[sql] Disable worker-thread code in SQLite.
[chromium-blink-merge.git] / extensions / renderer / script_context_set.cc
blob3c1d5c1b9f0c7e074818c63e6a20a8517cf23a53
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "extensions/renderer/script_context_set.h"
7 #include "base/message_loop/message_loop.h"
8 #include "content/public/common/url_constants.h"
9 #include "content/public/renderer/render_frame.h"
10 #include "extensions/common/extension.h"
11 #include "extensions/renderer/extension_groups.h"
12 #include "extensions/renderer/script_context.h"
13 #include "extensions/renderer/script_injection.h"
14 #include "third_party/WebKit/public/web/WebDocument.h"
15 #include "third_party/WebKit/public/web/WebLocalFrame.h"
16 #include "v8/include/v8.h"
18 namespace extensions {
20 ScriptContextSet::ScriptContextSet(ExtensionSet* extensions,
21 ExtensionIdSet* active_extension_ids)
22 : extensions_(extensions), active_extension_ids_(active_extension_ids) {
25 ScriptContextSet::~ScriptContextSet() {
28 ScriptContext* ScriptContextSet::Register(
29 blink::WebLocalFrame* frame,
30 const v8::Local<v8::Context>& v8_context,
31 int extension_group,
32 int world_id) {
33 const Extension* extension =
34 GetExtensionFromFrameAndWorld(frame, world_id, false);
35 const Extension* effective_extension =
36 GetExtensionFromFrameAndWorld(frame, world_id, true);
38 GURL frame_url = ScriptContext::GetDataSourceURLForFrame(frame);
39 Feature::Context context_type =
40 ClassifyJavaScriptContext(extension, extension_group, frame_url,
41 frame->document().securityOrigin());
42 Feature::Context effective_context_type = ClassifyJavaScriptContext(
43 effective_extension, extension_group,
44 ScriptContext::GetEffectiveDocumentURL(frame, frame_url, true),
45 frame->document().securityOrigin());
47 ScriptContext* context =
48 new ScriptContext(v8_context, frame, extension, context_type,
49 effective_extension, effective_context_type);
50 contexts_.insert(context); // takes ownership
51 return context;
54 void ScriptContextSet::Remove(ScriptContext* context) {
55 if (contexts_.erase(context)) {
56 context->Invalidate();
57 base::MessageLoop::current()->DeleteSoon(FROM_HERE, context);
61 ScriptContext* ScriptContextSet::GetCurrent() const {
62 v8::Isolate* isolate = v8::Isolate::GetCurrent();
63 return isolate->InContext() ? GetByV8Context(isolate->GetCurrentContext())
64 : nullptr;
67 ScriptContext* ScriptContextSet::GetCalling() const {
68 v8::Isolate* isolate = v8::Isolate::GetCurrent();
69 v8::Local<v8::Context> calling = isolate->GetCallingContext();
70 return calling.IsEmpty() ? nullptr : GetByV8Context(calling);
73 ScriptContext* ScriptContextSet::GetByV8Context(
74 const v8::Local<v8::Context>& v8_context) const {
75 for (ScriptContext* script_context : contexts_) {
76 if (script_context->v8_context() == v8_context)
77 return script_context;
79 return nullptr;
82 void ScriptContextSet::ForEach(
83 const std::string& extension_id,
84 content::RenderFrame* render_frame,
85 const base::Callback<void(ScriptContext*)>& callback) const {
86 // We copy the context list, because calling into javascript may modify it
87 // out from under us.
88 std::set<ScriptContext*> contexts_copy = contexts_;
90 for (ScriptContext* context : contexts_copy) {
91 // For the same reason as above, contexts may become invalid while we run.
92 if (!context->is_valid())
93 continue;
95 if (!extension_id.empty()) {
96 const Extension* extension = context->extension();
97 if (!extension || (extension_id != extension->id()))
98 continue;
101 content::RenderFrame* context_render_frame = context->GetRenderFrame();
102 if (!context_render_frame)
103 continue;
105 if (render_frame && render_frame != context_render_frame)
106 continue;
108 callback.Run(context);
112 std::set<ScriptContext*> ScriptContextSet::OnExtensionUnloaded(
113 const std::string& extension_id) {
114 std::set<ScriptContext*> removed;
115 ForEach(extension_id,
116 base::Bind(&ScriptContextSet::DispatchOnUnloadEventAndRemove,
117 base::Unretained(this), &removed));
118 return removed;
121 const Extension* ScriptContextSet::GetExtensionFromFrameAndWorld(
122 const blink::WebLocalFrame* frame,
123 int world_id,
124 bool use_effective_url) {
125 std::string extension_id;
126 if (world_id != 0) {
127 // Isolated worlds (content script).
128 extension_id = ScriptInjection::GetHostIdForIsolatedWorld(world_id);
129 } else if (!frame->document().securityOrigin().isUnique()) {
130 // TODO(kalman): Delete the above check.
131 // Extension pages (chrome-extension:// URLs).
132 GURL frame_url = ScriptContext::GetDataSourceURLForFrame(frame);
133 frame_url = ScriptContext::GetEffectiveDocumentURL(frame, frame_url,
134 use_effective_url);
135 extension_id = extensions_->GetExtensionOrAppIDByURL(frame_url);
138 // There are conditions where despite a context being associated with an
139 // extension, no extension actually gets found. Ignore "invalid" because CSP
140 // blocks extension page loading by switching the extension ID to "invalid".
141 const Extension* extension = extensions_->GetByID(extension_id);
142 if (!extension && !extension_id.empty() && extension_id != "invalid") {
143 // TODO(kalman): Do something here?
145 return extension;
148 Feature::Context ScriptContextSet::ClassifyJavaScriptContext(
149 const Extension* extension,
150 int extension_group,
151 const GURL& url,
152 const blink::WebSecurityOrigin& origin) {
153 // WARNING: This logic must match ProcessMap::GetContextType, as much as
154 // possible.
156 DCHECK_GE(extension_group, 0);
157 if (extension_group == EXTENSION_GROUP_CONTENT_SCRIPTS) {
158 return extension ? // TODO(kalman): when does this happen?
159 Feature::CONTENT_SCRIPT_CONTEXT
160 : Feature::UNSPECIFIED_CONTEXT;
163 // We have an explicit check for sandboxed pages before checking whether the
164 // extension is active in this process because:
165 // 1. Sandboxed pages run in the same process as regular extension pages, so
166 // the extension is considered active.
167 // 2. ScriptContext creation (which triggers bindings injection) happens
168 // before the SecurityContext is updated with the sandbox flags (after
169 // reading the CSP header), so the caller can't check if the context's
170 // security origin is unique yet.
171 if (ScriptContext::IsSandboxedPage(*extensions_, url))
172 return Feature::WEB_PAGE_CONTEXT;
174 if (extension && active_extension_ids_->count(extension->id()) > 0) {
175 // |extension| is active in this process, but it could be either a true
176 // extension process or within the extent of a hosted app. In the latter
177 // case this would usually be considered a (blessed) web page context,
178 // unless the extension in question is a component extension, in which case
179 // we cheat and call it blessed.
180 return (extension->is_hosted_app() &&
181 extension->location() != Manifest::COMPONENT)
182 ? Feature::BLESSED_WEB_PAGE_CONTEXT
183 : Feature::BLESSED_EXTENSION_CONTEXT;
186 // TODO(kalman): This isUnique() check is wrong, it should be performed as
187 // part of ScriptContext::IsSandboxedPage().
188 if (!origin.isUnique() && extensions_->ExtensionBindingsAllowed(url)) {
189 if (!extension) // TODO(kalman): when does this happen?
190 return Feature::UNSPECIFIED_CONTEXT;
191 return extension->is_hosted_app() ? Feature::BLESSED_WEB_PAGE_CONTEXT
192 : Feature::UNBLESSED_EXTENSION_CONTEXT;
195 if (!url.is_valid())
196 return Feature::UNSPECIFIED_CONTEXT;
198 if (url.SchemeIs(content::kChromeUIScheme))
199 return Feature::WEBUI_CONTEXT;
201 return Feature::WEB_PAGE_CONTEXT;
204 void ScriptContextSet::DispatchOnUnloadEventAndRemove(
205 std::set<ScriptContext*>* out,
206 ScriptContext* context) {
207 context->DispatchOnUnloadEvent();
208 Remove(context); // deleted asynchronously
209 out->insert(context);
212 } // namespace extensions