Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(347)

Side by Side Diff: chrome/renderer/chrome_render_view_observer.cc

Issue 10870013: Disable DOM MutationEvents for platform apps (Closed) Base URL: http://git.chromium.org/chromium/src.git@git-svn
Patch Set: Added test Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/renderer/chrome_render_view_observer.h" 5 #include "chrome/renderer/chrome_render_view_observer.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/bind_helpers.h" 8 #include "base/bind_helpers.h"
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/debug/trace_event.h" 10 #include "base/debug/trace_event.h"
(...skipping 480 matching lines...) Expand 10 before | Expand all | Expand 10 after
491 491
492 bool ChromeRenderViewObserver::allowWriteToClipboard(WebFrame* frame, 492 bool ChromeRenderViewObserver::allowWriteToClipboard(WebFrame* frame,
493 bool default_value) { 493 bool default_value) {
494 bool allowed = false; 494 bool allowed = false;
495 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite( 495 Send(new ChromeViewHostMsg_CanTriggerClipboardWrite(
496 routing_id(), GURL(frame->document().securityOrigin().toString().utf8()), 496 routing_id(), GURL(frame->document().securityOrigin().toString().utf8()),
497 &allowed)); 497 &allowed));
498 return allowed; 498 return allowed;
499 } 499 }
500 500
501 bool ChromeRenderViewObserver::HasExtensionPermission( 501 const extensions::Extension* ChromeRenderViewObserver::GetExtension(
502 const WebSecurityOrigin& origin, APIPermission::ID permission) const { 502 const WebSecurityOrigin& origin) const {
503 if (!EqualsASCII(origin.protocol(), chrome::kExtensionScheme)) 503 if (!EqualsASCII(origin.protocol(), chrome::kExtensionScheme))
504 return false; 504 return NULL;
505 505
506 const std::string extension_id = origin.host().utf8().data(); 506 const std::string extension_id = origin.host().utf8().data();
507 if (!extension_dispatcher_->IsExtensionActive(extension_id)) 507 if (!extension_dispatcher_->IsExtensionActive(extension_id))
508 return false; 508 return NULL;
509 509
510 const extensions::Extension* extension = 510 return extension_dispatcher_->extensions()->GetByID(extension_id);
511 extension_dispatcher_->extensions()->GetByID(extension_id);
512 if (!extension)
513 return false;
514
515 return extension->HasAPIPermission(permission);
516 } 511 }
517 512
518 bool ChromeRenderViewObserver::allowWebComponents(const WebDocument& document, 513 bool ChromeRenderViewObserver::allowWebComponents(const WebDocument& document,
519 bool defaultValue) { 514 bool defaultValue) {
520 if (defaultValue) 515 if (defaultValue)
521 return true; 516 return true;
522 517
523 WebSecurityOrigin origin = document.securityOrigin(); 518 WebSecurityOrigin origin = document.securityOrigin();
524 if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme)) 519 if (EqualsASCII(origin.protocol(), chrome::kChromeUIScheme))
525 return true; 520 return true;
526 521
527 // The <browser> tag is implemented via Shadow DOM. 522 if (const extensions::Extension* extension = GetExtension(origin)) {
528 if (HasExtensionPermission(origin, APIPermission::kBrowserTag)) 523 // The <browser> tag is implemented via Shadow DOM.
529 return true; 524 if (extension->HasAPIPermission(APIPermission::kBrowserTag))
525 return true;
530 526
531 if (HasExtensionPermission(origin, APIPermission::kExperimental)) 527 if (extension->HasAPIPermission(APIPermission::kExperimental))
532 return true; 528 return true;
529 }
533 530
534 return false; 531 return false;
535 } 532 }
536 533
537 bool ChromeRenderViewObserver::allowHTMLNotifications( 534 bool ChromeRenderViewObserver::allowHTMLNotifications(
538 const WebDocument& document) { 535 const WebDocument& document) {
539 WebSecurityOrigin origin = document.securityOrigin(); 536 WebSecurityOrigin origin = document.securityOrigin();
540 return HasExtensionPermission(origin, APIPermission::kNotification); 537 const extensions::Extension* extension = GetExtension(origin);
538 return extension && extension->HasAPIPermission(APIPermission::kNotification);
539 }
540
541 bool ChromeRenderViewObserver::allowMutationEvents(const WebDocument& document,
542 bool default_value) {
543 WebSecurityOrigin origin = document.securityOrigin();
544 const extensions::Extension* extension = GetExtension(origin);
545 if (extension && extension->is_platform_app())
546 return false;
547 return default_value;
541 } 548 }
542 549
543 static void SendInsecureContentSignal(int signal) { 550 static void SendInsecureContentSignal(int signal) {
544 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal, 551 UMA_HISTOGRAM_ENUMERATION("SSL.InsecureContent", signal,
545 INSECURE_CONTENT_NUM_EVENTS); 552 INSECURE_CONTENT_NUM_EVENTS);
546 } 553 }
547 554
548 bool ChromeRenderViewObserver::allowDisplayingInsecureContent( 555 bool ChromeRenderViewObserver::allowDisplayingInsecureContent(
549 WebKit::WebFrame* frame, 556 WebKit::WebFrame* frame,
550 bool allowed_per_settings, 557 bool allowed_per_settings,
(...skipping 556 matching lines...) Expand 10 before | Expand all | Expand 10 after
1107 reinterpret_cast<const unsigned char*>(&data[0]); 1114 reinterpret_cast<const unsigned char*>(&data[0]);
1108 1115
1109 return decoder.Decode(src_data, data.size()); 1116 return decoder.Decode(src_data, data.size());
1110 } 1117 }
1111 return SkBitmap(); 1118 return SkBitmap();
1112 } 1119 }
1113 1120
1114 bool ChromeRenderViewObserver::IsStrictSecurityHost(const std::string& host) { 1121 bool ChromeRenderViewObserver::IsStrictSecurityHost(const std::string& host) {
1115 return (strict_security_hosts_.find(host) != strict_security_hosts_.end()); 1122 return (strict_security_hosts_.find(host) != strict_security_hosts_.end());
1116 } 1123 }
OLDNEW
« no previous file with comments | « chrome/renderer/chrome_render_view_observer.h ('k') | chrome/test/data/extensions/platform_apps/mutation_events/main.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698