| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/chrome_render_view_observer.h" | 5 #include "chrome/renderer/chrome_render_view_observer.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/debug/trace_event.h" | 10 #include "base/debug/trace_event.h" |
| (...skipping 480 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 491 | 491 |
| 492 bool ChromeRenderViewObserver::allowWriteToClipboard(WebFrame* frame, | 492 bool ChromeRenderViewObserver::allowWriteToClipboard(WebFrame* frame, |
| 493 bool default_value) { | 493 bool default_value) { |
| 494 bool allowed = false; | 494 bool allowed = false; |
| 495 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( | 495 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( |
| 496 routing_id(), GURL(frame->document().securityOrigin().toString().utf8()), | 496 routing_id(), GURL(frame->document().securityOrigin().toString().utf8()), |
| 497 &allowed)); | 497 &allowed)); |
| 498 return allowed; | 498 return allowed; |
| 499 } | 499 } |
| 500 | 500 |
| 501 bool ChromeRenderViewObserver::HasExtensionPermission( | 501 const extensions::Extension* ChromeRenderViewObserver::GetExtension( |
| 502 const WebSecurityOrigin& origin, APIPermission::ID permission) const { | 502 const WebSecurityOrigin& origin) const { |
| 503 if (!EqualsASCII(origin.protocol(), chrome::kExtensionScheme)) | 503 if (!EqualsASCII(origin.protocol(), chrome::kExtensionScheme)) |
| 504 return false; | 504 return NULL; |
| 505 | 505 |
| 506 const std::string extension_id = origin.host().utf8().data(); | 506 const std::string extension_id = origin.host().utf8().data(); |
| 507 if (!extension_dispatcher_->IsExtensionActive(extension_id)) | 507 if (!extension_dispatcher_->IsExtensionActive(extension_id)) |
| 508 return false; | 508 return NULL; |
| 509 | 509 |
| 510 const extensions::Extension* extension = | 510 return extension_dispatcher_->extensions()->GetByID(extension_id); |
| 511 extension_dispatcher_->extensions()->GetByID(extension_id); | |
| 512 if (!extension) | |
| 513 return false; | |
| 514 | |
| 515 return extension->HasAPIPermission(permission); | |
| 516 } | 511 } |
| 517 | 512 |
| 518 bool ChromeRenderViewObserver::allowWebComponents(const WebDocument& document, | 513 bool ChromeRenderViewObserver::allowWebComponents(const WebDocument& document, |
| 519 bool defaultValue) { | 514 bool defaultValue) { |
| 520 if (defaultValue) | 515 if (defaultValue) |
| 521 return true; | 516 return true; |
| 522 | 517 |
| 523 WebSecurityOrigin origin = document.securityOrigin(); | 518 WebSecurityOrigin origin = document.securityOrigin(); |
| 524 if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme)) | 519 if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme)) |
| 525 return true; | 520 return true; |
| 526 | 521 |
| 527 // The <browser> tag is implemented via Shadow DOM. | 522 if (const extensions::Extension* extension = GetExtension(origin)) { |
| 528 if (HasExtensionPermission(origin, APIPermission::kBrowserTag)) | 523 // The <browser> tag is implemented via Shadow DOM. |
| 529 return true; | 524 if (extension->HasAPIPermission(APIPermission::kBrowserTag)) |
| 525 return true; |
| 530 | 526 |
| 531 if (HasExtensionPermission(origin, APIPermission::kExperimental)) | 527 if (extension->HasAPIPermission(APIPermission::kExperimental)) |
| 532 return true; | 528 return true; |
| 529 } |
| 533 | 530 |
| 534 return false; | 531 return false; |
| 535 } | 532 } |
| 536 | 533 |
| 537 bool ChromeRenderViewObserver::allowHTMLNotifications( | 534 bool ChromeRenderViewObserver::allowHTMLNotifications( |
| 538 const WebDocument& document) { | 535 const WebDocument& document) { |
| 539 WebSecurityOrigin origin = document.securityOrigin(); | 536 WebSecurityOrigin origin = document.securityOrigin(); |
| 540 return HasExtensionPermission(origin, APIPermission::kNotification); | 537 const extensions::Extension* extension = GetExtension(origin); |
| 538 return extension && extension->HasAPIPermission(APIPermission::kNotification); |
| 539 } |
| 540 |
| 541 bool ChromeRenderViewObserver::allowMutationEvents(const WebDocument& document, |
| 542 bool default_value) { |
| 543 WebSecurityOrigin origin = document.securityOrigin(); |
| 544 const extensions::Extension* extension = GetExtension(origin); |
| 545 if (extension && extension->is_platform_app()) |
| 546 return false; |
| 547 return default_value; |
| 541 } | 548 } |
| 542 | 549 |
| 543 static void SendInsecureContentSignal(int signal) { | 550 static void SendInsecureContentSignal(int signal) { |
| 544 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, | 551 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, |
| 545 INSECURE_CONTENT_NUM_EVENTS); | 552 INSECURE_CONTENT_NUM_EVENTS); |
| 546 } | 553 } |
| 547 | 554 |
| 548 bool ChromeRenderViewObserver::allowDisplayingInsecureContent( | 555 bool ChromeRenderViewObserver::allowDisplayingInsecureContent( |
| 549 WebKit::WebFrame* frame, | 556 WebKit::WebFrame* frame, |
| 550 bool allowed_per_settings, | 557 bool allowed_per_settings, |
| (...skipping 556 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1107 reinterpret_cast<const unsigned char*>(&data[0]); | 1114 reinterpret_cast<const unsigned char*>(&data[0]); |
| 1108 | 1115 |
| 1109 return decoder.Decode(src_data, data.size()); | 1116 return decoder.Decode(src_data, data.size()); |
| 1110 } | 1117 } |
| 1111 return SkBitmap(); | 1118 return SkBitmap(); |
| 1112 } | 1119 } |
| 1113 | 1120 |
| 1114 bool ChromeRenderViewObserver::IsStrictSecurityHost(const std::string& host) { | 1121 bool ChromeRenderViewObserver::IsStrictSecurityHost(const std::string& host) { |
| 1115 return (strict_security_hosts_.find(host) != strict_security_hosts_.end()); | 1122 return (strict_security_hosts_.find(host) != strict_security_hosts_.end()); |
| 1116 } | 1123 } |
| OLD | NEW |