GetExtensionOrAppByURL( | 496 extension_dispatcher_->extensions()->GetByID(extension_id); |
| 497 ExtensionURLInfo(origin, document.url())); | |
| 498 if (!extension) | 497 if (!extension) |
| 499 return false; | 498 return false; |
| 500 return (extension_dispatcher_->IsExtensionActive(extension->id()) && | 499 |
| 501 extension->HasAPIPermission( | 500 return extension->HasAPIPermission(permission); |
| 502 extensions::APIPermission::kExperimental)); | |
| 503 } | 501 } |
| 504 | 502 |
| 505 bool ChromeRenderViewObserver::allowWebComponents(const WebDocument& document, | 503 bool ChromeRenderViewObserver::allowWebComponents(const WebDocument& document, |
| 506 bool defaultValue) { | 504 bool defaultValue) { |
| 507 if (defaultValue) | 505 if (defaultValue) |
| 508 return true; | 506 return true; |
| 509 return IsExperimentalWebFeatureAllowed(document); | 507 |
| 508 WebSecurityOrigin origin = document.securityOrigin(); |
| 509 if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme)) |
| 510 return true; |
| 511 |
| 512 // The <browser> tag is implemented via Shadow DOM. |
| 513 if (HasExtensionPermission(origin, APIPermission::kBrowserTag)) |
| 514 return true; |
| 515 |
| 516 if (HasExtensionPermission(origin, APIPermission::kExperimental)) |
| 517 return true; |
| 518 |
| 519 return false; |
| 510 } | 520 } |
| 511 | 521 |
| 512 static void SendInsecureContentSignal(int signal) { | 522 static void SendInsecureContentSignal(int signal) { |
| 513 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, | 523 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, |
| 514 INSECURE_CONTENT_NUM_EVENTS); | 524 INSECURE_CONTENT_NUM_EVENTS); |
| 515 } | 525 } |
| 516 | 526 |
| 517 bool ChromeRenderViewObserver::allowDisplayingInsecureContent( | 527 bool ChromeRenderViewObserver::allowDisplayingInsecureContent( |
| 518 WebKit::WebFrame* frame, | 528 WebKit::WebFrame* frame, |
| 519 bool allowed_per_settings, | 529 bool allowed_per_settings, |
| (...skipping 553 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1073 reinterpret_cast<const unsigned char*>(&data[0]); | 1083 reinterpret_cast<const unsigned char*>(&data[0]); |
| 1074 | 1084 |
| 1075 return decoder.Decode(src_data, data.size()); | 1085 return decoder.Decode(src_data, data.size()); |
| 1076 } | 1086 } |
| 1077 return SkBitmap(); | 1087 return SkBitmap(); |
| 1078 } | 1088 } |
| 1079 | 1089 |
| 1080 bool ChromeRenderViewObserver::IsStrictSecurityHost(const std::string& host) { | 1090 bool ChromeRenderViewObserver::IsStrictSecurityHost(const std::string& host) { |
| 1081 return (strict_security_hosts_.find(host) != strict_security_hosts_.end()); | 1091 return (strict_security_hosts_.find(host) != strict_security_hosts_.end()); |
| 1082 } | 1092 } |
| OLD | NEW |
|---|
Chromium Code Reviews
