| Index: chrome/browser/chrome_content_browser_client.cc
|
| diff --git a/chrome/browser/chrome_content_browser_client.cc b/chrome/browser/chrome_content_browser_client.cc
|
| index 66b9dcddb0a59ddef6c937a53214c1c5d74e3dd5..2a3d8719735e0f390ffccc396f1912fab86a2023 100644
|
| --- a/chrome/browser/chrome_content_browser_client.cc
|
| +++ b/chrome/browser/chrome_content_browser_client.cc
|
| @@ -13,9 +13,7 @@
|
| #include "base/lazy_instance.h"
|
| #include "base/path_service.h"
|
| #include "base/prefs/pref_service.h"
|
| -#include "base/sha1.h"
|
| #include "base/string_number_conversions.h"
|
| -#include "base/strings/string_tokenizer.h"
|
| #include "base/utf_string_conversions.h"
|
| #include "chrome/app/breakpad_mac.h"
|
| #include "chrome/browser/app_mode/app_mode_utils.h"
|
| @@ -51,6 +49,7 @@
|
| #include "chrome/browser/net/chrome_net_log.h"
|
| #include "chrome/browser/notifications/desktop_notification_service.h"
|
| #include "chrome/browser/notifications/desktop_notification_service_factory.h"
|
| +#include "chrome/browser/pepper_permission_util.h"
|
| #include "chrome/browser/platform_util.h"
|
| #include "chrome/browser/plugins/plugin_info_message_filter.h"
|
| #include "chrome/browser/prefs/scoped_user_pref_update.h"
|
| @@ -202,6 +201,7 @@ namespace {
|
| // thread.
|
| base::LazyInstance<std::string> g_io_thread_application_locale;
|
|
|
| +#if defined(ENABLE_PLUGINS)
|
| const char* kPredefinedAllowedSocketOrigins[] = {
|
| "okddffdblfhhnmhodogpojmfkjmhinfp", // Test SSH Client
|
| "pnhechapfaindjhompbnflcldabbghjo", // HTerm App (SSH Client)
|
| @@ -224,6 +224,7 @@ const char* kPredefinedAllowedSocketOrigins[] = {
|
| "0B549507088E1564D672F7942EB87CA4DAD73972", // see crbug.com/238084
|
| "864288364E239573E777D3E0E36864E590E95C74" // see crbug.com/238084
|
| };
|
| +#endif
|
|
|
| // Returns a copy of the given url with its host set to given host and path set
|
| // to given path. Other parts of the url will be the same.
|
| @@ -463,23 +464,15 @@ void SetApplicationLocaleOnIOThread(const std::string& locale) {
|
| g_io_thread_application_locale.Get() = locale;
|
| }
|
|
|
| -std::string HashHost(const std::string& host) {
|
| - const std::string id_hash = base::SHA1HashString(host);
|
| - DCHECK(id_hash.length() == base::kSHA1Length);
|
| - return base::HexEncode(id_hash.c_str(), id_hash.length());
|
| -}
|
| -
|
| -bool HostIsInSet(const std::string& host, const std::set<std::string>& set) {
|
| - return set.count(host) > 0 || set.count(HashHost(host)) > 0;
|
| -}
|
| -
|
| } // namespace
|
|
|
| namespace chrome {
|
|
|
| ChromeContentBrowserClient::ChromeContentBrowserClient() {
|
| +#if defined(ENABLE_PLUGINS)
|
| for (size_t i = 0; i < arraysize(kPredefinedAllowedSocketOrigins); ++i)
|
| allowed_socket_origins_.insert(kPredefinedAllowedSocketOrigins[i]);
|
| +#endif
|
|
|
| permissions_policy_delegate_.reset(
|
| new extensions::BrowserPermissionsPolicyDelegate());
|
| @@ -2141,60 +2134,15 @@ bool ChromeContentBrowserClient::AllowPepperSocketAPI(
|
| content::BrowserContext* browser_context,
|
| const GURL& url,
|
| const content::SocketPermissionRequest& params) {
|
| - if (!url.is_valid())
|
| - return false;
|
| -
|
| - std::string host = url.host();
|
| - if (url.SchemeIs(extensions::kExtensionScheme) &&
|
| - HostIsInSet(host, allowed_socket_origins_)) {
|
| - return true;
|
| - }
|
| -
|
| - Profile* profile = Profile::FromBrowserContext(browser_context);
|
| - const Extension* extension = NULL;
|
| - ExtensionService* extension_service = !profile ? NULL :
|
| - extensions::ExtensionSystem::Get(profile)->extension_service();
|
| - if (extension_service) {
|
| - extension = extension_service->extensions()->
|
| - GetExtensionOrAppByURL(ExtensionURLInfo(url));
|
| - }
|
| -
|
| - // Check the modules that are imported by this extension to see if any of them
|
| - // is whitelisted.
|
| - if (extension) {
|
| - const std::vector<extensions::SharedModuleInfo::ImportInfo>& imports =
|
| - extensions::SharedModuleInfo::GetImports(extension);
|
| - std::vector<extensions::SharedModuleInfo::ImportInfo>::const_iterator it;
|
| - for (it = imports.begin(); it != imports.end(); ++it) {
|
| - const Extension* imported_extension = extension_service->
|
| - GetExtensionById(it->extension_id, false);
|
| - if (imported_extension &&
|
| - extensions::SharedModuleInfo::IsSharedModule(imported_extension) &&
|
| - HostIsInSet(it->extension_id, allowed_socket_origins_)) {
|
| - return true;
|
| - }
|
| - }
|
| - }
|
| -
|
| - // Need to check this now and not on construction because otherwise it won't
|
| - // work with browser_tests.
|
| - const CommandLine& command_line = *CommandLine::ForCurrentProcess();
|
| - std::string allowed_list =
|
| - command_line.GetSwitchValueASCII(switches::kAllowNaClSocketAPI);
|
| - if (allowed_list == "*") {
|
| - // The wildcard allows socket API only for packaged and platform apps.
|
| - return extension &&
|
| - (extension->GetType() == Manifest::TYPE_LEGACY_PACKAGED_APP ||
|
| - extension->GetType() == Manifest::TYPE_PLATFORM_APP);
|
| - } else if (!allowed_list.empty()) {
|
| - base::StringTokenizer t(allowed_list, ",");
|
| - while (t.GetNext()) {
|
| - if (t.token() == host)
|
| - return true;
|
| - }
|
| - }
|
| -
|
| +#if defined(ENABLE_PLUGINS)
|
| + return IsExtensionOrSharedModuleWhitelisted(
|
| + Profile::FromBrowserContext(browser_context),
|
| + url,
|
| + allowed_socket_origins_,
|
| + switches::kAllowNaClSocketAPI);
|
| +#else
|
| return false;
|
| +#endif
|
| }
|
|
|
| base::FilePath ChromeContentBrowserClient::GetHyphenDictionaryDirectory() {
|
|
|
Chromium Code Reviews
Issue 15521002:
Flag and whitelist to allow crxfs api in NaCl (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master