search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Be a little more precise in the wording of comments for process death.
[chromium-blink-merge.git] / content / browser / renderer_host / render_view_host_impl.cc
blob2bc572f0a3b739dfe6ece01c0a9abf6972e2f6d9
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "content/browser/renderer_host/render_view_host_impl.h"
6
7 #include <set>
8 #include <string>
9 #include <utility>
10 #include <vector>
11
12 #include "base/callback.h"
13 #include "base/command_line.h"
14 #include "base/i18n/rtl.h"
15 #include "base/json/json_reader.h"
16 #include "base/message_loop/message_loop.h"
17 #include "base/metrics/field_trial.h"
18 #include "base/metrics/histogram.h"
19 #include "base/stl_util.h"
20 #include "base/strings/string_util.h"
21 #include "base/strings/utf_string_conversions.h"
22 #include "base/sys_info.h"
23 #include "base/time/time.h"
24 #include "base/trace_event/trace_event.h"
25 #include "base/values.h"
26 #include "cc/base/switches.h"
27 #include "content/browser/bad_message.h"
28 #include "content/browser/child_process_security_policy_impl.h"
29 #include "content/browser/dom_storage/session_storage_namespace_impl.h"
30 #include "content/browser/frame_host/frame_tree.h"
31 #include "content/browser/gpu/compositor_util.h"
32 #include "content/browser/gpu/gpu_data_manager_impl.h"
33 #include "content/browser/gpu/gpu_process_host.h"
34 #include "content/browser/gpu/gpu_surface_tracker.h"
35 #include "content/browser/host_zoom_map_impl.h"
36 #include "content/browser/loader/resource_dispatcher_host_impl.h"
37 #include "content/browser/renderer_host/dip_util.h"
38 #include "content/browser/renderer_host/media/audio_renderer_host.h"
39 #include "content/browser/renderer_host/render_process_host_impl.h"
40 #include "content/browser/renderer_host/render_view_host_delegate.h"
41 #include "content/browser/renderer_host/render_view_host_delegate_view.h"
42 #include "content/browser/renderer_host/render_widget_host_view_base.h"
43 #include "content/common/browser_plugin/browser_plugin_messages.h"
44 #include "content/common/content_switches_internal.h"
45 #include "content/common/drag_messages.h"
46 #include "content/common/frame_messages.h"
47 #include "content/common/input_messages.h"
48 #include "content/common/inter_process_time_ticks_converter.h"
49 #include "content/common/speech_recognition_messages.h"
50 #include "content/common/swapped_out_messages.h"
51 #include "content/common/view_messages.h"
52 #include "content/public/browser/ax_event_notification_details.h"
53 #include "content/public/browser/browser_accessibility_state.h"
54 #include "content/public/browser/browser_context.h"
55 #include "content/public/browser/browser_message_filter.h"
56 #include "content/public/browser/content_browser_client.h"
57 #include "content/public/browser/focused_node_details.h"
58 #include "content/public/browser/native_web_keyboard_event.h"
59 #include "content/public/browser/notification_details.h"
60 #include "content/public/browser/notification_service.h"
61 #include "content/public/browser/notification_types.h"
62 #include "content/public/browser/render_frame_host.h"
63 #include "content/public/browser/render_widget_host_iterator.h"
64 #include "content/public/browser/storage_partition.h"
65 #include "content/public/browser/user_metrics.h"
66 #include "content/public/common/bindings_policy.h"
67 #include "content/public/common/content_constants.h"
68 #include "content/public/common/content_switches.h"
69 #include "content/public/common/context_menu_params.h"
70 #include "content/public/common/drop_data.h"
71 #include "content/public/common/file_chooser_file_info.h"
72 #include "content/public/common/file_chooser_params.h"
73 #include "content/public/common/result_codes.h"
74 #include "content/public/common/url_constants.h"
75 #include "content/public/common/url_utils.h"
76 #include "net/base/filename_util.h"
77 #include "net/base/net_util.h"
78 #include "net/base/network_change_notifier.h"
79 #include "net/url_request/url_request_context_getter.h"
80 #include "storage/browser/fileapi/isolated_context.h"
81 #include "third_party/skia/include/core/SkBitmap.h"
82 #include "ui/base/touch/touch_device.h"
83 #include "ui/base/touch/touch_enabled.h"
84 #include "ui/base/ui_base_switches.h"
85 #include "ui/gfx/image/image_skia.h"
86 #include "ui/gfx/native_widget_types.h"
87 #include "ui/native_theme/native_theme_switches.h"
88 #include "url/url_constants.h"
89
90 #if defined(OS_WIN)
91 #include "base/win/win_util.h"
92 #include "ui/gfx/platform_font_win.h"
93 #include "ui/gfx/win/dpi.h"
94 #endif
95
96 using base::TimeDelta;
97 using blink::WebConsoleMessage;
98 using blink::WebDragOperation;
99 using blink::WebDragOperationNone;
100 using blink::WebDragOperationsMask;
101 using blink::WebInputEvent;
102 using blink::WebMediaPlayerAction;
103 using blink::WebPluginAction;
104
105 namespace content {
106 namespace {
107
108 #if defined(OS_WIN)
109
110 const int kVirtualKeyboardDisplayWaitTimeoutMs = 100;
111 const int kMaxVirtualKeyboardDisplayRetries = 5;
112
113 void DismissVirtualKeyboardTask() {
114 static int virtual_keyboard_display_retries = 0;
115 // If the virtual keyboard is not yet visible, then we execute the task again
116 // waiting for it to show up.
117 if (!base::win::DismissVirtualKeyboard()) {
118 if (virtual_keyboard_display_retries < kMaxVirtualKeyboardDisplayRetries) {
119 BrowserThread::PostDelayedTask(
120 BrowserThread::UI, FROM_HERE,
121 base::Bind(base::IgnoreResult(&DismissVirtualKeyboardTask)),
122 TimeDelta::FromMilliseconds(kVirtualKeyboardDisplayWaitTimeoutMs));
123 ++virtual_keyboard_display_retries;
124 } else {
125 virtual_keyboard_display_retries = 0;
126 }
127 }
128 }
129
130 void GetWindowsSpecificPrefs(RendererPreferences* prefs) {
131 NONCLIENTMETRICS_XP metrics = {0};
132 base::win::GetNonClientMetrics(&metrics);
133
134 prefs->caption_font_family_name = metrics.lfCaptionFont.lfFaceName;
135 prefs->caption_font_height = gfx::PlatformFontWin::GetFontSize(
136 metrics.lfCaptionFont);
137
138 prefs->small_caption_font_family_name = metrics.lfSmCaptionFont.lfFaceName;
139 prefs->small_caption_font_height = gfx::PlatformFontWin::GetFontSize(
140 metrics.lfSmCaptionFont);
141
142 prefs->menu_font_family_name = metrics.lfMenuFont.lfFaceName;
143 prefs->menu_font_height = gfx::PlatformFontWin::GetFontSize(
144 metrics.lfMenuFont);
145
146 prefs->status_font_family_name = metrics.lfStatusFont.lfFaceName;
147 prefs->status_font_height = gfx::PlatformFontWin::GetFontSize(
148 metrics.lfStatusFont);
149
150 prefs->message_font_family_name = metrics.lfMessageFont.lfFaceName;
151 prefs->message_font_height = gfx::PlatformFontWin::GetFontSize(
152 metrics.lfMessageFont);
153
154 prefs->vertical_scroll_bar_width_in_dips =
155 gfx::win::GetSystemMetricsInDIP(SM_CXVSCROLL);
156 prefs->horizontal_scroll_bar_height_in_dips =
157 gfx::win::GetSystemMetricsInDIP(SM_CYHSCROLL);
158 prefs->arrow_bitmap_height_vertical_scroll_bar_in_dips =
159 gfx::win::GetSystemMetricsInDIP(SM_CYVSCROLL);
160 prefs->arrow_bitmap_width_horizontal_scroll_bar_in_dips =
161 gfx::win::GetSystemMetricsInDIP(SM_CXHSCROLL);
162 }
163 #endif
164
165 } // namespace
166
167 // static
168 const int64 RenderViewHostImpl::kUnloadTimeoutMS = 1000;
169
170 ///////////////////////////////////////////////////////////////////////////////
171 // RenderViewHost, public:
172
173 // static
174 RenderViewHost* RenderViewHost::FromID(int render_process_id,
175 int render_view_id) {
176 return RenderViewHostImpl::FromID(render_process_id, render_view_id);
177 }
178
179 // static
180 RenderViewHost* RenderViewHost::From(RenderWidgetHost* rwh) {
181 DCHECK(rwh->IsRenderView());
182 return static_cast<RenderViewHostImpl*>(RenderWidgetHostImpl::From(rwh));
183 }
184
185 ///////////////////////////////////////////////////////////////////////////////
186 // RenderViewHostImpl, public:
187
188 // static
189 RenderViewHostImpl* RenderViewHostImpl::FromID(int render_process_id,
190 int render_view_id) {
191 RenderWidgetHost* widget =
192 RenderWidgetHost::FromID(render_process_id, render_view_id);
193 if (!widget || !widget->IsRenderView())
194 return NULL;
195 return static_cast<RenderViewHostImpl*>(RenderWidgetHostImpl::From(widget));
196 }
197
198 RenderViewHostImpl::RenderViewHostImpl(
199 SiteInstance* instance,
200 RenderViewHostDelegate* delegate,
201 RenderWidgetHostDelegate* widget_delegate,
202 int routing_id,
203 int main_frame_routing_id,
204 bool swapped_out,
205 bool hidden,
206 bool has_initialized_audio_host)
207 : RenderWidgetHostImpl(widget_delegate,
208 instance->GetProcess(),
209 routing_id,
210 hidden),
211 frames_ref_count_(0),
212 delegate_(delegate),
213 instance_(static_cast<SiteInstanceImpl*>(instance)),
214 waiting_for_drag_context_response_(false),
215 enabled_bindings_(0),
216 page_id_(-1),
217 is_active_(!swapped_out),
218 is_swapped_out_(swapped_out),
219 main_frame_routing_id_(main_frame_routing_id),
220 is_waiting_for_close_ack_(false),
221 sudden_termination_allowed_(false),
222 render_view_termination_status_(base::TERMINATION_STATUS_STILL_RUNNING),
223 virtual_keyboard_requested_(false),
224 is_focused_element_editable_(false),
225 updating_web_preferences_(false),
226 weak_factory_(this) {
227 DCHECK(instance_.get());
228 CHECK(delegate_); // http://crbug.com/82827
229
230 GetProcess()->AddObserver(this);
231 GetProcess()->EnableSendQueue();
232
233 if (ResourceDispatcherHostImpl::Get()) {
234 bool has_active_audio = false;
235 if (has_initialized_audio_host) {
236 scoped_refptr<AudioRendererHost> arh =
237 static_cast<RenderProcessHostImpl*>(GetProcess())
238 ->audio_renderer_host();
239 if (arh.get())
240 has_active_audio =
241 arh->RenderFrameHasActiveAudio(main_frame_routing_id_);
242 }
243 BrowserThread::PostTask(
244 BrowserThread::IO,
245 FROM_HERE,
246 base::Bind(&ResourceDispatcherHostImpl::OnRenderViewHostCreated,
247 base::Unretained(ResourceDispatcherHostImpl::Get()),
248 GetProcess()->GetID(),
249 GetRoutingID(),
250 !is_hidden(),
251 has_active_audio));
252 }
253 }
254
255 RenderViewHostImpl::~RenderViewHostImpl() {
256 if (ResourceDispatcherHostImpl::Get()) {
257 BrowserThread::PostTask(
258 BrowserThread::IO, FROM_HERE,
259 base::Bind(&ResourceDispatcherHostImpl::OnRenderViewHostDeleted,
260 base::Unretained(ResourceDispatcherHostImpl::Get()),
261 GetProcess()->GetID(), GetRoutingID()));
262 }
263
264 delegate_->RenderViewDeleted(this);
265 GetProcess()->RemoveObserver(this);
266 }
267
268 RenderViewHostDelegate* RenderViewHostImpl::GetDelegate() const {
269 return delegate_;
270 }
271
272 SiteInstanceImpl* RenderViewHostImpl::GetSiteInstance() const {
273 return instance_.get();
274 }
275
276 bool RenderViewHostImpl::CreateRenderView(
277 int opener_frame_route_id,
278 int proxy_route_id,
279 int32 max_page_id,
280 const FrameReplicationState& replicated_frame_state,
281 bool window_was_created_with_opener) {
282 TRACE_EVENT0("renderer_host,navigation",
283 "RenderViewHostImpl::CreateRenderView");
284 DCHECK(!IsRenderViewLive()) << "Creating view twice";
285
286 // The process may (if we're sharing a process with another host that already
287 // initialized it) or may not (we have our own process or the old process
288 // crashed) have been initialized. Calling Init multiple times will be
289 // ignored, so this is safe.
290 if (!GetProcess()->Init())
291 return false;
292 DCHECK(GetProcess()->HasConnection());
293 DCHECK(GetProcess()->GetBrowserContext());
294
295 set_renderer_initialized(true);
296
297 GpuSurfaceTracker::Get()->SetSurfaceHandle(
298 surface_id(), GetCompositingSurface());
299
300 // Ensure the RenderView starts with a next_page_id larger than any existing
301 // page ID it might be asked to render.
302 int32 next_page_id = 1;
303 if (max_page_id > -1)
304 next_page_id = max_page_id + 1;
305
306 ViewMsg_New_Params params;
307 params.renderer_preferences =
308 delegate_->GetRendererPrefs(GetProcess()->GetBrowserContext());
309 #if defined(OS_WIN)
310 GetWindowsSpecificPrefs(&params.renderer_preferences);
311 #endif
312 params.web_preferences = GetWebkitPreferences();
313 params.view_id = GetRoutingID();
314 params.main_frame_routing_id = main_frame_routing_id_;
315 params.surface_id = surface_id();
316 params.session_storage_namespace_id =
317 delegate_->GetSessionStorageNamespace(instance_.get())->id();
318 // Ensure the RenderView sets its opener correctly.
319 params.opener_frame_route_id = opener_frame_route_id;
320 params.swapped_out = !is_active_;
321 params.replicated_frame_state = replicated_frame_state;
322 params.proxy_routing_id = proxy_route_id;
323 params.hidden = is_hidden();
324 params.never_visible = delegate_->IsNeverVisible();
325 params.window_was_created_with_opener = window_was_created_with_opener;
326 params.next_page_id = next_page_id;
327 params.enable_auto_resize = auto_resize_enabled();
328 params.min_size = min_size_for_auto_resize();
329 params.max_size = max_size_for_auto_resize();
330 GetResizeParams(&params.initial_size);
331
332 if (!Send(new ViewMsg_New(params)))
333 return false;
334 SetInitialRenderSizeParams(params.initial_size);
335
336 // If the RWHV has not yet been set, the surface ID namespace will get
337 // passed down by the call to SetView().
338 if (view_) {
339 Send(new ViewMsg_SetSurfaceIdNamespace(GetRoutingID(),
340 view_->GetSurfaceIdNamespace()));
341 }
342
343 // If it's enabled, tell the renderer to set up the Javascript bindings for
344 // sending messages back to the browser.
345 if (GetProcess()->IsForGuestsOnly())
346 DCHECK_EQ(0, enabled_bindings_);
347 Send(new ViewMsg_AllowBindings(GetRoutingID(), enabled_bindings_));
348 // Let our delegate know that we created a RenderView.
349 delegate_->RenderViewCreated(this);
350
351 // Since this method can create the main RenderFrame in the renderer process,
352 // set the proper state on its corresponding RenderFrameHost.
353 if (main_frame_routing_id_ != MSG_ROUTING_NONE) {
354 RenderFrameHostImpl::FromID(GetProcess()->GetID(), main_frame_routing_id_)
355 ->SetRenderFrameCreated(true);
356 }
357
358 return true;
359 }
360
361 bool RenderViewHostImpl::IsRenderViewLive() const {
362 return GetProcess()->HasConnection() && renderer_initialized();
363 }
364
365 void RenderViewHostImpl::SyncRendererPrefs() {
366 RendererPreferences renderer_preferences =
367 delegate_->GetRendererPrefs(GetProcess()->GetBrowserContext());
368 #if defined(OS_WIN)
369 GetWindowsSpecificPrefs(&renderer_preferences);
370 #endif
371 Send(new ViewMsg_SetRendererPrefs(GetRoutingID(), renderer_preferences));
372 }
373
374 WebPreferences RenderViewHostImpl::ComputeWebkitPrefs() {
375 TRACE_EVENT0("browser", "RenderViewHostImpl::GetWebkitPrefs");
376 WebPreferences prefs;
377
378 const base::CommandLine& command_line =
379 *base::CommandLine::ForCurrentProcess();
380
381 prefs.web_security_enabled =
382 !command_line.HasSwitch(switches::kDisableWebSecurity);
383 prefs.java_enabled =
384 !command_line.HasSwitch(switches::kDisableJava);
385
386 prefs.remote_fonts_enabled =
387 !command_line.HasSwitch(switches::kDisableRemoteFonts);
388 prefs.application_cache_enabled = true;
389 prefs.xss_auditor_enabled =
390 !command_line.HasSwitch(switches::kDisableXSSAuditor);
391 prefs.local_storage_enabled =
392 !command_line.HasSwitch(switches::kDisableLocalStorage);
393 prefs.databases_enabled =
394 !command_line.HasSwitch(switches::kDisableDatabases);
395 #if defined(OS_ANDROID)
396 // WebAudio is enabled by default on x86 and ARM.
397 prefs.webaudio_enabled =
398 !command_line.HasSwitch(switches::kDisableWebAudio);
399 #endif
400
401 prefs.experimental_webgl_enabled =
402 GpuProcessHost::gpu_enabled() &&
403 !command_line.HasSwitch(switches::kDisable3DAPIs) &&
404 !command_line.HasSwitch(switches::kDisableExperimentalWebGL);
405
406 prefs.pepper_3d_enabled =
407 !command_line.HasSwitch(switches::kDisablePepper3d);
408
409 prefs.flash_3d_enabled =
410 GpuProcessHost::gpu_enabled() &&
411 !command_line.HasSwitch(switches::kDisableFlash3d);
412 prefs.flash_stage3d_enabled =
413 GpuProcessHost::gpu_enabled() &&
414 !command_line.HasSwitch(switches::kDisableFlashStage3d);
415 prefs.flash_stage3d_baseline_enabled =
416 GpuProcessHost::gpu_enabled() &&
417 !command_line.HasSwitch(switches::kDisableFlashStage3d);
418
419 prefs.allow_file_access_from_file_urls =
420 command_line.HasSwitch(switches::kAllowFileAccessFromFiles);
421
422 prefs.accelerated_2d_canvas_enabled =
423 GpuProcessHost::gpu_enabled() &&
424 !command_line.HasSwitch(switches::kDisableAccelerated2dCanvas);
425 prefs.antialiased_2d_canvas_disabled =
426 command_line.HasSwitch(switches::kDisable2dCanvasAntialiasing);
427 prefs.antialiased_clips_2d_canvas_enabled =
428 command_line.HasSwitch(switches::kEnable2dCanvasClipAntialiasing);
429 prefs.accelerated_2d_canvas_msaa_sample_count =
430 atoi(command_line.GetSwitchValueASCII(
431 switches::kAcceleratedCanvas2dMSAASampleCount).c_str());
432 prefs.text_blobs_enabled =
433 !command_line.HasSwitch(switches::kDisableTextBlobs);
434
435 prefs.pinch_overlay_scrollbar_thickness = 10;
436 prefs.use_solid_color_scrollbars = ui::IsOverlayScrollbarEnabled();
437 prefs.invert_viewport_scroll_order =
438 command_line.HasSwitch(switches::kInvertViewportScrollOrder);
439
440 #if defined(OS_ANDROID)
441 // On Android, user gestures are normally required, unless that requirement
442 // is disabled with a command-line switch or the equivalent field trial is
443 // is set to "Enabled".
444 const std::string autoplay_group_name = base::FieldTrialList::FindFullName(
445 "MediaElementAutoplay");
446 prefs.user_gesture_required_for_media_playback = !command_line.HasSwitch(
447 switches::kDisableGestureRequirementForMediaPlayback) &&
448 (autoplay_group_name.empty() || autoplay_group_name != "Enabled");
449 #endif
450
451 prefs.touch_enabled = ui::AreTouchEventsEnabled();
452 prefs.device_supports_touch = prefs.touch_enabled &&
453 ui::IsTouchDevicePresent();
454 prefs.available_pointer_types = ui::GetAvailablePointerTypes();
455 prefs.primary_pointer_type = ui::GetPrimaryPointerType();
456 prefs.available_hover_types = ui::GetAvailableHoverTypes();
457 prefs.primary_hover_type = ui::GetPrimaryHoverType();
458
459 #if defined(OS_ANDROID)
460 prefs.device_supports_mouse = false;
461 #endif
462
463 prefs.pointer_events_max_touch_points = ui::MaxTouchPoints();
464
465 prefs.touch_adjustment_enabled =
466 !command_line.HasSwitch(switches::kDisableTouchAdjustment);
467
468 const std::string slimming_group =
469 base::FieldTrialList::FindFullName("SlimmingPaint");
470 prefs.slimming_paint_enabled =
471 (command_line.HasSwitch(switches::kEnableSlimmingPaint) ||
472 !command_line.HasSwitch(switches::kDisableSlimmingPaint)) &&
473 (slimming_group != "DisableSlimmingPaint");
474 #if defined(OS_MACOSX) || defined(OS_CHROMEOS)
475 bool default_enable_scroll_animator = true;
476 #else
477 bool default_enable_scroll_animator = false;
478 #endif
479 prefs.enable_scroll_animator = default_enable_scroll_animator;
480 if (command_line.HasSwitch(switches::kEnableSmoothScrolling))
481 prefs.enable_scroll_animator = true;
482 if (command_line.HasSwitch(switches::kDisableSmoothScrolling))
483 prefs.enable_scroll_animator = false;
484
485 // Certain GPU features might have been blacklisted.
486 GpuDataManagerImpl::GetInstance()->UpdateRendererWebPrefs(&prefs);
487
488 if (ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings(
489 GetProcess()->GetID())) {
490 prefs.loads_images_automatically = true;
491 prefs.javascript_enabled = true;
492 }
493
494 prefs.connection_type = net::NetworkChangeNotifier::GetConnectionType();
495 prefs.is_online =
496 prefs.connection_type != net::NetworkChangeNotifier::CONNECTION_NONE;
497
498 prefs.number_of_cpu_cores = base::SysInfo::NumberOfProcessors();
499
500 prefs.viewport_meta_enabled =
501 command_line.HasSwitch(switches::kEnableViewportMeta);
502
503 prefs.viewport_enabled =
504 command_line.HasSwitch(switches::kEnableViewport) ||
505 prefs.viewport_meta_enabled;
506
507 prefs.main_frame_resizes_are_orientation_changes =
508 command_line.HasSwitch(switches::kMainFrameResizesAreOrientationChanges);
509
510 prefs.image_color_profiles_enabled =
511 command_line.HasSwitch(switches::kEnableImageColorProfiles);
512
513 prefs.spatial_navigation_enabled = command_line.HasSwitch(
514 switches::kEnableSpatialNavigation);
515
516 prefs.disable_reading_from_canvas = command_line.HasSwitch(
517 switches::kDisableReadingFromCanvas);
518
519 prefs.strict_mixed_content_checking = command_line.HasSwitch(
520 switches::kEnableStrictMixedContentChecking);
521
522 prefs.strict_powerful_feature_restrictions = command_line.HasSwitch(
523 switches::kEnableStrictPowerfulFeatureRestrictions);
524
525 prefs.v8_cache_options = GetV8CacheOptions();
526
527 GetContentClient()->browser()->OverrideWebkitPrefs(this, &prefs);
528 return prefs;
529 }
530
531 void RenderViewHostImpl::SuppressDialogsUntilSwapOut() {
532 Send(new ViewMsg_SuppressDialogsUntilSwapOut(GetRoutingID()));
533 }
534
535 void RenderViewHostImpl::ClosePage() {
536 is_waiting_for_close_ack_ = true;
537 StartHangMonitorTimeout(TimeDelta::FromMilliseconds(kUnloadTimeoutMS));
538
539 if (IsRenderViewLive()) {
540 // Since we are sending an IPC message to the renderer, increase the event
541 // count to prevent the hang monitor timeout from being stopped by input
542 // event acknowledgements.
543 increment_in_flight_event_count();
544
545 // TODO(creis): Should this be moved to Shutdown? It may not be called for
546 // RenderViewHosts that have been swapped out.
547 NotificationService::current()->Notify(
548 NOTIFICATION_RENDER_VIEW_HOST_WILL_CLOSE_RENDER_VIEW,
549 Source<RenderViewHost>(this),
550 NotificationService::NoDetails());
551
552 Send(new ViewMsg_ClosePage(GetRoutingID()));
553 } else {
554 // This RenderViewHost doesn't have a live renderer, so just skip the unload
555 // event and close the page.
556 ClosePageIgnoringUnloadEvents();
557 }
558 }
559
560 void RenderViewHostImpl::ClosePageIgnoringUnloadEvents() {
561 StopHangMonitorTimeout();
562 is_waiting_for_close_ack_ = false;
563
564 sudden_termination_allowed_ = true;
565 delegate_->Close(this);
566 }
567
568 #if defined(OS_ANDROID)
569 void RenderViewHostImpl::ActivateNearestFindResult(int request_id,
570 float x,
571 float y) {
572 Send(new InputMsg_ActivateNearestFindResult(GetRoutingID(),
573 request_id, x, y));
574 }
575
576 void RenderViewHostImpl::RequestFindMatchRects(int current_version) {
577 Send(new ViewMsg_FindMatchRects(GetRoutingID(), current_version));
578 }
579 #endif
580
581 void RenderViewHostImpl::RenderProcessExited(RenderProcessHost* host,
582 base::TerminationStatus status,
583 int exit_code) {
584 if (!renderer_initialized())
585 return;
586
587 RenderWidgetHostImpl::RendererExited(status, exit_code);
588 delegate_->RenderViewTerminated(this, status, exit_code);
589 }
590
591 void RenderViewHostImpl::DragTargetDragEnter(
592 const DropData& drop_data,
593 const gfx::Point& client_pt,
594 const gfx::Point& screen_pt,
595 WebDragOperationsMask operations_allowed,
596 int key_modifiers) {
597 const int renderer_id = GetProcess()->GetID();
598 ChildProcessSecurityPolicyImpl* policy =
599 ChildProcessSecurityPolicyImpl::GetInstance();
600
601 #if defined(OS_CHROMEOS)
602 // The externalfile:// scheme is used in Chrome OS to open external files in a
603 // browser tab.
604 if (drop_data.url.SchemeIs(content::kExternalFileScheme))
605 policy->GrantRequestURL(renderer_id, drop_data.url);
606 #endif
607
608 // The URL could have been cobbled together from any highlighted text string,
609 // and can't be interpreted as a capability.
610 DropData filtered_data(drop_data);
611 GetProcess()->FilterURL(true, &filtered_data.url);
612 if (drop_data.did_originate_from_renderer) {
613 filtered_data.filenames.clear();
614 }
615
616 // The filenames vector, on the other hand, does represent a capability to
617 // access the given files.
618 storage::IsolatedContext::FileInfoSet files;
619 for (std::vector<ui::FileInfo>::iterator iter(
620 filtered_data.filenames.begin());
621 iter != filtered_data.filenames.end();
622 ++iter) {
623 // A dragged file may wind up as the value of an input element, or it
624 // may be used as the target of a navigation instead. We don't know
625 // which will happen at this point, so generously grant both access
626 // and request permissions to the specific file to cover both cases.
627 // We do not give it the permission to request all file:// URLs.
628
629 // Make sure we have the same display_name as the one we register.
630 if (iter->display_name.empty()) {
631 std::string name;
632 files.AddPath(iter->path, &name);
633 iter->display_name = base::FilePath::FromUTF8Unsafe(name);
634 } else {
635 files.AddPathWithName(iter->path, iter->display_name.AsUTF8Unsafe());
636 }
637
638 policy->GrantRequestSpecificFileURL(renderer_id,
639 net::FilePathToFileURL(iter->path));
640
641 // If the renderer already has permission to read these paths, we don't need
642 // to re-grant them. This prevents problems with DnD for files in the CrOS
643 // file manager--the file manager already had read/write access to those
644 // directories, but dragging a file would cause the read/write access to be
645 // overwritten with read-only access, making them impossible to delete or
646 // rename until the renderer was killed.
647 if (!policy->CanReadFile(renderer_id, iter->path))
648 policy->GrantReadFile(renderer_id, iter->path);
649 }
650
651 storage::IsolatedContext* isolated_context =
652 storage::IsolatedContext::GetInstance();
653 DCHECK(isolated_context);
654 std::string filesystem_id = isolated_context->RegisterDraggedFileSystem(
655 files);
656 if (!filesystem_id.empty()) {
657 // Grant the permission iff the ID is valid.
658 policy->GrantReadFileSystem(renderer_id, filesystem_id);
659 }
660 filtered_data.filesystem_id = base::UTF8ToUTF16(filesystem_id);
661
662 storage::FileSystemContext* file_system_context =
663 BrowserContext::GetStoragePartition(GetProcess()->GetBrowserContext(),
664 GetSiteInstance())
665 ->GetFileSystemContext();
666 for (size_t i = 0; i < filtered_data.file_system_files.size(); ++i) {
667 storage::FileSystemURL file_system_url =
668 file_system_context->CrackURL(filtered_data.file_system_files[i].url);
669
670 std::string register_name;
671 std::string filesystem_id = isolated_context->RegisterFileSystemForPath(
672 file_system_url.type(), file_system_url.filesystem_id(),
673 file_system_url.path(), &register_name);
674 policy->GrantReadFileSystem(renderer_id, filesystem_id);
675
676 // Note: We are using the origin URL provided by the sender here. It may be
677 // different from the receiver's.
678 filtered_data.file_system_files[i].url =
679 GURL(storage::GetIsolatedFileSystemRootURIString(
680 file_system_url.origin(), filesystem_id, std::string())
681 .append(register_name));
682 }
683
684 Send(new DragMsg_TargetDragEnter(GetRoutingID(), filtered_data, client_pt,
685 screen_pt, operations_allowed,
686 key_modifiers));
687 }
688
689 void RenderViewHostImpl::DragTargetDragOver(
690 const gfx::Point& client_pt,
691 const gfx::Point& screen_pt,
692 WebDragOperationsMask operations_allowed,
693 int key_modifiers) {
694 Send(new DragMsg_TargetDragOver(GetRoutingID(), client_pt, screen_pt,
695 operations_allowed, key_modifiers));
696 }
697
698 void RenderViewHostImpl::DragTargetDragLeave() {
699 Send(new DragMsg_TargetDragLeave(GetRoutingID()));
700 }
701
702 void RenderViewHostImpl::DragTargetDrop(
703 const gfx::Point& client_pt,
704 const gfx::Point& screen_pt,
705 int key_modifiers) {
706 Send(new DragMsg_TargetDrop(GetRoutingID(), client_pt, screen_pt,
707 key_modifiers));
708 }
709
710 void RenderViewHostImpl::DragSourceEndedAt(
711 int client_x, int client_y, int screen_x, int screen_y,
712 WebDragOperation operation) {
713 Send(new DragMsg_SourceEnded(GetRoutingID(),
714 gfx::Point(client_x, client_y),
715 gfx::Point(screen_x, screen_y),
716 operation));
717 }
718
719 void RenderViewHostImpl::DragSourceSystemDragEnded() {
720 Send(new DragMsg_SourceSystemDragEnded(GetRoutingID()));
721 }
722
723 RenderFrameHost* RenderViewHostImpl::GetMainFrame() {
724 return RenderFrameHost::FromID(GetProcess()->GetID(), main_frame_routing_id_);
725 }
726
727 void RenderViewHostImpl::AllowBindings(int bindings_flags) {
728 // Never grant any bindings to browser plugin guests.
729 if (GetProcess()->IsForGuestsOnly()) {
730 NOTREACHED() << "Never grant bindings to a guest process.";
731 return;
732 }
733
734 // Ensure we aren't granting WebUI bindings to a process that has already
735 // been used for non-privileged views.
736 if (bindings_flags & BINDINGS_POLICY_WEB_UI &&
737 GetProcess()->HasConnection() &&
738 !ChildProcessSecurityPolicyImpl::GetInstance()->HasWebUIBindings(
739 GetProcess()->GetID())) {
740 // This process has no bindings yet. Make sure it does not have more
741 // than this single active view.
742 // --single-process only has one renderer.
743 if (GetProcess()->GetActiveViewCount() > 1 &&
744 !base::CommandLine::ForCurrentProcess()->HasSwitch(
745 switches::kSingleProcess))
746 return;
747 }
748
749 if (bindings_flags & BINDINGS_POLICY_WEB_UI) {
750 ChildProcessSecurityPolicyImpl::GetInstance()->GrantWebUIBindings(
751 GetProcess()->GetID());
752 }
753
754 enabled_bindings_ |= bindings_flags;
755 if (renderer_initialized())
756 Send(new ViewMsg_AllowBindings(GetRoutingID(), enabled_bindings_));
757 }
758
759 int RenderViewHostImpl::GetEnabledBindings() const {
760 return enabled_bindings_;
761 }
762
763 void RenderViewHostImpl::SetWebUIProperty(const std::string& name,
764 const std::string& value) {
765 // This is a sanity check before telling the renderer to enable the property.
766 // It could lie and send the corresponding IPC messages anyway, but we will
767 // not act on them if enabled_bindings_ doesn't agree. If we get here without
768 // WebUI bindings, kill the renderer process.
769 if (enabled_bindings_ & BINDINGS_POLICY_WEB_UI) {
770 Send(new ViewMsg_SetWebUIProperty(GetRoutingID(), name, value));
771 } else {
772 RecordAction(
773 base::UserMetricsAction("BindingsMismatchTerminate_RVH_WebUI"));
774 GetProcess()->Shutdown(content::RESULT_CODE_KILLED, false);
775 }
776 }
777
778 void RenderViewHostImpl::GotFocus() {
779 RenderWidgetHostImpl::GotFocus(); // Notifies the renderer it got focus.
780
781 RenderViewHostDelegateView* view = delegate_->GetDelegateView();
782 if (view)
783 view->GotFocus();
784 }
785
786 void RenderViewHostImpl::LostCapture() {
787 RenderWidgetHostImpl::LostCapture();
788 delegate_->LostCapture();
789 }
790
791 void RenderViewHostImpl::LostMouseLock() {
792 RenderWidgetHostImpl::LostMouseLock();
793 delegate_->LostMouseLock();
794 }
795
796 void RenderViewHostImpl::SetInitialFocus(bool reverse) {
797 Send(new ViewMsg_SetInitialFocus(GetRoutingID(), reverse));
798 }
799
800 void RenderViewHostImpl::FilesSelectedInChooser(
801 const std::vector<content::FileChooserFileInfo>& files,
802 FileChooserParams::Mode permissions) {
803 storage::FileSystemContext* const file_system_context =
804 BrowserContext::GetStoragePartition(GetProcess()->GetBrowserContext(),
805 GetSiteInstance())
806 ->GetFileSystemContext();
807 // Grant the security access requested to the given files.
808 for (size_t i = 0; i < files.size(); ++i) {
809 const content::FileChooserFileInfo& file = files[i];
810 if (permissions == FileChooserParams::Save) {
811 ChildProcessSecurityPolicyImpl::GetInstance()->GrantCreateReadWriteFile(
812 GetProcess()->GetID(), file.file_path);
813 } else {
814 ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFile(
815 GetProcess()->GetID(), file.file_path);
816 }
817 if (file.file_system_url.is_valid()) {
818 ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFileSystem(
819 GetProcess()->GetID(),
820 file_system_context->CrackURL(file.file_system_url)
821 .mount_filesystem_id());
822 }
823 }
824 Send(new ViewMsg_RunFileChooserResponse(GetRoutingID(), files));
825 }
826
827 void RenderViewHostImpl::DirectoryEnumerationFinished(
828 int request_id,
829 const std::vector<base::FilePath>& files) {
830 // Grant the security access requested to the given files.
831 for (std::vector<base::FilePath>::const_iterator file = files.begin();
832 file != files.end(); ++file) {
833 ChildProcessSecurityPolicyImpl::GetInstance()->GrantReadFile(
834 GetProcess()->GetID(), *file);
835 }
836 Send(new ViewMsg_EnumerateDirectoryResponse(GetRoutingID(),
837 request_id,
838 files));
839 }
840
841 void RenderViewHostImpl::SetIsLoading(bool is_loading) {
842 if (ResourceDispatcherHostImpl::Get()) {
843 BrowserThread::PostTask(
844 BrowserThread::IO,
845 FROM_HERE,
846 base::Bind(&ResourceDispatcherHostImpl::OnRenderViewHostSetIsLoading,
847 base::Unretained(ResourceDispatcherHostImpl::Get()),
848 GetProcess()->GetID(),
849 GetRoutingID(),
850 is_loading));
851 }
852 RenderWidgetHostImpl::SetIsLoading(is_loading);
853 }
854
855 void RenderViewHostImpl::LoadStateChanged(
856 const GURL& url,
857 const net::LoadStateWithParam& load_state,
858 uint64 upload_position,
859 uint64 upload_size) {
860 delegate_->LoadStateChanged(url, load_state, upload_position, upload_size);
861 }
862
863 bool RenderViewHostImpl::SuddenTerminationAllowed() const {
864 return sudden_termination_allowed_ ||
865 GetProcess()->SuddenTerminationAllowed();
866 }
867
868 ///////////////////////////////////////////////////////////////////////////////
869 // RenderViewHostImpl, IPC message handlers:
870
871 bool RenderViewHostImpl::OnMessageReceived(const IPC::Message& msg) {
872 if (!BrowserMessageFilter::CheckCanDispatchOnUI(msg, this))
873 return true;
874
875 // Filter out most IPC messages if this renderer is swapped out.
876 // We still want to handle certain ACKs to keep our state consistent.
877 if (is_swapped_out_) {
878 if (!SwappedOutMessages::CanHandleWhileSwappedOut(msg)) {
879 // If this is a synchronous message and we decided not to handle it,
880 // we must send an error reply, or else the renderer will be stuck
881 // and won't respond to future requests.
882 if (msg.is_sync()) {
883 IPC::Message* reply = IPC::SyncMessage::GenerateReply(&msg);
884 reply->set_reply_error();
885 Send(reply);
886 }
887 // Don't continue looking for someone to handle it.
888 return true;
889 }
890 }
891
892 if (delegate_->OnMessageReceived(this, msg))
893 return true;
894
895 bool handled = true;
896 IPC_BEGIN_MESSAGE_MAP(RenderViewHostImpl, msg)
897 IPC_MESSAGE_HANDLER(FrameHostMsg_RenderProcessGone, OnRenderProcessGone)
898 IPC_MESSAGE_HANDLER(ViewHostMsg_ShowView, OnShowView)
899 IPC_MESSAGE_HANDLER(ViewHostMsg_ShowWidget, OnShowWidget)
900 IPC_MESSAGE_HANDLER(ViewHostMsg_ShowFullscreenWidget,
901 OnShowFullscreenWidget)
902 IPC_MESSAGE_HANDLER(ViewHostMsg_RenderViewReady, OnRenderViewReady)
903 IPC_MESSAGE_HANDLER(ViewHostMsg_UpdateState, OnUpdateState)
904 IPC_MESSAGE_HANDLER(ViewHostMsg_UpdateTargetURL, OnUpdateTargetURL)
905 IPC_MESSAGE_HANDLER(ViewHostMsg_Close, OnClose)
906 IPC_MESSAGE_HANDLER(ViewHostMsg_RequestMove, OnRequestMove)
907 IPC_MESSAGE_HANDLER(ViewHostMsg_DocumentAvailableInMainFrame,
908 OnDocumentAvailableInMainFrame)
909 IPC_MESSAGE_HANDLER(ViewHostMsg_DidContentsPreferredSizeChange,
910 OnDidContentsPreferredSizeChange)
911 IPC_MESSAGE_HANDLER(ViewHostMsg_RouteCloseEvent,
912 OnRouteCloseEvent)
913 IPC_MESSAGE_HANDLER(DragHostMsg_StartDragging, OnStartDragging)
914 IPC_MESSAGE_HANDLER(DragHostMsg_UpdateDragCursor, OnUpdateDragCursor)
915 IPC_MESSAGE_HANDLER(DragHostMsg_TargetDrop_ACK, OnTargetDropACK)
916 IPC_MESSAGE_HANDLER(ViewHostMsg_TakeFocus, OnTakeFocus)
917 IPC_MESSAGE_HANDLER(ViewHostMsg_FocusedNodeChanged, OnFocusedNodeChanged)
918 IPC_MESSAGE_HANDLER(ViewHostMsg_ClosePage_ACK, OnClosePageACK)
919 IPC_MESSAGE_HANDLER(ViewHostMsg_DidZoomURL, OnDidZoomURL)
920 IPC_MESSAGE_HANDLER(ViewHostMsg_PageScaleFactorIsOneChanged,
921 OnPageScaleFactorIsOneChanged)
922 IPC_MESSAGE_HANDLER(ViewHostMsg_RunFileChooser, OnRunFileChooser)
923 IPC_MESSAGE_HANDLER(ViewHostMsg_FocusedNodeTouched, OnFocusedNodeTouched)
924 // Have the super handle all other messages.
925 IPC_MESSAGE_UNHANDLED(
926 handled = RenderWidgetHostImpl::OnMessageReceived(msg))
927 IPC_END_MESSAGE_MAP()
928
929 return handled;
930 }
931
932 void RenderViewHostImpl::Init() {
933 RenderWidgetHostImpl::Init();
934 }
935
936 void RenderViewHostImpl::Shutdown() {
937 // We can't release the SessionStorageNamespace until our peer
938 // in the renderer has wound down.
939 if (GetProcess()->HasConnection()) {
940 RenderProcessHostImpl::ReleaseOnCloseACK(
941 GetProcess(),
942 delegate_->GetSessionStorageNamespaceMap(),
943 GetRoutingID());
944 }
945
946 RenderWidgetHostImpl::Shutdown();
947 }
948
949 void RenderViewHostImpl::WasHidden() {
950 if (ResourceDispatcherHostImpl::Get()) {
951 BrowserThread::PostTask(
952 BrowserThread::IO, FROM_HERE,
953 base::Bind(&ResourceDispatcherHostImpl::OnRenderViewHostWasHidden,
954 base::Unretained(ResourceDispatcherHostImpl::Get()),
955 GetProcess()->GetID(), GetRoutingID()));
956 }
957
958 RenderWidgetHostImpl::WasHidden();
959 }
960
961 void RenderViewHostImpl::WasShown(const ui::LatencyInfo& latency_info) {
962 if (ResourceDispatcherHostImpl::Get()) {
963 BrowserThread::PostTask(
964 BrowserThread::IO, FROM_HERE,
965 base::Bind(&ResourceDispatcherHostImpl::OnRenderViewHostWasShown,
966 base::Unretained(ResourceDispatcherHostImpl::Get()),
967 GetProcess()->GetID(), GetRoutingID()));
968 }
969
970 RenderWidgetHostImpl::WasShown(latency_info);
971 }
972
973 bool RenderViewHostImpl::IsRenderView() const {
974 return true;
975 }
976
977 void RenderViewHostImpl::CreateNewWindow(
978 int route_id,
979 int main_frame_route_id,
980 const ViewHostMsg_CreateWindow_Params& params,
981 SessionStorageNamespace* session_storage_namespace) {
982 ViewHostMsg_CreateWindow_Params validated_params(params);
983 GetProcess()->FilterURL(false, &validated_params.target_url);
984 GetProcess()->FilterURL(false, &validated_params.opener_url);
985 GetProcess()->FilterURL(true, &validated_params.opener_security_origin);
986
987 delegate_->CreateNewWindow(
988 GetProcess()->GetID(), route_id, main_frame_route_id, validated_params,
989 session_storage_namespace);
990 }
991
992 void RenderViewHostImpl::CreateNewWidget(int route_id,
993 blink::WebPopupType popup_type) {
994 delegate_->CreateNewWidget(GetProcess()->GetID(), route_id, popup_type);
995 }
996
997 void RenderViewHostImpl::CreateNewFullscreenWidget(int route_id) {
998 delegate_->CreateNewFullscreenWidget(GetProcess()->GetID(), route_id);
999 }
1000
1001 void RenderViewHostImpl::OnShowView(int route_id,
1002 WindowOpenDisposition disposition,
1003 const gfx::Rect& initial_rect,
1004 bool user_gesture) {
1005 if (is_active_) {
1006 delegate_->ShowCreatedWindow(
1007 route_id, disposition, initial_rect, user_gesture);
1008 }
1009 Send(new ViewMsg_Move_ACK(route_id));
1010 }
1011
1012 void RenderViewHostImpl::OnShowWidget(int route_id,
1013 const gfx::Rect& initial_rect) {
1014 if (is_active_)
1015 delegate_->ShowCreatedWidget(route_id, initial_rect);
1016 Send(new ViewMsg_Move_ACK(route_id));
1017 }
1018
1019 void RenderViewHostImpl::OnShowFullscreenWidget(int route_id) {
1020 if (is_active_)
1021 delegate_->ShowCreatedFullscreenWidget(route_id);
1022 Send(new ViewMsg_Move_ACK(route_id));
1023 }
1024
1025 void RenderViewHostImpl::OnRenderViewReady() {
1026 render_view_termination_status_ = base::TERMINATION_STATUS_STILL_RUNNING;
1027 SendScreenRects();
1028 WasResized();
1029 delegate_->RenderViewReady(this);
1030 }
1031
1032 void RenderViewHostImpl::OnRenderProcessGone(int status, int exit_code) {
1033 // Do nothing, otherwise RenderWidgetHostImpl will assume it is not a
1034 // RenderViewHostImpl and destroy itself.
1035 // TODO(nasko): Remove this hack once RenderViewHost and RenderWidgetHost are
1036 // decoupled.
1037 }
1038
1039 void RenderViewHostImpl::OnUpdateState(int32 page_id, const PageState& state) {
1040 // If the following DCHECK fails, you have encountered a tricky edge-case that
1041 // has evaded reproduction for a very long time. Please report what you were
1042 // doing on http://crbug.com/407376, whether or not you can reproduce the
1043 // failure.
1044 DCHECK_EQ(page_id, page_id_);
1045
1046 // Without this check, the renderer can trick the browser into using
1047 // filenames it can't access in a future session restore.
1048 if (!CanAccessFilesOfPageState(state)) {
1049 bad_message::ReceivedBadMessage(
1050 GetProcess(), bad_message::RVH_CAN_ACCESS_FILES_OF_PAGE_STATE);
1051 return;
1052 }
1053
1054 delegate_->UpdateState(this, page_id, state);
1055 }
1056
1057 void RenderViewHostImpl::OnUpdateTargetURL(const GURL& url) {
1058 if (is_active_)
1059 delegate_->UpdateTargetURL(this, url);
1060
1061 // Send a notification back to the renderer that we are ready to
1062 // receive more target urls.
1063 Send(new ViewMsg_UpdateTargetURL_ACK(GetRoutingID()));
1064 }
1065
1066 void RenderViewHostImpl::OnClose() {
1067 // If the renderer is telling us to close, it has already run the unload
1068 // events, and we can take the fast path.
1069 ClosePageIgnoringUnloadEvents();
1070 }
1071
1072 void RenderViewHostImpl::OnRequestMove(const gfx::Rect& pos) {
1073 if (is_active_)
1074 delegate_->RequestMove(pos);
1075 Send(new ViewMsg_Move_ACK(GetRoutingID()));
1076 }
1077
1078 void RenderViewHostImpl::OnDocumentAvailableInMainFrame(
1079 bool uses_temporary_zoom_level) {
1080 delegate_->DocumentAvailableInMainFrame(this);
1081
1082 if (!uses_temporary_zoom_level)
1083 return;
1084
1085 HostZoomMapImpl* host_zoom_map =
1086 static_cast<HostZoomMapImpl*>(HostZoomMap::Get(GetSiteInstance()));
1087 host_zoom_map->SetTemporaryZoomLevel(GetProcess()->GetID(),
1088 GetRoutingID(),
1089 host_zoom_map->GetDefaultZoomLevel());
1090 }
1091
1092 void RenderViewHostImpl::OnDidContentsPreferredSizeChange(
1093 const gfx::Size& new_size) {
1094 delegate_->UpdatePreferredSize(new_size);
1095 }
1096
1097 void RenderViewHostImpl::OnRenderAutoResized(const gfx::Size& new_size) {
1098 delegate_->ResizeDueToAutoResize(new_size);
1099 }
1100
1101 void RenderViewHostImpl::OnRouteCloseEvent() {
1102 // Have the delegate route this to the active RenderViewHost.
1103 delegate_->RouteCloseEvent(this);
1104 }
1105
1106 void RenderViewHostImpl::OnStartDragging(
1107 const DropData& drop_data,
1108 WebDragOperationsMask drag_operations_mask,
1109 const SkBitmap& bitmap,
1110 const gfx::Vector2d& bitmap_offset_in_dip,
1111 const DragEventSourceInfo& event_info) {
1112 RenderViewHostDelegateView* view = delegate_->GetDelegateView();
1113 if (!view)
1114 return;
1115
1116 DropData filtered_data(drop_data);
1117 RenderProcessHost* process = GetProcess();
1118 ChildProcessSecurityPolicyImpl* policy =
1119 ChildProcessSecurityPolicyImpl::GetInstance();
1120
1121 // Allow drag of Javascript URLs to enable bookmarklet drag to bookmark bar.
1122 if (!filtered_data.url.SchemeIs(url::kJavaScriptScheme))
1123 process->FilterURL(true, &filtered_data.url);
1124 process->FilterURL(false, &filtered_data.html_base_url);
1125 // Filter out any paths that the renderer didn't have access to. This prevents
1126 // the following attack on a malicious renderer:
1127 // 1. StartDragging IPC sent with renderer-specified filesystem paths that it
1128 // doesn't have read permissions for.
1129 // 2. We initiate a native DnD operation.
1130 // 3. DnD operation immediately ends since mouse is not held down. DnD events
1131 // still fire though, which causes read permissions to be granted to the
1132 // renderer for any file paths in the drop.
1133 filtered_data.filenames.clear();
1134 for (std::vector<ui::FileInfo>::const_iterator it =
1135 drop_data.filenames.begin();
1136 it != drop_data.filenames.end();
1137 ++it) {
1138 if (policy->CanReadFile(GetProcess()->GetID(), it->path))
1139 filtered_data.filenames.push_back(*it);
1140 }
1141
1142 storage::FileSystemContext* file_system_context =
1143 BrowserContext::GetStoragePartition(GetProcess()->GetBrowserContext(),
1144 GetSiteInstance())
1145 ->GetFileSystemContext();
1146 filtered_data.file_system_files.clear();
1147 for (size_t i = 0; i < drop_data.file_system_files.size(); ++i) {
1148 storage::FileSystemURL file_system_url =
1149 file_system_context->CrackURL(drop_data.file_system_files[i].url);
1150 if (policy->CanReadFileSystemFile(GetProcess()->GetID(), file_system_url))
1151 filtered_data.file_system_files.push_back(drop_data.file_system_files[i]);
1152 }
1153
1154 float scale = GetScaleFactorForView(GetView());
1155 gfx::ImageSkia image(gfx::ImageSkiaRep(bitmap, scale));
1156 view->StartDragging(filtered_data, drag_operations_mask, image,
1157 bitmap_offset_in_dip, event_info);
1158 }
1159
1160 void RenderViewHostImpl::OnUpdateDragCursor(WebDragOperation current_op) {
1161 RenderViewHostDelegateView* view = delegate_->GetDelegateView();
1162 if (view)
1163 view->UpdateDragCursor(current_op);
1164 }
1165
1166 void RenderViewHostImpl::OnTargetDropACK() {
1167 NotificationService::current()->Notify(
1168 NOTIFICATION_RENDER_VIEW_HOST_DID_RECEIVE_DRAG_TARGET_DROP_ACK,
1169 Source<RenderViewHost>(this),
1170 NotificationService::NoDetails());
1171 }
1172
1173 void RenderViewHostImpl::OnTakeFocus(bool reverse) {
1174 RenderViewHostDelegateView* view = delegate_->GetDelegateView();
1175 if (view)
1176 view->TakeFocus(reverse);
1177 }
1178
1179 void RenderViewHostImpl::OnFocusedNodeChanged(
1180 bool is_editable_node,
1181 const gfx::Rect& node_bounds_in_viewport) {
1182 is_focused_element_editable_ = is_editable_node;
1183 if (view_)
1184 view_->FocusedNodeChanged(is_editable_node);
1185 #if defined(OS_WIN)
1186 if (!is_editable_node && virtual_keyboard_requested_) {
1187 virtual_keyboard_requested_ = false;
1188 delegate_->SetIsVirtualKeyboardRequested(false);
1189 BrowserThread::PostDelayedTask(
1190 BrowserThread::UI, FROM_HERE,
1191 base::Bind(base::IgnoreResult(&DismissVirtualKeyboardTask)),
1192 TimeDelta::FromMilliseconds(kVirtualKeyboardDisplayWaitTimeoutMs));
1193 }
1194 #endif
1195
1196 // Convert node_bounds to screen coordinates.
1197 gfx::Rect view_bounds_in_screen = view_->GetViewBounds();
1198 gfx::Point origin = node_bounds_in_viewport.origin();
1199 origin.Offset(view_bounds_in_screen.x(), view_bounds_in_screen.y());
1200 gfx::Rect node_bounds_in_screen(origin.x(), origin.y(),
1201 node_bounds_in_viewport.width(),
1202 node_bounds_in_viewport.height());
1203 FocusedNodeDetails details = {is_editable_node, node_bounds_in_screen};
1204 NotificationService::current()->Notify(NOTIFICATION_FOCUS_CHANGED_IN_PAGE,
1205 Source<RenderViewHost>(this),
1206 Details<FocusedNodeDetails>(&details));
1207 }
1208
1209 void RenderViewHostImpl::OnUserGesture() {
1210 delegate_->OnUserGesture();
1211 }
1212
1213 void RenderViewHostImpl::OnClosePageACK() {
1214 decrement_in_flight_event_count();
1215 ClosePageIgnoringUnloadEvents();
1216 }
1217
1218 void RenderViewHostImpl::NotifyRendererUnresponsive() {
1219 delegate_->RendererUnresponsive(this);
1220 }
1221
1222 void RenderViewHostImpl::NotifyRendererResponsive() {
1223 delegate_->RendererResponsive(this);
1224 }
1225
1226 void RenderViewHostImpl::RequestToLockMouse(bool user_gesture,
1227 bool last_unlocked_by_target) {
1228 delegate_->RequestToLockMouse(user_gesture, last_unlocked_by_target);
1229 }
1230
1231 bool RenderViewHostImpl::IsFullscreenGranted() const {
1232 return delegate_->IsFullscreenForCurrentTab();
1233 }
1234
1235 blink::WebDisplayMode RenderViewHostImpl::GetDisplayMode() const {
1236 return delegate_->GetDisplayMode();
1237 }
1238
1239 void RenderViewHostImpl::OnFocus() {
1240 // Note: We allow focus and blur from swapped out RenderViewHosts, even when
1241 // the active RenderViewHost is in a different BrowsingInstance (e.g., WebUI).
1242 delegate_->Activate();
1243 }
1244
1245 void RenderViewHostImpl::OnBlur() {
1246 delegate_->Deactivate();
1247 }
1248
1249 gfx::Rect RenderViewHostImpl::GetRootWindowResizerRect() const {
1250 return delegate_->GetRootWindowResizerRect();
1251 }
1252
1253 void RenderViewHostImpl::ForwardMouseEvent(
1254 const blink::WebMouseEvent& mouse_event) {
1255 RenderWidgetHostImpl::ForwardMouseEvent(mouse_event);
1256 if (mouse_event.type == WebInputEvent::MouseWheel && ignore_input_events())
1257 delegate_->OnIgnoredUIEvent();
1258 }
1259
1260 void RenderViewHostImpl::ForwardKeyboardEvent(
1261 const NativeWebKeyboardEvent& key_event) {
1262 if (ignore_input_events()) {
1263 if (key_event.type == WebInputEvent::RawKeyDown)
1264 delegate_->OnIgnoredUIEvent();
1265 return;
1266 }
1267 RenderWidgetHostImpl::ForwardKeyboardEvent(key_event);
1268 }
1269
1270 void RenderViewHostImpl::OnTextSurroundingSelectionResponse(
1271 const base::string16& content,
1272 size_t start_offset,
1273 size_t end_offset) {
1274 if (!view_)
1275 return;
1276 view_->OnTextSurroundingSelectionResponse(content, start_offset, end_offset);
1277 }
1278
1279 WebPreferences RenderViewHostImpl::GetWebkitPreferences() {
1280 if (!web_preferences_.get()) {
1281 OnWebkitPreferencesChanged();
1282 }
1283 return *web_preferences_;
1284 }
1285
1286 void RenderViewHostImpl::UpdateWebkitPreferences(const WebPreferences& prefs) {
1287 web_preferences_.reset(new WebPreferences(prefs));
1288 Send(new ViewMsg_UpdateWebPreferences(GetRoutingID(), prefs));
1289 }
1290
1291 void RenderViewHostImpl::OnWebkitPreferencesChanged() {
1292 // This is defensive code to avoid infinite loops due to code run inside
1293 // UpdateWebkitPreferences() accidentally updating more preferences and thus
1294 // calling back into this code. See crbug.com/398751 for one past example.
1295 if (updating_web_preferences_)
1296 return;
1297 updating_web_preferences_ = true;
1298 UpdateWebkitPreferences(ComputeWebkitPrefs());
1299 updating_web_preferences_ = false;
1300 }
1301
1302 void RenderViewHostImpl::ClearFocusedElement() {
1303 is_focused_element_editable_ = false;
1304 Send(new ViewMsg_ClearFocusedElement(GetRoutingID()));
1305 }
1306
1307 bool RenderViewHostImpl::IsFocusedElementEditable() {
1308 return is_focused_element_editable_;
1309 }
1310
1311 void RenderViewHostImpl::Zoom(PageZoom zoom) {
1312 Send(new ViewMsg_Zoom(GetRoutingID(), zoom));
1313 }
1314
1315 void RenderViewHostImpl::DisableScrollbarsForThreshold(const gfx::Size& size) {
1316 Send(new ViewMsg_DisableScrollbarsForSmallWindows(GetRoutingID(), size));
1317 }
1318
1319 void RenderViewHostImpl::EnablePreferredSizeMode() {
1320 Send(new ViewMsg_EnablePreferredSizeChangedMode(GetRoutingID()));
1321 }
1322
1323 void RenderViewHostImpl::EnableAutoResize(const gfx::Size& min_size,
1324 const gfx::Size& max_size) {
1325 SetAutoResize(true, min_size, max_size);
1326 Send(new ViewMsg_EnableAutoResize(GetRoutingID(), min_size, max_size));
1327 }
1328
1329 void RenderViewHostImpl::DisableAutoResize(const gfx::Size& new_size) {
1330 SetAutoResize(false, gfx::Size(), gfx::Size());
1331 Send(new ViewMsg_DisableAutoResize(GetRoutingID(), new_size));
1332 if (!new_size.IsEmpty())
1333 GetView()->SetSize(new_size);
1334 }
1335
1336 void RenderViewHostImpl::CopyImageAt(int x, int y) {
1337 Send(new ViewMsg_CopyImageAt(GetRoutingID(), x, y));
1338 }
1339
1340 void RenderViewHostImpl::SaveImageAt(int x, int y) {
1341 Send(new ViewMsg_SaveImageAt(GetRoutingID(), x, y));
1342 }
1343
1344 void RenderViewHostImpl::ExecuteMediaPlayerActionAtLocation(
1345 const gfx::Point& location, const blink::WebMediaPlayerAction& action) {
1346 Send(new ViewMsg_MediaPlayerActionAt(GetRoutingID(), location, action));
1347 }
1348
1349 void RenderViewHostImpl::ExecutePluginActionAtLocation(
1350 const gfx::Point& location, const blink::WebPluginAction& action) {
1351 Send(new ViewMsg_PluginActionAt(GetRoutingID(), location, action));
1352 }
1353
1354 void RenderViewHostImpl::NotifyMoveOrResizeStarted() {
1355 Send(new ViewMsg_MoveOrResizeStarted(GetRoutingID()));
1356 }
1357
1358 void RenderViewHostImpl::OnDidZoomURL(double zoom_level,
1359 const GURL& url) {
1360 HostZoomMapImpl* host_zoom_map =
1361 static_cast<HostZoomMapImpl*>(HostZoomMap::Get(GetSiteInstance()));
1362
1363 host_zoom_map->SetZoomLevelForView(GetProcess()->GetID(),
1364 GetRoutingID(),
1365 zoom_level,
1366 net::GetHostOrSpecFromURL(url));
1367 }
1368
1369 void RenderViewHostImpl::OnPageScaleFactorIsOneChanged(bool is_one) {
1370 if (!GetSiteInstance())
1371 return;
1372 HostZoomMapImpl* host_zoom_map =
1373 static_cast<HostZoomMapImpl*>(HostZoomMap::Get(GetSiteInstance()));
1374 if (!host_zoom_map)
1375 return;
1376 if (!GetProcess())
1377 return;
1378 host_zoom_map->SetPageScaleFactorIsOneForView(GetProcess()->GetID(),
1379 GetRoutingID(), is_one);
1380 }
1381
1382 void RenderViewHostImpl::OnRunFileChooser(const FileChooserParams& params) {
1383 // Do not allow messages with absolute paths in them as this can permit a
1384 // renderer to coerce the browser to perform I/O on a renderer controlled
1385 // path.
1386 if (params.default_file_name != params.default_file_name.BaseName()) {
1387 bad_message::ReceivedBadMessage(GetProcess(),
1388 bad_message::RVH_FILE_CHOOSER_PATH);
1389 return;
1390 }
1391
1392 delegate_->RunFileChooser(this, params);
1393 }
1394
1395 void RenderViewHostImpl::OnFocusedNodeTouched(bool editable) {
1396 #if defined(OS_WIN)
1397 if (editable) {
1398 virtual_keyboard_requested_ = base::win::DisplayVirtualKeyboard();
1399 delegate_->SetIsVirtualKeyboardRequested(true);
1400 } else {
1401 virtual_keyboard_requested_ = false;
1402 delegate_->SetIsVirtualKeyboardRequested(false);
1403 base::win::DismissVirtualKeyboard();
1404 }
1405 #endif
1406 }
1407
1408 bool RenderViewHostImpl::CanAccessFilesOfPageState(
1409 const PageState& state) const {
1410 ChildProcessSecurityPolicyImpl* policy =
1411 ChildProcessSecurityPolicyImpl::GetInstance();
1412
1413 const std::vector<base::FilePath>& file_paths = state.GetReferencedFiles();
1414 for (const auto& file : file_paths) {
1415 if (!policy->CanReadFile(GetProcess()->GetID(), file))
1416 return false;
1417 }
1418 return true;
1419 }
1420
1421 void RenderViewHostImpl::GrantFileAccessFromPageState(const PageState& state) {
1422 ChildProcessSecurityPolicyImpl* policy =
1423 ChildProcessSecurityPolicyImpl::GetInstance();
1424
1425 const std::vector<base::FilePath>& file_paths = state.GetReferencedFiles();
1426 for (const auto& file : file_paths) {
1427 if (!policy->CanReadFile(GetProcess()->GetID(), file))
1428 policy->GrantReadFile(GetProcess()->GetID(), file);
1429 }
1430 }
1431
1432 void RenderViewHostImpl::SelectWordAroundCaret() {
1433 Send(new ViewMsg_SelectWordAroundCaret(GetRoutingID()));
1434 }
1435
1436 } // namespace content