| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 128 #endif | 128 #endif |
| 129 | 129 |
| 130 using content::AccessTokenStore; | 130 using content::AccessTokenStore; |
| 131 using content::BrowserThread; | 131 using content::BrowserThread; |
| 132 using content::BrowserURLHandler; | 132 using content::BrowserURLHandler; |
| 133 using content::ChildProcessSecurityPolicy; | 133 using content::ChildProcessSecurityPolicy; |
| 134 using content::QuotaPermissionContext; | 134 using content::QuotaPermissionContext; |
| 135 using content::RenderViewHost; | 135 using content::RenderViewHost; |
| 136 using content::SiteInstance; | 136 using content::SiteInstance; |
| 137 using content::WebContents; | 137 using content::WebContents; |
| 138 using extensions::APIPermission; |
| 138 using extensions::Extension; | 139 using extensions::Extension; |
| 139 using webkit_glue::WebPreferences; | 140 using webkit_glue::WebPreferences; |
| 140 | 141 |
| 141 namespace { | 142 namespace { |
| 142 | 143 |
| 143 const char* kPredefinedAllowedSocketOrigins[] = { | 144 const char* kPredefinedAllowedSocketOrigins[] = { |
| 144 "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client | 145 "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client |
| 145 "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client) | 146 "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client) |
| 146 "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126 | 147 "bglhmjfplikpjnfoegeomebmfnkjomhe", // see crbug.com/122126 |
| 147 "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop | 148 "gbchcmhmhahfdphkhkmpfmihenigjmpp", // Chrome Remote Desktop |
| (...skipping 354 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 502 const Extension* extension = profile->GetExtensionService()->extensions()-> | 503 const Extension* extension = profile->GetExtensionService()->extensions()-> |
| 503 GetExtensionOrAppByURL(ExtensionURLInfo(effective_url)); | 504 GetExtensionOrAppByURL(ExtensionURLInfo(effective_url)); |
| 504 if (!extension) | 505 if (!extension) |
| 505 return false; | 506 return false; |
| 506 | 507 |
| 507 // If the URL is part of a hosted app that does not have the background | 508 // If the URL is part of a hosted app that does not have the background |
| 508 // permission, or that does not allow JavaScript access to the background | 509 // permission, or that does not allow JavaScript access to the background |
| 509 // page, we want to give each instance its own process to improve | 510 // page, we want to give each instance its own process to improve |
| 510 // responsiveness. | 511 // responsiveness. |
| 511 if (extension->GetType() == Extension::TYPE_HOSTED_APP) { | 512 if (extension->GetType() == Extension::TYPE_HOSTED_APP) { |
| 512 if (!extension->HasAPIPermission(ExtensionAPIPermission::kBackground) || | 513 if (!extension->HasAPIPermission(APIPermission::kBackground) || |
| 513 !extension->allow_background_js_access()) { | 514 !extension->allow_background_js_access()) { |
| 514 return false; | 515 return false; |
| 515 } | 516 } |
| 516 } | 517 } |
| 517 | 518 |
| 518 // Hosted apps that have script access to their background page must use | 519 // Hosted apps that have script access to their background page must use |
| 519 // process per site, since all instances can make synchronous calls to the | 520 // process per site, since all instances can make synchronous calls to the |
| 520 // background window. Other extensions should use process per site as well. | 521 // background window. Other extensions should use process per site as well. |
| 521 return true; | 522 return true; |
| 522 } | 523 } |
| (...skipping 641 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1164 | 1165 |
| 1165 // Skip showing the infobar if the request comes from an extension, and that | 1166 // Skip showing the infobar if the request comes from an extension, and that |
| 1166 // extension has the 'notify' permission. (If the extension does not have the | 1167 // extension has the 'notify' permission. (If the extension does not have the |
| 1167 // permission, the user will still be prompted.) | 1168 // permission, the user will still be prompted.) |
| 1168 Profile* profile = Profile::FromBrowserContext(contents->GetBrowserContext()); | 1169 Profile* profile = Profile::FromBrowserContext(contents->GetBrowserContext()); |
| 1169 ExtensionService* service = profile->GetExtensionService(); | 1170 ExtensionService* service = profile->GetExtensionService(); |
| 1170 const Extension* extension = !service ? NULL : | 1171 const Extension* extension = !service ? NULL : |
| 1171 service->extensions()->GetExtensionOrAppByURL(ExtensionURLInfo( | 1172 service->extensions()->GetExtensionOrAppByURL(ExtensionURLInfo( |
| 1172 source_origin)); | 1173 source_origin)); |
| 1173 if (extension && | 1174 if (extension && |
| 1174 extension->HasAPIPermission(ExtensionAPIPermission::kNotification)) { | 1175 extension->HasAPIPermission(APIPermission::kNotification)) { |
| 1175 RenderViewHost* rvh = | 1176 RenderViewHost* rvh = |
| 1176 RenderViewHost::FromID(render_process_id, render_view_id); | 1177 RenderViewHost::FromID(render_process_id, render_view_id); |
| 1177 if (rvh) | 1178 if (rvh) |
| 1178 rvh->DesktopNotificationPermissionRequestDone(callback_context); | 1179 rvh->DesktopNotificationPermissionRequestDone(callback_context); |
| 1179 return; | 1180 return; |
| 1180 } | 1181 } |
| 1181 | 1182 |
| 1182 DesktopNotificationService* notifications = | 1183 DesktopNotificationService* notifications = |
| 1183 DesktopNotificationServiceFactory::GetForProfile(profile); | 1184 DesktopNotificationServiceFactory::GetForProfile(profile); |
| 1184 notifications->RequestPermission(source_origin, render_process_id, | 1185 notifications->RequestPermission(source_origin, render_process_id, |
| 1185 render_view_id, callback_context, contents); | 1186 render_view_id, callback_context, contents); |
| 1186 #else | 1187 #else |
| 1187 NOTIMPLEMENTED(); | 1188 NOTIMPLEMENTED(); |
| 1188 #endif | 1189 #endif |
| 1189 } | 1190 } |
| 1190 | 1191 |
| 1191 WebKit::WebNotificationPresenter::Permission | 1192 WebKit::WebNotificationPresenter::Permission |
| 1192 ChromeContentBrowserClient::CheckDesktopNotificationPermission( | 1193 ChromeContentBrowserClient::CheckDesktopNotificationPermission( |
| 1193 const GURL& source_origin, | 1194 const GURL& source_origin, |
| 1194 content::ResourceContext* context, | 1195 content::ResourceContext* context, |
| 1195 int render_process_id) { | 1196 int render_process_id) { |
| 1196 #if defined(ENABLE_NOTIFICATIONS) | 1197 #if defined(ENABLE_NOTIFICATIONS) |
| 1197 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 1198 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 1198 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context); | 1199 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context); |
| 1199 if (io_data->GetExtensionInfoMap()->SecurityOriginHasAPIPermission( | 1200 if (io_data->GetExtensionInfoMap()->SecurityOriginHasAPIPermission( |
| 1200 source_origin, render_process_id, | 1201 source_origin, render_process_id, |
| 1201 ExtensionAPIPermission::kNotification)) | 1202 APIPermission::kNotification)) |
| 1202 return WebKit::WebNotificationPresenter::PermissionAllowed; | 1203 return WebKit::WebNotificationPresenter::PermissionAllowed; |
| 1203 | 1204 |
| 1204 // Fall back to the regular notification preferences, which works on an | 1205 // Fall back to the regular notification preferences, which works on an |
| 1205 // origin basis. | 1206 // origin basis. |
| 1206 return io_data->GetNotificationService() ? | 1207 return io_data->GetNotificationService() ? |
| 1207 io_data->GetNotificationService()->HasPermission(source_origin) : | 1208 io_data->GetNotificationService()->HasPermission(source_origin) : |
| 1208 WebKit::WebNotificationPresenter::PermissionNotAllowed; | 1209 WebKit::WebNotificationPresenter::PermissionNotAllowed; |
| 1209 #else | 1210 #else |
| 1210 return WebKit::WebNotificationPresenter::PermissionAllowed; | 1211 return WebKit::WebNotificationPresenter::PermissionAllowed; |
| 1211 #endif | 1212 #endif |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1273 | 1274 |
| 1274 // If the opener is trying to create a background window but doesn't have | 1275 // If the opener is trying to create a background window but doesn't have |
| 1275 // the appropriate permission, fail the attempt. | 1276 // the appropriate permission, fail the attempt. |
| 1276 if (container_type == WINDOW_CONTAINER_TYPE_BACKGROUND) { | 1277 if (container_type == WINDOW_CONTAINER_TYPE_BACKGROUND) { |
| 1277 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context); | 1278 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context); |
| 1278 ExtensionInfoMap* map = io_data->GetExtensionInfoMap(); | 1279 ExtensionInfoMap* map = io_data->GetExtensionInfoMap(); |
| 1279 | 1280 |
| 1280 if (!map->SecurityOriginHasAPIPermission( | 1281 if (!map->SecurityOriginHasAPIPermission( |
| 1281 source_origin, | 1282 source_origin, |
| 1282 render_process_id, | 1283 render_process_id, |
| 1283 ExtensionAPIPermission::kBackground)) { | 1284 APIPermission::kBackground)) { |
| 1284 return false; | 1285 return false; |
| 1285 } | 1286 } |
| 1286 | 1287 |
| 1287 // Note: this use of GetExtensionOrAppByURL is safe but imperfect. It may | 1288 // Note: this use of GetExtensionOrAppByURL is safe but imperfect. It may |
| 1288 // return a recently installed Extension even if this CanCreateWindow call | 1289 // return a recently installed Extension even if this CanCreateWindow call |
| 1289 // was made by an old copy of the page in a normal web process. That's ok, | 1290 // was made by an old copy of the page in a normal web process. That's ok, |
| 1290 // because the permission check above would have caused an early return | 1291 // because the permission check above would have caused an early return |
| 1291 // already. We must use the full URL to find hosted apps, though, and not | 1292 // already. We must use the full URL to find hosted apps, though, and not |
| 1292 // just the origin. | 1293 // just the origin. |
| 1293 const Extension* extension = map->extensions().GetExtensionOrAppByURL( | 1294 const Extension* extension = map->extensions().GetExtensionOrAppByURL( |
| (...skipping 288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1582 StringTokenizer t(allowed_list, ","); | 1583 StringTokenizer t(allowed_list, ","); |
| 1583 while (t.GetNext()) { | 1584 while (t.GetNext()) { |
| 1584 if (t.token() == host) | 1585 if (t.token() == host) |
| 1585 return true; | 1586 return true; |
| 1586 } | 1587 } |
| 1587 } | 1588 } |
| 1588 | 1589 |
| 1589 if (!extension) | 1590 if (!extension) |
| 1590 return false; | 1591 return false; |
| 1591 | 1592 |
| 1592 if (extension->HasAPIPermission(ExtensionAPIPermission::kSocket)) | 1593 if (extension->HasAPIPermission(APIPermission::kSocket)) |
| 1593 return true; | 1594 return true; |
| 1594 | 1595 |
| 1595 return false; | 1596 return false; |
| 1596 } | 1597 } |
| 1597 | 1598 |
| 1598 bool ChromeContentBrowserClient::AllowPepperPrivateFileAPI() { | 1599 bool ChromeContentBrowserClient::AllowPepperPrivateFileAPI() { |
| 1599 return CommandLine::ForCurrentProcess()->HasSwitch( | 1600 return CommandLine::ForCurrentProcess()->HasSwitch( |
| 1600 switches::kPpapiFlashInProcess); | 1601 switches::kPpapiFlashInProcess); |
| 1601 } | 1602 } |
| 1602 | 1603 |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1646 io_thread_application_locale_ = locale; | 1647 io_thread_application_locale_ = locale; |
| 1647 } | 1648 } |
| 1648 | 1649 |
| 1649 void ChromeContentBrowserClient::SetApplicationLocaleOnIOThread( | 1650 void ChromeContentBrowserClient::SetApplicationLocaleOnIOThread( |
| 1650 const std::string& locale) { | 1651 const std::string& locale) { |
| 1651 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 1652 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 1652 io_thread_application_locale_ = locale; | 1653 io_thread_application_locale_ = locale; |
| 1653 } | 1654 } |
| 1654 | 1655 |
| 1655 } // namespace chrome | 1656 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10649003:
Move each permission classes to its own files in extensions/permissions (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master