| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 #include "chrome/common/chrome_constants.h" | 88 #include "chrome/common/chrome_constants.h" |
| 89 #include "chrome/common/chrome_paths.h" | 89 #include "chrome/common/chrome_paths.h" |
| 90 #include "chrome/common/chrome_process_type.h" | 90 #include "chrome/common/chrome_process_type.h" |
| 91 #include "chrome/common/chrome_switches.h" | 91 #include "chrome/common/chrome_switches.h" |
| 92 #include "chrome/common/extensions/background_info.h" | 92 #include "chrome/common/extensions/background_info.h" |
| 93 #include "chrome/common/extensions/extension.h" | 93 #include "chrome/common/extensions/extension.h" |
| 94 #include "chrome/common/extensions/extension_process_policy.h" | 94 #include "chrome/common/extensions/extension_process_policy.h" |
| 95 #include "chrome/common/extensions/extension_set.h" | 95 #include "chrome/common/extensions/extension_set.h" |
| 96 #include "chrome/common/extensions/manifest_handlers/app_isolation_info.h" | 96 #include "chrome/common/extensions/manifest_handlers/app_isolation_info.h" |
| 97 #include "chrome/common/extensions/manifest_handlers/shared_module_info.h" | 97 #include "chrome/common/extensions/manifest_handlers/shared_module_info.h" |
| 98 #include "chrome/common/extensions/permissions/permissions_data.h" |
| 98 #include "chrome/common/extensions/permissions/socket_permission.h" | 99 #include "chrome/common/extensions/permissions/socket_permission.h" |
| 99 #include "chrome/common/logging_chrome.h" | 100 #include "chrome/common/logging_chrome.h" |
| 100 #include "chrome/common/pepper_permission_util.h" | 101 #include "chrome/common/pepper_permission_util.h" |
| 101 #include "chrome/common/pref_names.h" | 102 #include "chrome/common/pref_names.h" |
| 102 #include "chrome/common/render_messages.h" | 103 #include "chrome/common/render_messages.h" |
| 103 #include "chrome/common/url_constants.h" | 104 #include "chrome/common/url_constants.h" |
| 104 #include "chromeos/chromeos_constants.h" | 105 #include "chromeos/chromeos_constants.h" |
| 105 #include "components/user_prefs/pref_registry_syncable.h" | 106 #include "components/user_prefs/pref_registry_syncable.h" |
| 106 #include "content/public/browser/browser_child_process_host.h" | 107 #include "content/public/browser/browser_child_process_host.h" |
| 107 #include "content/public/browser/browser_main_parts.h" | 108 #include "content/public/browser/browser_main_parts.h" |
| (...skipping 2054 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2162 if (!extension) | 2163 if (!extension) |
| 2163 return false; | 2164 return false; |
| 2164 | 2165 |
| 2165 return extension->HasAPIPermission(APIPermission::kWebView) || | 2166 return extension->HasAPIPermission(APIPermission::kWebView) || |
| 2166 extension->HasAPIPermission(APIPermission::kAdView); | 2167 extension->HasAPIPermission(APIPermission::kAdView); |
| 2167 } | 2168 } |
| 2168 | 2169 |
| 2169 bool ChromeContentBrowserClient::AllowPepperSocketAPI( | 2170 bool ChromeContentBrowserClient::AllowPepperSocketAPI( |
| 2170 content::BrowserContext* browser_context, | 2171 content::BrowserContext* browser_context, |
| 2171 const GURL& url, | 2172 const GURL& url, |
| 2173 bool private_api, |
| 2172 const content::SocketPermissionRequest& params) { | 2174 const content::SocketPermissionRequest& params) { |
| 2173 #if defined(ENABLE_PLUGINS) | 2175 #if defined(ENABLE_PLUGINS) |
| 2174 Profile* profile = Profile::FromBrowserContext(browser_context); | 2176 Profile* profile = Profile::FromBrowserContext(browser_context); |
| 2175 const ExtensionSet* extension_set = NULL; | 2177 const ExtensionSet* extension_set = NULL; |
| 2176 if (profile) { | 2178 if (profile) { |
| 2177 extension_set = extensions::ExtensionSystem::Get(profile)-> | 2179 extension_set = extensions::ExtensionSystem::Get(profile)-> |
| 2178 extension_service()->extensions(); | 2180 extension_service()->extensions(); |
| 2179 } | 2181 } |
| 2180 return IsExtensionOrSharedModuleWhitelisted(url, | 2182 |
| 2181 extension_set, | 2183 if (private_api) { |
| 2182 allowed_socket_origins_, | 2184 // Access to private socket APIs is controlled by the whitelist. |
| 2183 switches::kAllowNaClSocketAPI); | 2185 if (IsExtensionOrSharedModuleWhitelisted(url, extension_set, |
| 2186 allowed_socket_origins_)) { |
| 2187 return true; |
| 2188 } |
| 2189 } else { |
| 2190 // Access to public socket APIs is controlled by extension permissions. |
| 2191 if (url.is_valid() && url.SchemeIs(extensions::kExtensionScheme) && |
| 2192 extension_set) { |
| 2193 const Extension* extension = extension_set->GetByID(url.host()); |
| 2194 if (extension) { |
| 2195 extensions::SocketPermission::CheckParam check_params( |
| 2196 params.type, params.host, params.port); |
| 2197 if (extensions::PermissionsData::CheckAPIPermissionWithParam( |
| 2198 extension, extensions::APIPermission::kSocket, &check_params)) { |
| 2199 return true; |
| 2200 } |
| 2201 } |
| 2202 } |
| 2203 } |
| 2204 |
| 2205 // Allow both public and private APIs if the command line says so. |
| 2206 return IsHostAllowedByCommandLine(url, extension_set, |
| 2207 switches::kAllowNaClSocketAPI); |
| 2184 #else | 2208 #else |
| 2185 return false; | 2209 return false; |
| 2186 #endif | 2210 #endif |
| 2187 } | 2211 } |
| 2188 | 2212 |
| 2189 base::FilePath ChromeContentBrowserClient::GetHyphenDictionaryDirectory() { | 2213 base::FilePath ChromeContentBrowserClient::GetHyphenDictionaryDirectory() { |
| 2190 base::FilePath directory; | 2214 base::FilePath directory; |
| 2191 PathService::Get(chrome::DIR_APP_DICTIONARIES, &directory); | 2215 PathService::Get(chrome::DIR_APP_DICTIONARIES, &directory); |
| 2192 return directory.Append(FILE_PATH_LITERAL("Hyphen")); | 2216 return directory.Append(FILE_PATH_LITERAL("Hyphen")); |
| 2193 } | 2217 } |
| (...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2317 #if defined(USE_NSS) | 2341 #if defined(USE_NSS) |
| 2318 crypto::CryptoModuleBlockingPasswordDelegate* | 2342 crypto::CryptoModuleBlockingPasswordDelegate* |
| 2319 ChromeContentBrowserClient::GetCryptoPasswordDelegate( | 2343 ChromeContentBrowserClient::GetCryptoPasswordDelegate( |
| 2320 const GURL& url) { | 2344 const GURL& url) { |
| 2321 return chrome::NewCryptoModuleBlockingDialogDelegate( | 2345 return chrome::NewCryptoModuleBlockingDialogDelegate( |
| 2322 chrome::kCryptoModulePasswordKeygen, url.host()); | 2346 chrome::kCryptoModulePasswordKeygen, url.host()); |
| 2323 } | 2347 } |
| 2324 #endif | 2348 #endif |
| 2325 | 2349 |
| 2326 } // namespace chrome | 2350 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 17029002:
Change the permission check for Pepper socket API to support both the public and private APIs. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src