| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/chrome_content_renderer_client.h" | 5 #include "chrome/renderer/chrome_content_renderer_client.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
| 10 #include "base/path_service.h" | 10 #include "base/path_service.h" |
| (...skipping 599 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 610 manifest_url = url; | 610 manifest_url = url; |
| 611 app_url = frame->top()->document().url(); | 611 app_url = frame->top()->document().url(); |
| 612 } else { | 612 } else { |
| 613 // NaCl is being invoked as a content handler. Look up the NaCl | 613 // NaCl is being invoked as a content handler. Look up the NaCl |
| 614 // module using the MIME type. The app URL is the manifest URL. | 614 // module using the MIME type. The app URL is the manifest URL. |
| 615 manifest_url = GetNaClContentHandlerURL(actual_mime_type, plugin); | 615 manifest_url = GetNaClContentHandlerURL(actual_mime_type, plugin); |
| 616 app_url = manifest_url; | 616 app_url = manifest_url; |
| 617 } | 617 } |
| 618 const Extension* extension = | 618 const Extension* extension = |
| 619 g_current_client->extension_dispatcher_->extensions()-> | 619 g_current_client->extension_dispatcher_->extensions()-> |
| 620 GetExtensionOrAppByURL(ExtensionURLInfo(manifest_url)); | 620 GetExtensionOrAppByURL(manifest_url); |
| 621 if (!IsNaClAllowed(manifest_url, | 621 if (!IsNaClAllowed(manifest_url, |
| 622 app_url, | 622 app_url, |
| 623 is_nacl_unrestricted, | 623 is_nacl_unrestricted, |
| 624 extension, | 624 extension, |
| 625 ¶ms)) { | 625 ¶ms)) { |
| 626 frame->addMessageToConsole( | 626 frame->addMessageToConsole( |
| 627 WebConsoleMessage( | 627 WebConsoleMessage( |
| 628 WebConsoleMessage::LevelError, | 628 WebConsoleMessage::LevelError, |
| 629 "Only unpacked extensions and apps installed from the " | 629 "Only unpacked extensions and apps installed from the " |
| 630 "Chrome Web Store can load NaCl modules without enabling " | 630 "Chrome Web Store can load NaCl modules without enabling " |
| (...skipping 222 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 853 const WebKit::WebURLRequest& failed_request, | 853 const WebKit::WebURLRequest& failed_request, |
| 854 const WebKit::WebURLError& error, | 854 const WebKit::WebURLError& error, |
| 855 std::string* error_html, | 855 std::string* error_html, |
| 856 string16* error_description) { | 856 string16* error_description) { |
| 857 const GURL failed_url = error.unreachableURL; | 857 const GURL failed_url = error.unreachableURL; |
| 858 const Extension* extension = NULL; | 858 const Extension* extension = NULL; |
| 859 | 859 |
| 860 if (failed_url.is_valid() && | 860 if (failed_url.is_valid() && |
| 861 !failed_url.SchemeIs(extensions::kExtensionScheme)) { | 861 !failed_url.SchemeIs(extensions::kExtensionScheme)) { |
| 862 extension = extension_dispatcher_->extensions()->GetExtensionOrAppByURL( | 862 extension = extension_dispatcher_->extensions()->GetExtensionOrAppByURL( |
| 863 ExtensionURLInfo(failed_url)); | 863 failed_url); |
| 864 } | 864 } |
| 865 | 865 |
| 866 bool is_post = EqualsASCII(failed_request.httpMethod(), "POST"); | 866 bool is_post = EqualsASCII(failed_request.httpMethod(), "POST"); |
| 867 | 867 |
| 868 if (error_html) { | 868 if (error_html) { |
| 869 // Use a local error page. | 869 // Use a local error page. |
| 870 int resource_id; | 870 int resource_id; |
| 871 base::DictionaryValue error_strings; | 871 base::DictionaryValue error_strings; |
| 872 if (extension && !extension->from_bookmark()) { | 872 if (extension && !extension->from_bookmark()) { |
| 873 LocalizedError::GetAppErrorStrings(error, failed_url, extension, | 873 LocalizedError::GetAppErrorStrings(error, failed_url, extension, |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 954 // to swap in the prerendered page on the browser process. If the prerendered | 954 // to swap in the prerendered page on the browser process. If the prerendered |
| 955 // page no longer exists by the time the OpenURL IPC is handled, a normal | 955 // page no longer exists by the time the OpenURL IPC is handled, a normal |
| 956 // navigation is attempted. | 956 // navigation is attempted. |
| 957 if (prerender_dispatcher_.get() && prerender_dispatcher_->IsPrerenderURL(url)) | 957 if (prerender_dispatcher_.get() && prerender_dispatcher_->IsPrerenderURL(url)) |
| 958 return true; | 958 return true; |
| 959 | 959 |
| 960 const ExtensionSet* extensions = extension_dispatcher_->extensions(); | 960 const ExtensionSet* extensions = extension_dispatcher_->extensions(); |
| 961 | 961 |
| 962 // Determine if the new URL is an extension (excluding bookmark apps). | 962 // Determine if the new URL is an extension (excluding bookmark apps). |
| 963 const Extension* new_url_extension = extensions::GetNonBookmarkAppExtension( | 963 const Extension* new_url_extension = extensions::GetNonBookmarkAppExtension( |
| 964 *extensions, ExtensionURLInfo(url)); | 964 *extensions, url); |
| 965 bool is_extension_url = !!new_url_extension; | 965 bool is_extension_url = !!new_url_extension; |
| 966 | 966 |
| 967 // If the navigation would cross an app extent boundary, we also need | 967 // If the navigation would cross an app extent boundary, we also need |
| 968 // to defer to the browser to ensure process isolation. This is not necessary | 968 // to defer to the browser to ensure process isolation. This is not necessary |
| 969 // for server redirects, which will be transferred to a new process by the | 969 // for server redirects, which will be transferred to a new process by the |
| 970 // browser process when they are ready to commit. It is necessary for client | 970 // browser process when they are ready to commit. It is necessary for client |
| 971 // redirects, which won't be transferred in the same way. | 971 // redirects, which won't be transferred in the same way. |
| 972 if (!is_server_redirect && | 972 if (!is_server_redirect && |
| 973 CrossesExtensionExtents(frame, url, *extensions, is_extension_url, | 973 CrossesExtensionExtents(frame, url, *extensions, is_extension_url, |
| 974 is_initial_navigation)) { | 974 is_initial_navigation)) { |
| 975 // Include the referrer in this case since we're going from a hosted web | 975 // Include the referrer in this case since we're going from a hosted web |
| 976 // page. (the packaged case is handled previously by the extension | 976 // page. (the packaged case is handled previously by the extension |
| 977 // navigation test) | 977 // navigation test) |
| 978 *send_referrer = true; | 978 *send_referrer = true; |
| 979 | 979 |
| 980 const Extension* extension = | 980 const Extension* extension = |
| 981 extension_dispatcher_->extensions()->GetExtensionOrAppByURL( | 981 extension_dispatcher_->extensions()->GetExtensionOrAppByURL(url); |
| 982 ExtensionURLInfo(url)); | |
| 983 if (extension && extension->is_app()) { | 982 if (extension && extension->is_app()) { |
| 984 UMA_HISTOGRAM_ENUMERATION( | 983 UMA_HISTOGRAM_ENUMERATION( |
| 985 extension->is_platform_app() ? | 984 extension->is_platform_app() ? |
| 986 extension_misc::kPlatformAppLaunchHistogram : | 985 extension_misc::kPlatformAppLaunchHistogram : |
| 987 extension_misc::kAppLaunchHistogram, | 986 extension_misc::kAppLaunchHistogram, |
| 988 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION, | 987 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION, |
| 989 extension_misc::APP_LAUNCH_BUCKET_BOUNDARY); | 988 extension_misc::APP_LAUNCH_BUCKET_BOUNDARY); |
| 990 } | 989 } |
| 991 return true; | 990 return true; |
| 992 } | 991 } |
| (...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1133 bool is_initial_navigation) { | 1132 bool is_initial_navigation) { |
| 1134 GURL old_url(frame->top()->document().url()); | 1133 GURL old_url(frame->top()->document().url()); |
| 1135 | 1134 |
| 1136 // If old_url is still empty and this is an initial navigation, then this is | 1135 // If old_url is still empty and this is an initial navigation, then this is |
| 1137 // a window.open operation. We should look at the opener URL. | 1136 // a window.open operation. We should look at the opener URL. |
| 1138 if (is_initial_navigation && old_url.is_empty() && frame->opener()) { | 1137 if (is_initial_navigation && old_url.is_empty() && frame->opener()) { |
| 1139 // If we're about to open a normal web page from a same-origin opener stuck | 1138 // If we're about to open a normal web page from a same-origin opener stuck |
| 1140 // in an extension process, we want to keep it in process to allow the | 1139 // in an extension process, we want to keep it in process to allow the |
| 1141 // opener to script it. | 1140 // opener to script it. |
| 1142 WebDocument opener_document = frame->opener()->document(); | 1141 WebDocument opener_document = frame->opener()->document(); |
| 1143 GURL opener_url = opener_document.url(); | |
| 1144 WebSecurityOrigin opener_origin = opener_document.securityOrigin(); | |
| 1145 bool opener_is_extension_url = !!extensions.GetExtensionOrAppByURL( | |
| 1146 ExtensionURLInfo(opener_origin, opener_url)); | |
| 1147 WebSecurityOrigin opener = frame->opener()->document().securityOrigin(); | 1142 WebSecurityOrigin opener = frame->opener()->document().securityOrigin(); |
| 1143 bool opener_is_extension_url = |
| 1144 !opener.isUnique() && extensions.GetExtensionOrAppByURL( |
| 1145 opener_document.url()) != NULL; |
| 1148 if (!is_extension_url && | 1146 if (!is_extension_url && |
| 1149 !opener_is_extension_url && | 1147 !opener_is_extension_url && |
| 1150 extension_dispatcher_->is_extension_process() && | 1148 extension_dispatcher_->is_extension_process() && |
| 1151 opener.canRequest(WebURL(new_url))) | 1149 opener.canRequest(WebURL(new_url))) |
| 1152 return false; | 1150 return false; |
| 1153 | 1151 |
| 1154 // In all other cases, we want to compare against the top frame's URL (as | 1152 // In all other cases, we want to compare against the top frame's URL (as |
| 1155 // opposed to the opener frame's), since that's what determines the type of | 1153 // opposed to the opener frame's), since that's what determines the type of |
| 1156 // process. This allows iframes outside an app to open a popup in the app. | 1154 // process. This allows iframes outside an app to open a popup in the app. |
| 1157 old_url = frame->top()->opener()->top()->document().url(); | 1155 old_url = frame->top()->opener()->top()->document().url(); |
| 1158 } | 1156 } |
| 1159 | 1157 |
| 1160 // Only consider keeping non-app URLs in an app process if this window | 1158 // Only consider keeping non-app URLs in an app process if this window |
| 1161 // has an opener (in which case it might be an OAuth popup that tries to | 1159 // has an opener (in which case it might be an OAuth popup that tries to |
| 1162 // script an iframe within the app). | 1160 // script an iframe within the app). |
| 1163 bool should_consider_workaround = !!frame->opener(); | 1161 bool should_consider_workaround = !!frame->opener(); |
| 1164 | 1162 |
| 1165 return extensions::CrossesExtensionProcessBoundary( | 1163 return extensions::CrossesExtensionProcessBoundary( |
| 1166 extensions, ExtensionURLInfo(old_url), ExtensionURLInfo(new_url), | 1164 extensions, old_url, new_url, should_consider_workaround); |
| 1167 should_consider_workaround); | |
| 1168 } | 1165 } |
| 1169 | 1166 |
| 1170 void ChromeContentRendererClient::SetSpellcheck(SpellCheck* spellcheck) { | 1167 void ChromeContentRendererClient::SetSpellcheck(SpellCheck* spellcheck) { |
| 1171 RenderThread* thread = RenderThread::Get(); | 1168 RenderThread* thread = RenderThread::Get(); |
| 1172 if (spellcheck_.get() && thread) | 1169 if (spellcheck_.get() && thread) |
| 1173 thread->RemoveObserver(spellcheck_.get()); | 1170 thread->RemoveObserver(spellcheck_.get()); |
| 1174 spellcheck_.reset(spellcheck); | 1171 spellcheck_.reset(spellcheck); |
| 1175 SpellCheckReplacer replacer(spellcheck_.get()); | 1172 SpellCheckReplacer replacer(spellcheck_.get()); |
| 1176 content::RenderView::ForEach(&replacer); | 1173 content::RenderView::ForEach(&replacer); |
| 1177 if (thread) | 1174 if (thread) |
| (...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1279 if (CommandLine::ForCurrentProcess()->HasSwitch( | 1276 if (CommandLine::ForCurrentProcess()->HasSwitch( |
| 1280 switches::kEnablePepperTesting)) { | 1277 switches::kEnablePepperTesting)) { |
| 1281 return true; | 1278 return true; |
| 1282 } | 1279 } |
| 1283 #endif // !defined(OS_ANDROID) | 1280 #endif // !defined(OS_ANDROID) |
| 1284 return false; | 1281 return false; |
| 1285 } | 1282 } |
| 1286 | 1283 |
| 1287 | 1284 |
| 1288 } // namespace chrome | 1285 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 16625012:
Remove ExtensionURLInfo, make security decisions in render process (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src