search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Durable Storage: Refactor browser test and test the basic "deny" flow.
[chromium-blink-merge.git] / chrome / renderer / chrome_content_renderer_client.cc
blob5bc5267dedd73d7315aba3a4dfe7d93bb1463b8e
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/renderer/chrome_content_renderer_client.h"
6
7 #include "base/command_line.h"
8 #include "base/debug/crash_logging.h"
9 #include "base/logging.h"
10 #include "base/metrics/field_trial.h"
11 #include "base/metrics/histogram.h"
12 #include "base/metrics/user_metrics_action.h"
13 #include "base/strings/string_number_conversions.h"
14 #include "base/strings/string_util.h"
15 #include "base/strings/utf_string_conversions.h"
16 #include "base/values.h"
17 #include "chrome/common/channel_info.h"
18 #include "chrome/common/chrome_paths.h"
19 #include "chrome/common/chrome_switches.h"
20 #include "chrome/common/crash_keys.h"
21 #include "chrome/common/extensions/extension_metrics.h"
22 #include "chrome/common/localized_error.h"
23 #include "chrome/common/pepper_permission_util.h"
24 #include "chrome/common/render_messages.h"
25 #include "chrome/common/secure_origin_whitelist.h"
26 #include "chrome/common/url_constants.h"
27 #include "chrome/grit/generated_resources.h"
28 #include "chrome/grit/locale_settings.h"
29 #include "chrome/grit/renderer_resources.h"
30 #include "chrome/renderer/banners/app_banner_client.h"
31 #include "chrome/renderer/benchmarking_extension.h"
32 #include "chrome/renderer/chrome_render_frame_observer.h"
33 #include "chrome/renderer/chrome_render_process_observer.h"
34 #include "chrome/renderer/chrome_render_view_observer.h"
35 #include "chrome/renderer/content_settings_observer.h"
36 #include "chrome/renderer/external_extension.h"
37 #include "chrome/renderer/loadtimes_extension_bindings.h"
38 #include "chrome/renderer/media/chrome_key_systems.h"
39 #include "chrome/renderer/net/net_error_helper.h"
40 #include "chrome/renderer/net_benchmarking_extension.h"
41 #include "chrome/renderer/page_load_histograms.h"
42 #include "chrome/renderer/pepper/pepper_helper.h"
43 #include "chrome/renderer/plugins/non_loadable_plugin_placeholder.h"
44 #include "chrome/renderer/plugins/plugin_preroller.h"
45 #include "chrome/renderer/plugins/plugin_uma.h"
46 #include "chrome/renderer/plugins/shadow_dom_plugin_placeholder.h"
47 #include "chrome/renderer/prerender/prerender_dispatcher.h"
48 #include "chrome/renderer/prerender/prerender_helper.h"
49 #include "chrome/renderer/prerender/prerenderer_client.h"
50 #include "chrome/renderer/safe_browsing/malware_dom_details.h"
51 #include "chrome/renderer/safe_browsing/phishing_classifier_delegate.h"
52 #include "chrome/renderer/searchbox/search_bouncer.h"
53 #include "chrome/renderer/searchbox/searchbox.h"
54 #include "chrome/renderer/searchbox/searchbox_extension.h"
55 #include "chrome/renderer/tts_dispatcher.h"
56 #include "chrome/renderer/worker_content_settings_client_proxy.h"
57 #include "components/autofill/content/renderer/autofill_agent.h"
58 #include "components/autofill/content/renderer/password_autofill_agent.h"
59 #include "components/autofill/content/renderer/password_generation_agent.h"
60 #include "components/content_settings/core/common/content_settings_pattern.h"
61 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_headers.h"
62 #include "components/dom_distiller/core/url_constants.h"
63 #include "components/nacl/renderer/ppb_nacl_private.h"
64 #include "components/nacl/renderer/ppb_nacl_private_impl.h"
65 #include "components/network_hints/renderer/prescient_networking_dispatcher.h"
66 #include "components/password_manager/content/renderer/credential_manager_client.h"
67 #include "components/pdf/renderer/pepper_pdf_host.h"
68 #include "components/plugins/renderer/mobile_youtube_plugin.h"
69 #include "components/signin/core/common/profile_management_switches.h"
70 #include "components/version_info/version_info.h"
71 #include "components/visitedlink/renderer/visitedlink_slave.h"
72 #include "components/web_cache/renderer/web_cache_render_process_observer.h"
73 #include "content/public/common/content_constants.h"
74 #include "content/public/renderer/plugin_instance_throttler.h"
75 #include "content/public/renderer/render_frame.h"
76 #include "content/public/renderer/render_thread.h"
77 #include "content/public/renderer/render_view.h"
78 #include "content/public/renderer/render_view_visitor.h"
79 #include "extensions/common/constants.h"
80 #include "ipc/ipc_sync_channel.h"
81 #include "net/base/net_errors.h"
82 #include "ppapi/c/private/ppb_pdf.h"
83 #include "ppapi/shared_impl/ppapi_switches.h"
84 #include "third_party/WebKit/public/platform/WebURL.h"
85 #include "third_party/WebKit/public/platform/WebURLError.h"
86 #include "third_party/WebKit/public/platform/WebURLRequest.h"
87 #include "third_party/WebKit/public/platform/WebURLResponse.h"
88 #include "third_party/WebKit/public/web/WebCache.h"
89 #include "third_party/WebKit/public/web/WebDataSource.h"
90 #include "third_party/WebKit/public/web/WebDocument.h"
91 #include "third_party/WebKit/public/web/WebElement.h"
92 #include "third_party/WebKit/public/web/WebLocalFrame.h"
93 #include "third_party/WebKit/public/web/WebPluginContainer.h"
94 #include "third_party/WebKit/public/web/WebPluginParams.h"
95 #include "third_party/WebKit/public/web/WebPluginPlaceholder.h"
96 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
97 #include "third_party/WebKit/public/web/WebSecurityPolicy.h"
98 #include "ui/base/l10n/l10n_util.h"
99 #include "ui/base/layout.h"
100 #include "ui/base/resource/resource_bundle.h"
101 #include "ui/base/webui/jstemplate_builder.h"
102 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR.
103
104 #if !defined(DISABLE_NACL)
105 #include "components/nacl/common/nacl_constants.h"
106 #include "components/nacl/renderer/nacl_helper.h"
107 #endif
108
109 #if defined(ENABLE_EXTENSIONS)
110 #include "chrome/common/extensions/chrome_extensions_client.h"
111 #include "chrome/common/extensions/extension_process_policy.h"
112 #include "chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h"
113 #include "chrome/renderer/extensions/chrome_extensions_renderer_client.h"
114 #include "chrome/renderer/extensions/renderer_permissions_policy_delegate.h"
115 #include "chrome/renderer/extensions/resource_request_policy.h"
116 #include "chrome/renderer/media/cast_ipc_dispatcher.h"
117 #include "extensions/common/extension.h"
118 #include "extensions/common/extension_set.h"
119 #include "extensions/common/extension_urls.h"
120 #include "extensions/common/switches.h"
121 #include "extensions/renderer/dispatcher.h"
122 #include "extensions/renderer/extension_frame_helper.h"
123 #include "extensions/renderer/extension_helper.h"
124 #include "extensions/renderer/extensions_render_frame_observer.h"
125 #include "extensions/renderer/guest_view/extensions_guest_view_container.h"
126 #include "extensions/renderer/guest_view/extensions_guest_view_container_dispatcher.h"
127 #include "extensions/renderer/guest_view/mime_handler_view/mime_handler_view_container.h"
128 #include "extensions/renderer/renderer_extension_registry.h"
129 #include "extensions/renderer/script_context.h"
130 #endif
131
132 #if defined(ENABLE_IPC_FUZZER)
133 #include "chrome/common/external_ipc_dumper.h"
134 #endif
135
136 #if defined(ENABLE_PLUGINS)
137 #include "chrome/renderer/plugins/chrome_plugin_placeholder.h"
138 #endif
139
140 #if defined(ENABLE_PRINTING)
141 #include "chrome/renderer/printing/chrome_print_web_view_helper_delegate.h"
142 #include "components/printing/renderer/print_web_view_helper.h"
143 #endif
144
145 #if defined(ENABLE_PRINT_PREVIEW)
146 #include "chrome/renderer/pepper/chrome_pdf_print_client.h"
147 #endif
148
149 #if defined(ENABLE_SPELLCHECK)
150 #include "chrome/renderer/spellchecker/spellcheck.h"
151 #include "chrome/renderer/spellchecker/spellcheck_provider.h"
152 #endif
153
154 #if defined(ENABLE_WEBRTC)
155 #include "chrome/renderer/media/webrtc_logging_message_filter.h"
156 #endif
157
158 using autofill::AutofillAgent;
159 using autofill::PasswordAutofillAgent;
160 using autofill::PasswordGenerationAgent;
161 using base::ASCIIToUTF16;
162 using base::UserMetricsAction;
163 using content::PluginInstanceThrottler;
164 using content::RenderFrame;
165 using content::RenderThread;
166 using content::WebPluginInfo;
167 using extensions::Extension;
168 using blink::WebCache;
169 using blink::WebConsoleMessage;
170 using blink::WebDataSource;
171 using blink::WebDocument;
172 using blink::WebLocalFrame;
173 using blink::WebPlugin;
174 using blink::WebPluginParams;
175 using blink::WebSecurityOrigin;
176 using blink::WebSecurityPolicy;
177 using blink::WebString;
178 using blink::WebURL;
179 using blink::WebURLError;
180 using blink::WebURLRequest;
181 using blink::WebURLResponse;
182 using blink::WebVector;
183
184 namespace {
185
186 ChromeContentRendererClient* g_current_client;
187
188 // Whitelist PPAPI for Android Runtime for Chromium. (See crbug.com/383937)
189 #if defined(ENABLE_PLUGINS)
190 const char* const kPredefinedAllowedCameraDeviceOrigins[] = {
191 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F",
192 "4EB74897CB187C7633357C2FE832E0AD6A44883A"
193 };
194
195 const char* const kPredefinedAllowedCompositorOrigins[] = {
196 "6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F",
197 "4EB74897CB187C7633357C2FE832E0AD6A44883A"
198 };
199 #endif
200
201 #if defined(ENABLE_PLUGINS)
202 void AppendParams(const std::vector<base::string16>& additional_names,
203 const std::vector<base::string16>& additional_values,
204 WebVector<WebString>* existing_names,
205 WebVector<WebString>* existing_values) {
206 DCHECK(additional_names.size() == additional_values.size());
207 DCHECK(existing_names->size() == existing_values->size());
208
209 size_t existing_size = existing_names->size();
210 size_t total_size = existing_size + additional_names.size();
211
212 WebVector<WebString> names(total_size);
213 WebVector<WebString> values(total_size);
214
215 for (size_t i = 0; i < existing_size; ++i) {
216 names[i] = (*existing_names)[i];
217 values[i] = (*existing_values)[i];
218 }
219
220 for (size_t i = 0; i < additional_names.size(); ++i) {
221 names[existing_size + i] = additional_names[i];
222 values[existing_size + i] = additional_values[i];
223 }
224
225 existing_names->swap(names);
226 existing_values->swap(values);
227 }
228
229 // For certain sandboxed Pepper plugins, use the JavaScript Content Settings.
230 bool ShouldUseJavaScriptSettingForPlugin(const WebPluginInfo& plugin) {
231 if (plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS &&
232 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) {
233 return false;
234 }
235
236 #if !defined(DISABLE_NACL)
237 // Treat Native Client invocations like JavaScript.
238 if (plugin.name == ASCIIToUTF16(nacl::kNaClPluginName))
239 return true;
240 #endif
241
242 #if defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
243 // Treat CDM invocations like JavaScript.
244 if (plugin.name == ASCIIToUTF16(kWidevineCdmDisplayName)) {
245 DCHECK(plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS);
246 return true;
247 }
248 #endif // defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
249
250 return false;
251 }
252 #endif // defined(ENABLE_PLUGINS)
253
254 #if defined(ENABLE_SPELLCHECK)
255 class SpellCheckReplacer : public content::RenderViewVisitor {
256 public:
257 explicit SpellCheckReplacer(SpellCheck* spellcheck)
258 : spellcheck_(spellcheck) {}
259 bool Visit(content::RenderView* render_view) override;
260
261 private:
262 SpellCheck* spellcheck_; // New shared spellcheck for all views. Weak Ptr.
263 DISALLOW_COPY_AND_ASSIGN(SpellCheckReplacer);
264 };
265
266 bool SpellCheckReplacer::Visit(content::RenderView* render_view) {
267 SpellCheckProvider* provider = SpellCheckProvider::Get(render_view);
268 DCHECK(provider);
269 provider->set_spellcheck(spellcheck_);
270 return true;
271 }
272 #endif
273
274 #if defined(ENABLE_EXTENSIONS)
275 void IsGuestViewApiAvailableToScriptContext(
276 bool* api_is_available,
277 extensions::ScriptContext* context) {
278 if (context->GetAvailability("guestViewInternal").is_available()) {
279 *api_is_available = true;
280 }
281 }
282 #endif
283
284 #if defined(ENABLE_PLUGINS)
285 // Presence of the poster param within plugin object tags.
286 // These numeric values are used in UMA logs; do not change them.
287 enum PosterParamPresence {
288 POSTER_PRESENCE_NO_PARAM_PPS_DISABLED = 0,
289 POSTER_PRESENCE_NO_PARAM_PPS_ENABLED = 1,
290 POSTER_PRESENCE_PARAM_EXISTS_PPS_DISABLED = 2,
291 POSTER_PRESENCE_PARAM_EXISTS_PPS_ENABLED = 3,
292 POSTER_PRESENCE_NUM_ITEMS
293 };
294
295 const char kPluginPowerSaverPosterParamPresenceHistogram[] =
296 "Plugin.PowerSaver.PosterParamPresence";
297
298 void RecordPosterParamPresence(PosterParamPresence presence) {
299 UMA_HISTOGRAM_ENUMERATION(kPluginPowerSaverPosterParamPresenceHistogram,
300 presence, POSTER_PRESENCE_NUM_ITEMS);
301 }
302
303 void TrackPosterParamPresence(const blink::WebPluginParams& params,
304 bool power_saver_enabled) {
305 DCHECK_EQ(params.attributeNames.size(), params.attributeValues.size());
306
307 for (size_t i = 0; i < params.attributeNames.size(); ++i) {
308 if (params.attributeNames[i].utf8() == "poster") {
309 if (power_saver_enabled)
310 RecordPosterParamPresence(POSTER_PRESENCE_PARAM_EXISTS_PPS_ENABLED);
311 else
312 RecordPosterParamPresence(POSTER_PRESENCE_PARAM_EXISTS_PPS_DISABLED);
313
314 return;
315 }
316 }
317
318 if (power_saver_enabled)
319 RecordPosterParamPresence(POSTER_PRESENCE_NO_PARAM_PPS_ENABLED);
320 else
321 RecordPosterParamPresence(POSTER_PRESENCE_NO_PARAM_PPS_DISABLED);
322 }
323
324 std::string GetPluginInstancePosterAttribute(
325 const blink::WebPluginParams& params) {
326 DCHECK_EQ(params.attributeNames.size(), params.attributeValues.size());
327
328 for (size_t i = 0; i < params.attributeNames.size(); ++i) {
329 if (params.attributeNames[i].utf8() == "poster" &&
330 !params.attributeValues[i].isEmpty()) {
331 return params.attributeValues[i].utf8();
332 }
333 }
334 return std::string();
335 }
336 #endif
337
338 #if defined(ENABLE_EXTENSIONS)
339 bool IsStandaloneExtensionProcess() {
340 return base::CommandLine::ForCurrentProcess()->HasSwitch(
341 extensions::switches::kExtensionProcess);
342 }
343 #endif
344
345 // Defers media player loading in background pages until they're visible.
346 // TODO(dalecurtis): Include an idle listener too. http://crbug.com/509135
347 class MediaLoadDeferrer : public content::RenderFrameObserver {
348 public:
349 MediaLoadDeferrer(content::RenderFrame* render_frame,
350 const base::Closure& continue_loading_cb)
351 : content::RenderFrameObserver(render_frame),
352 continue_loading_cb_(continue_loading_cb) {}
353 ~MediaLoadDeferrer() override {}
354
355 private:
356 // content::RenderFrameObserver implementation:
357 void WasShown() override {
358 continue_loading_cb_.Run();
359 delete this;
360 }
361
362 const base::Closure continue_loading_cb_;
363
364 DISALLOW_COPY_AND_ASSIGN(MediaLoadDeferrer);
365 };
366
367 } // namespace
368
369 ChromeContentRendererClient::ChromeContentRendererClient() {
370 g_current_client = this;
371
372 #if defined(ENABLE_EXTENSIONS)
373 extensions::ExtensionsClient::Set(
374 extensions::ChromeExtensionsClient::GetInstance());
375 extensions::ExtensionsRendererClient::Set(
376 ChromeExtensionsRendererClient::GetInstance());
377 #endif
378 #if defined(ENABLE_PLUGINS)
379 for (size_t i = 0; i < arraysize(kPredefinedAllowedCameraDeviceOrigins); ++i)
380 allowed_camera_device_origins_.insert(
381 kPredefinedAllowedCameraDeviceOrigins[i]);
382 for (size_t i = 0; i < arraysize(kPredefinedAllowedCompositorOrigins); ++i)
383 allowed_compositor_origins_.insert(kPredefinedAllowedCompositorOrigins[i]);
384 #endif
385 }
386
387 ChromeContentRendererClient::~ChromeContentRendererClient() {
388 g_current_client = NULL;
389 }
390
391 void ChromeContentRendererClient::RenderThreadStarted() {
392 RenderThread* thread = RenderThread::Get();
393
394 chrome_observer_.reset(new ChromeRenderProcessObserver());
395 web_cache_observer_.reset(new web_cache::WebCacheRenderProcessObserver());
396
397 #if defined(ENABLE_EXTENSIONS)
398 extension_dispatcher_delegate_.reset(
399 new ChromeExtensionsDispatcherDelegate());
400 // ChromeRenderViewTest::SetUp() creates its own ExtensionDispatcher and
401 // injects it using SetExtensionDispatcher(). Don't overwrite it.
402 if (!extension_dispatcher_) {
403 extension_dispatcher_.reset(
404 new extensions::Dispatcher(extension_dispatcher_delegate_.get()));
405 }
406 permissions_policy_delegate_.reset(
407 new extensions::RendererPermissionsPolicyDelegate(
408 extension_dispatcher_.get()));
409 guest_view_container_dispatcher_.reset(
410 new extensions::ExtensionsGuestViewContainerDispatcher());
411 #endif
412
413 prescient_networking_dispatcher_.reset(
414 new network_hints::PrescientNetworkingDispatcher());
415 #if defined(ENABLE_SPELLCHECK)
416 // ChromeRenderViewTest::SetUp() creates a Spellcheck and injects it using
417 // SetSpellcheck(). Don't overwrite it.
418 if (!spellcheck_) {
419 spellcheck_.reset(new SpellCheck());
420 thread->AddObserver(spellcheck_.get());
421 }
422 #endif
423 visited_link_slave_.reset(new visitedlink::VisitedLinkSlave());
424 #if defined(FULL_SAFE_BROWSING)
425 phishing_classifier_.reset(safe_browsing::PhishingClassifierFilter::Create());
426 #endif
427 prerender_dispatcher_.reset(new prerender::PrerenderDispatcher());
428 #if defined(ENABLE_WEBRTC)
429 webrtc_logging_message_filter_ = new WebRtcLoggingMessageFilter(
430 RenderThread::Get()->GetIOMessageLoopProxy());
431 #endif
432
433 thread->AddObserver(chrome_observer_.get());
434 thread->AddObserver(web_cache_observer_.get());
435 #if defined(ENABLE_EXTENSIONS)
436 thread->AddObserver(extension_dispatcher_.get());
437 thread->AddObserver(guest_view_container_dispatcher_.get());
438 #endif
439 #if defined(FULL_SAFE_BROWSING)
440 thread->AddObserver(phishing_classifier_.get());
441 #endif
442 thread->AddObserver(visited_link_slave_.get());
443 thread->AddObserver(prerender_dispatcher_.get());
444 thread->AddObserver(SearchBouncer::GetInstance());
445
446 #if defined(ENABLE_WEBRTC)
447 thread->AddFilter(webrtc_logging_message_filter_.get());
448 #endif
449 #if defined(ENABLE_EXTENSIONS)
450 thread->AddFilter(new CastIPCDispatcher(
451 RenderThread::Get()->GetIOMessageLoopProxy()));
452 #endif
453
454 thread->RegisterExtension(extensions_v8::ExternalExtension::Get());
455 thread->RegisterExtension(extensions_v8::LoadTimesExtension::Get());
456
457 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
458 if (command_line->HasSwitch(switches::kEnableBenchmarking))
459 thread->RegisterExtension(extensions_v8::BenchmarkingExtension::Get());
460 if (command_line->HasSwitch(switches::kEnableNetBenchmarking))
461 thread->RegisterExtension(extensions_v8::NetBenchmarkingExtension::Get());
462 if (command_line->HasSwitch(switches::kInstantProcess))
463 thread->RegisterExtension(extensions_v8::SearchBoxExtension::Get());
464
465 // chrome-search: and chrome-distiller: pages should not be accessible by
466 // normal content, and should also be unable to script anything but themselves
467 // (to help limit the damage that a corrupt page could cause).
468 WebString chrome_search_scheme(ASCIIToUTF16(chrome::kChromeSearchScheme));
469
470 // The Instant process can only display the content but not read it. Other
471 // processes can't display it or read it.
472 if (!command_line->HasSwitch(switches::kInstantProcess))
473 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_search_scheme);
474
475 WebString dom_distiller_scheme(
476 ASCIIToUTF16(dom_distiller::kDomDistillerScheme));
477 // TODO(nyquist): Add test to ensure this happens when the flag is set.
478 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dom_distiller_scheme);
479
480 #if defined(OS_CHROMEOS)
481 WebString external_file_scheme(ASCIIToUTF16(content::kExternalFileScheme));
482 WebSecurityPolicy::registerURLSchemeAsLocal(external_file_scheme);
483 #endif
484
485 #if defined(ENABLE_IPC_FUZZER)
486 if (command_line->HasSwitch(switches::kIpcDumpDirectory)) {
487 base::FilePath dump_directory =
488 command_line->GetSwitchValuePath(switches::kIpcDumpDirectory);
489 IPC::ChannelProxy::OutgoingMessageFilter* filter =
490 LoadExternalIPCDumper(dump_directory);
491 thread->GetChannel()->set_outgoing_message_filter(filter);
492 }
493 #endif
494
495 // chrome-search: pages should not be accessible by bookmarklets
496 // or javascript: URLs typed in the omnibox.
497 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
498 chrome_search_scheme);
499
500 // chrome-search:, chrome-extension:, and chrome-extension-resource:
501 // resources shouldn't trigger insecure content warnings.
502 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_search_scheme);
503
504 WebString extension_scheme(ASCIIToUTF16(extensions::kExtensionScheme));
505 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme);
506
507 WebString extension_resource_scheme(
508 ASCIIToUTF16(extensions::kExtensionResourceScheme));
509 WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme);
510
511 // chrome:, chrome-extension:, chrome-extension-resource: resources should be
512 // allowed to receive CORS requests.
513 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme);
514 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);
515
516 // chrome-extension: resources should bypass Content Security Policy checks
517 // when included in protected resources.
518 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
519 extension_scheme);
520 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
521 extension_resource_scheme);
522
523 #if defined(ENABLE_PRINT_PREVIEW)
524 pdf_print_client_.reset(new ChromePDFPrintClient());
525 pdf::PepperPDFHost::SetPrintClient(pdf_print_client_.get());
526 #endif
527
528 std::set<GURL> origins;
529 GetSecureOriginWhitelist(&origins);
530 for (const GURL& origin : origins) {
531 WebSecurityPolicy::addOriginTrustworthyWhiteList(
532 WebSecurityOrigin::create(origin));
533 }
534 }
535
536 void ChromeContentRendererClient::RenderFrameCreated(
537 content::RenderFrame* render_frame) {
538 new ChromeRenderFrameObserver(render_frame);
539
540 bool should_whitelist_for_content_settings =
541 base::CommandLine::ForCurrentProcess()->HasSwitch(
542 switches::kInstantProcess);
543 extensions::Dispatcher* ext_dispatcher = NULL;
544 #if defined(ENABLE_EXTENSIONS)
545 ext_dispatcher = extension_dispatcher_.get();
546 #endif
547 ContentSettingsObserver* content_settings = new ContentSettingsObserver(
548 render_frame, ext_dispatcher, should_whitelist_for_content_settings);
549 if (chrome_observer_.get()) {
550 content_settings->SetContentSettingRules(
551 chrome_observer_->content_setting_rules());
552 }
553
554 #if defined(ENABLE_EXTENSIONS)
555 new extensions::ExtensionsRenderFrameObserver(render_frame);
556 new extensions::ExtensionFrameHelper(render_frame, ext_dispatcher);
557 ext_dispatcher->OnRenderFrameCreated(render_frame);
558 #endif
559
560 #if defined(ENABLE_PLUGINS)
561 new PepperHelper(render_frame);
562 #endif
563
564 #if !defined(DISABLE_NACL)
565 new nacl::NaClHelper(render_frame);
566 #endif
567
568 // TODO(jam): when the frame tree moves into content and parent() works at
569 // RenderFrame construction, simplify this by just checking parent().
570 if (render_frame->GetRenderView()->GetMainRenderFrame() != render_frame) {
571 // Avoid any race conditions from having the browser tell subframes that
572 // they're prerendering.
573 if (prerender::PrerenderHelper::IsPrerendering(
574 render_frame->GetRenderView()->GetMainRenderFrame())) {
575 new prerender::PrerenderHelper(render_frame);
576 }
577 }
578
579 if (render_frame->GetRenderView()->GetMainRenderFrame() == render_frame) {
580 // Only attach NetErrorHelper to the main frame, since only the main frame
581 // should get error pages.
582 new NetErrorHelper(render_frame);
583 }
584
585 PasswordAutofillAgent* password_autofill_agent =
586 new PasswordAutofillAgent(render_frame);
587 PasswordGenerationAgent* password_generation_agent =
588 new PasswordGenerationAgent(render_frame, password_autofill_agent);
589 new AutofillAgent(render_frame, password_autofill_agent,
590 password_generation_agent);
591 }
592
593 void ChromeContentRendererClient::RenderViewCreated(
594 content::RenderView* render_view) {
595
596 #if defined(ENABLE_EXTENSIONS)
597 new extensions::ExtensionHelper(render_view, extension_dispatcher_.get());
598 #endif
599 new PageLoadHistograms(render_view);
600 #if defined(ENABLE_PRINTING)
601 new printing::PrintWebViewHelper(
602 render_view,
603 scoped_ptr<printing::PrintWebViewHelper::Delegate>(
604 new ChromePrintWebViewHelperDelegate()));
605 #endif
606 #if defined(ENABLE_SPELLCHECK)
607 new SpellCheckProvider(render_view, spellcheck_.get());
608 #endif
609 new prerender::PrerendererClient(render_view);
610 #if defined(FULL_SAFE_BROWSING)
611 safe_browsing::MalwareDOMDetails::Create(render_view);
612 #endif
613
614 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
615 if (command_line->HasSwitch(switches::kInstantProcess))
616 new SearchBox(render_view);
617
618 new ChromeRenderViewObserver(render_view, web_cache_observer_.get());
619
620 new password_manager::CredentialManagerClient(render_view);
621 }
622
623
624 SkBitmap* ChromeContentRendererClient::GetSadPluginBitmap() {
625 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
626 GetImageNamed(IDR_SAD_PLUGIN).ToSkBitmap());
627 }
628
629 SkBitmap* ChromeContentRendererClient::GetSadWebViewBitmap() {
630 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
631 GetImageNamed(IDR_SAD_WEBVIEW).ToSkBitmap());
632 }
633
634 #if defined(ENABLE_EXTENSIONS)
635 const Extension* ChromeContentRendererClient::GetExtensionByOrigin(
636 const WebSecurityOrigin& origin) const {
637 if (!base::EqualsASCII(base::StringPiece16(origin.protocol()),
638 extensions::kExtensionScheme))
639 return NULL;
640
641 const std::string extension_id = origin.host().utf8().data();
642 return extensions::RendererExtensionRegistry::Get()->GetByID(extension_id);
643 }
644 #endif
645
646 scoped_ptr<blink::WebPluginPlaceholder>
647 ChromeContentRendererClient::CreatePluginPlaceholder(
648 content::RenderFrame* render_frame,
649 blink::WebLocalFrame* frame,
650 const blink::WebPluginParams& orig_params) {
651 return CreateShadowDOMPlaceholderForPluginInfo(
652 render_frame, frame, orig_params);
653 }
654
655 bool ChromeContentRendererClient::OverrideCreatePlugin(
656 content::RenderFrame* render_frame,
657 blink::WebLocalFrame* frame,
658 const WebPluginParams& params,
659 WebPlugin** plugin) {
660 std::string orig_mime_type = params.mimeType.utf8();
661 #if defined(ENABLE_EXTENSIONS)
662 if (orig_mime_type == content::kBrowserPluginMimeType) {
663 bool guest_view_api_available = false;
664 extension_dispatcher_->script_context_set().ForEach(
665 render_frame, base::Bind(&IsGuestViewApiAvailableToScriptContext,
666 &guest_view_api_available));
667 if (guest_view_api_available)
668 return false;
669 }
670 #endif
671
672 GURL url(params.url);
673 #if defined(ENABLE_PLUGINS)
674 ChromeViewHostMsg_GetPluginInfo_Output output;
675 render_frame->Send(new ChromeViewHostMsg_GetPluginInfo(
676 render_frame->GetRoutingID(), url, frame->top()->document().url(),
677 orig_mime_type, &output));
678 *plugin = CreatePlugin(render_frame, frame, params, output);
679 #else // !defined(ENABLE_PLUGINS)
680
681 #if defined(OS_ANDROID)
682 if (plugins::MobileYouTubePlugin::IsYouTubeURL(url, orig_mime_type)) {
683 base::StringPiece template_html(
684 ResourceBundle::GetSharedInstance().GetRawDataResource(
685 IDR_MOBILE_YOUTUBE_PLUGIN_HTML));
686 *plugin = (new plugins::MobileYouTubePlugin(render_frame, frame, params,
687 template_html))->plugin();
688 return true;
689 }
690 #endif // defined(OS_ANDROID)
691
692 PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
693 *plugin = NonLoadablePluginPlaceholder::CreateNotSupportedPlugin(
694 render_frame, frame, params)->plugin();
695
696 #endif // defined(ENABLE_PLUGINS)
697 return true;
698 }
699
700 WebPlugin* ChromeContentRendererClient::CreatePluginReplacement(
701 content::RenderFrame* render_frame,
702 const base::FilePath& plugin_path) {
703 return NonLoadablePluginPlaceholder::CreateErrorPlugin(render_frame,
704 plugin_path)->plugin();
705 }
706
707 void ChromeContentRendererClient::DeferMediaLoad(
708 content::RenderFrame* render_frame,
709 bool has_played_media_before,
710 const base::Closure& closure) {
711 // Don't allow autoplay/autoload of media resources in a RenderFrame that is
712 // hidden and has never played any media before. We want to allow future
713 // loads even when hidden to allow playlist-like functionality.
714 //
715 // NOTE: This is also used to defer media loading for prerender.
716 //
717 // TODO(dalecurtis): Include an idle check too. http://crbug.com/509135
718 if (render_frame->IsHidden() && !has_played_media_before) {
719 // Lifetime is tied to |render_frame| via content::RenderFrameObserver.
720 new MediaLoadDeferrer(render_frame, closure);
721 return;
722 }
723
724 closure.Run();
725 }
726
727 #if defined(ENABLE_PLUGINS)
728 WebPlugin* ChromeContentRendererClient::CreatePlugin(
729 content::RenderFrame* render_frame,
730 blink::WebLocalFrame* frame,
731 const WebPluginParams& original_params,
732 const ChromeViewHostMsg_GetPluginInfo_Output& output) {
733 const WebPluginInfo& info = output.plugin;
734 const std::string& actual_mime_type = output.actual_mime_type;
735 const base::string16& group_name = output.group_name;
736 const std::string& identifier = output.group_identifier;
737 ChromeViewHostMsg_GetPluginInfo_Status status = output.status;
738 GURL url(original_params.url);
739 std::string orig_mime_type = original_params.mimeType.utf8();
740 ChromePluginPlaceholder* placeholder = NULL;
741
742 // If the browser plugin is to be enabled, this should be handled by the
743 // renderer, so the code won't reach here due to the early exit in
744 // OverrideCreatePlugin.
745 if (status == ChromeViewHostMsg_GetPluginInfo_Status::kNotFound ||
746 orig_mime_type == content::kBrowserPluginMimeType) {
747 PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
748 placeholder = ChromePluginPlaceholder::CreateLoadableMissingPlugin(
749 render_frame, frame, original_params);
750 } else {
751 // TODO(bauerb): This should be in content/.
752 WebPluginParams params(original_params);
753 for (size_t i = 0; i < info.mime_types.size(); ++i) {
754 if (info.mime_types[i].mime_type == actual_mime_type) {
755 AppendParams(info.mime_types[i].additional_param_names,
756 info.mime_types[i].additional_param_values,
757 &params.attributeNames, &params.attributeValues);
758 break;
759 }
760 }
761 if (params.mimeType.isNull() && (actual_mime_type.size() > 0)) {
762 // Webkit might say that mime type is null while we already know the
763 // actual mime type via ChromeViewHostMsg_GetPluginInfo. In that case
764 // we should use what we know since WebpluginDelegateProxy does some
765 // specific initializations based on this information.
766 params.mimeType = WebString::fromUTF8(actual_mime_type.c_str());
767 }
768
769 ContentSettingsObserver* observer =
770 ContentSettingsObserver::Get(render_frame);
771
772 const ContentSettingsType content_type =
773 ShouldUseJavaScriptSettingForPlugin(info)
774 ? CONTENT_SETTINGS_TYPE_JAVASCRIPT
775 : CONTENT_SETTINGS_TYPE_PLUGINS;
776
777 if ((status == ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized ||
778 status == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked) &&
779 observer->IsPluginTemporarilyAllowed(identifier)) {
780 status = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed;
781 }
782
783 #if defined(OS_WIN)
784 // In Windows we need to check if we can load NPAPI plugins.
785 // For example, if the render view is in the Ash desktop, we should not.
786 // If user is on ALLOW or DETECT setting, loading needs to be blocked here.
787 if ((status == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed ||
788 status ==
789 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent) &&
790 info.type == content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
791 if (observer->AreNPAPIPluginsBlocked())
792 status = ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported;
793 }
794 #endif
795
796 auto create_blocked_plugin =
797 [&render_frame, &frame, &params, &info, &identifier, &group_name](
798 int template_id, const base::string16& message) {
799 return ChromePluginPlaceholder::CreateBlockedPlugin(
800 render_frame, frame, params, info, identifier, group_name,
801 template_id, message, PlaceholderPosterInfo());
802 };
803 switch (status) {
804 case ChromeViewHostMsg_GetPluginInfo_Status::kNotFound: {
805 NOTREACHED();
806 break;
807 }
808 case ChromeViewHostMsg_GetPluginInfo_Status::kAllowed:
809 case ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent: {
810 #if !defined(DISABLE_NACL) && defined(ENABLE_EXTENSIONS)
811 const bool is_nacl_plugin =
812 info.name == ASCIIToUTF16(nacl::kNaClPluginName);
813 const bool is_nacl_mime_type =
814 actual_mime_type == nacl::kNaClPluginMimeType;
815 const bool is_pnacl_mime_type =
816 actual_mime_type == nacl::kPnaclPluginMimeType;
817 if (is_nacl_plugin || is_nacl_mime_type || is_pnacl_mime_type) {
818 bool is_nacl_unrestricted = false;
819 if (is_nacl_mime_type) {
820 is_nacl_unrestricted =
821 base::CommandLine::ForCurrentProcess()->HasSwitch(
822 switches::kEnableNaCl);
823 } else if (is_pnacl_mime_type) {
824 is_nacl_unrestricted = true;
825 }
826 GURL manifest_url;
827 GURL app_url;
828 if (is_nacl_mime_type || is_pnacl_mime_type) {
829 // Normal NaCl/PNaCl embed. The app URL is the page URL.
830 manifest_url = url;
831 app_url = frame->top()->document().url();
832 } else {
833 // NaCl is being invoked as a content handler. Look up the NaCl
834 // module using the MIME type. The app URL is the manifest URL.
835 manifest_url = GetNaClContentHandlerURL(actual_mime_type, info);
836 app_url = manifest_url;
837 }
838 const Extension* extension =
839 extensions::RendererExtensionRegistry::Get()
840 ->GetExtensionOrAppByURL(manifest_url);
841 if (!IsNaClAllowed(manifest_url,
842 app_url,
843 is_nacl_unrestricted,
844 extension,
845 &params)) {
846 WebString error_message;
847 if (is_nacl_mime_type) {
848 error_message =
849 "Only unpacked extensions and apps installed from the Chrome "
850 "Web Store can load NaCl modules without enabling Native "
851 "Client in about:flags.";
852 } else if (is_pnacl_mime_type) {
853 error_message =
854 "Portable Native Client must not be disabled in about:flags.";
855 }
856 frame->addMessageToConsole(
857 WebConsoleMessage(WebConsoleMessage::LevelError,
858 error_message));
859 placeholder = create_blocked_plugin(
860 IDR_BLOCKED_PLUGIN_HTML,
861 #if defined(OS_CHROMEOS)
862 l10n_util::GetStringUTF16(IDS_NACL_PLUGIN_BLOCKED));
863 #else
864 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
865 #endif
866 break;
867 }
868 }
869 #endif // !defined(DISABLE_NACL) && defined(ENABLE_EXTENSIONS)
870
871 // Delay loading plugins if prerendering.
872 // TODO(mmenke): In the case of prerendering, feed into
873 // ChromeContentRendererClient::CreatePlugin instead, to
874 // reduce the chance of future regressions.
875 bool is_prerendering =
876 prerender::PrerenderHelper::IsPrerendering(render_frame);
877 bool power_saver_enabled =
878 status ==
879 ChromeViewHostMsg_GetPluginInfo_Status::kPlayImportantContent;
880 bool blocked_for_background_tab =
881 render_frame->IsHidden() && power_saver_enabled;
882
883 if (info.name == ASCIIToUTF16(content::kFlashPluginName))
884 TrackPosterParamPresence(params, power_saver_enabled);
885
886 PlaceholderPosterInfo poster_info;
887 if (power_saver_enabled) {
888 poster_info.poster_attribute =
889 GetPluginInstancePosterAttribute(params);
890 poster_info.base_url = frame->document().url();
891 }
892
893 if (blocked_for_background_tab || is_prerendering ||
894 !poster_info.poster_attribute.empty()) {
895 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
896 render_frame, frame, params, info, identifier, group_name,
897 poster_info.poster_attribute.empty() ? IDR_BLOCKED_PLUGIN_HTML
898 : IDR_PLUGIN_POSTER_HTML,
899 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name),
900 poster_info);
901 placeholder->set_blocked_for_background_tab(
902 blocked_for_background_tab);
903 placeholder->set_blocked_for_prerendering(is_prerendering);
904 placeholder->set_power_saver_enabled(power_saver_enabled);
905 placeholder->AllowLoading();
906 break;
907 }
908
909 scoped_ptr<content::PluginInstanceThrottler> throttler;
910 if (power_saver_enabled) {
911 throttler = PluginInstanceThrottler::Create();
912 // PluginPreroller manages its own lifetime.
913 new PluginPreroller(
914 render_frame, frame, params, info, identifier, group_name,
915 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name),
916 throttler.get());
917 }
918
919 return render_frame->CreatePlugin(frame, info, params,
920 throttler.Pass());
921 }
922 case ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported: {
923 RenderThread::Get()->RecordAction(
924 UserMetricsAction("Plugin_NPAPINotSupported"));
925 placeholder = create_blocked_plugin(
926 IDR_BLOCKED_PLUGIN_HTML,
927 l10n_util::GetStringUTF16(IDS_PLUGIN_NOT_SUPPORTED_METRO));
928 render_frame->Send(new ChromeViewHostMsg_NPAPINotSupported(
929 render_frame->GetRoutingID(), identifier));
930 break;
931 }
932 case ChromeViewHostMsg_GetPluginInfo_Status::kDisabled: {
933 PluginUMAReporter::GetInstance()->ReportPluginDisabled(orig_mime_type,
934 url);
935 placeholder = create_blocked_plugin(
936 IDR_DISABLED_PLUGIN_HTML,
937 l10n_util::GetStringFUTF16(IDS_PLUGIN_DISABLED, group_name));
938 break;
939 }
940 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked: {
941 #if defined(ENABLE_PLUGIN_INSTALLATION)
942 placeholder = create_blocked_plugin(
943 IDR_BLOCKED_PLUGIN_HTML,
944 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
945 placeholder->AllowLoading();
946 render_frame->Send(new ChromeViewHostMsg_BlockedOutdatedPlugin(
947 render_frame->GetRoutingID(), placeholder->CreateRoutingId(),
948 identifier));
949 #else
950 NOTREACHED();
951 #endif
952 break;
953 }
954 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed: {
955 placeholder = create_blocked_plugin(
956 IDR_BLOCKED_PLUGIN_HTML,
957 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
958 break;
959 }
960 case ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized: {
961 placeholder = create_blocked_plugin(
962 IDR_BLOCKED_PLUGIN_HTML,
963 l10n_util::GetStringFUTF16(IDS_PLUGIN_NOT_AUTHORIZED, group_name));
964 placeholder->AllowLoading();
965 if (info.type != content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
966 render_frame->Send(new ChromeViewHostMsg_BlockedUnauthorizedPlugin(
967 render_frame->GetRoutingID(),
968 group_name,
969 identifier));
970 }
971 observer->DidBlockContentType(content_type, group_name);
972 break;
973 }
974 case ChromeViewHostMsg_GetPluginInfo_Status::kBlocked: {
975 placeholder = create_blocked_plugin(
976 IDR_BLOCKED_PLUGIN_HTML,
977 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
978 placeholder->AllowLoading();
979 RenderThread::Get()->RecordAction(UserMetricsAction("Plugin_Blocked"));
980 observer->DidBlockContentType(content_type, group_name);
981 break;
982 }
983 case ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy: {
984 placeholder = create_blocked_plugin(
985 IDR_BLOCKED_PLUGIN_HTML,
986 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED_BY_POLICY,
987 group_name));
988 RenderThread::Get()->RecordAction(
989 UserMetricsAction("Plugin_BlockedByPolicy"));
990 observer->DidBlockContentType(content_type, group_name);
991 break;
992 }
993 }
994 }
995 placeholder->SetStatus(status);
996 return placeholder->plugin();
997 }
998 #endif // defined(ENABLE_PLUGINS)
999
1000 // For NaCl content handling plugins, the NaCl manifest is stored in an
1001 // additonal 'nacl' param associated with the MIME type.
1002 // static
1003 GURL ChromeContentRendererClient::GetNaClContentHandlerURL(
1004 const std::string& actual_mime_type,
1005 const content::WebPluginInfo& plugin) {
1006 // Look for the manifest URL among the MIME type's additonal parameters.
1007 const char kNaClPluginManifestAttribute[] = "nacl";
1008 base::string16 nacl_attr = ASCIIToUTF16(kNaClPluginManifestAttribute);
1009 for (size_t i = 0; i < plugin.mime_types.size(); ++i) {
1010 if (plugin.mime_types[i].mime_type == actual_mime_type) {
1011 const content::WebPluginMimeType& content_type = plugin.mime_types[i];
1012 for (size_t i = 0; i < content_type.additional_param_names.size(); ++i) {
1013 if (content_type.additional_param_names[i] == nacl_attr)
1014 return GURL(content_type.additional_param_values[i]);
1015 }
1016 break;
1017 }
1018 }
1019 return GURL();
1020 }
1021
1022 #if !defined(DISABLE_NACL)
1023 // static
1024 bool ChromeContentRendererClient::IsNaClAllowed(
1025 const GURL& manifest_url,
1026 const GURL& app_url,
1027 bool is_nacl_unrestricted,
1028 const Extension* extension,
1029 WebPluginParams* params) {
1030 // Temporarily allow these whitelisted apps and WebUIs to use NaCl.
1031 std::string app_url_host = app_url.host();
1032 std::string manifest_url_path = manifest_url.path();
1033
1034 bool is_whitelisted_web_ui =
1035 app_url.spec() == chrome::kChromeUIAppListStartPageURL;
1036
1037 bool is_photo_app =
1038 // Whitelisted apps must be served over https.
1039 app_url.SchemeIsCryptographic() && manifest_url.SchemeIsCryptographic() &&
1040 (base::EndsWith(app_url_host, "plus.google.com",
1041 base::CompareCase::INSENSITIVE_ASCII) ||
1042 base::EndsWith(app_url_host, "plus.sandbox.google.com",
1043 base::CompareCase::INSENSITIVE_ASCII)) &&
1044 manifest_url.DomainIs("ssl.gstatic.com") &&
1045 (manifest_url_path.find("s2/oz/nacl/") == 1 ||
1046 manifest_url_path.find("photos/nacl/") == 1);
1047
1048 std::string manifest_fs_host;
1049 if (manifest_url.SchemeIsFileSystem() && manifest_url.inner_url()) {
1050 manifest_fs_host = manifest_url.inner_url()->host();
1051 }
1052 bool is_hangouts_app =
1053 // Whitelisted apps must be served over secure scheme.
1054 app_url.SchemeIsCryptographic() && manifest_url.SchemeIsFileSystem() &&
1055 manifest_url.inner_url()->SchemeIsCryptographic() &&
1056 (base::EndsWith(app_url_host, "talkgadget.google.com",
1057 base::CompareCase::INSENSITIVE_ASCII) ||
1058 base::EndsWith(app_url_host, "plus.google.com",
1059 base::CompareCase::INSENSITIVE_ASCII) ||
1060 base::EndsWith(app_url_host, "plus.sandbox.google.com",
1061 base::CompareCase::INSENSITIVE_ASCII)) &&
1062 // The manifest must be loaded from the host's FileSystem.
1063 (manifest_fs_host == app_url_host);
1064
1065 bool is_whitelisted_app = is_photo_app || is_hangouts_app;
1066
1067 bool is_invoked_by_webstore_installed_extension = false;
1068 bool is_extension_unrestricted = false;
1069 bool is_extension_force_installed = false;
1070 #if defined(ENABLE_EXTENSIONS)
1071 bool is_extension_from_webstore = extension && extension->from_webstore();
1072
1073 bool is_invoked_by_extension = app_url.SchemeIs("chrome-extension");
1074 bool is_invoked_by_hosted_app = extension &&
1075 extension->is_hosted_app() &&
1076 extension->web_extent().MatchesURL(app_url);
1077
1078 is_invoked_by_webstore_installed_extension = is_extension_from_webstore &&
1079 (is_invoked_by_extension || is_invoked_by_hosted_app);
1080
1081 // Allow built-in extensions and developer mode extensions.
1082 is_extension_unrestricted = extension &&
1083 (extensions::Manifest::IsUnpackedLocation(extension->location()) ||
1084 extensions::Manifest::IsComponentLocation(extension->location()));
1085 // Allow extensions force installed by admin policy.
1086 is_extension_force_installed = extension &&
1087 extensions::Manifest::IsPolicyLocation(extension->location());
1088 #endif // defined(ENABLE_EXTENSIONS)
1089
1090 // Allow NaCl under any of the following circumstances:
1091 // 1) An app or URL is explictly whitelisted above.
1092 // 2) An extension is loaded unpacked or built-in (component) to Chrome.
1093 // 3) An extension is force installed by policy.
1094 // 4) An extension is installed from the webstore, and invoked in that
1095 // context (hosted app URL or chrome-extension:// scheme).
1096 // 5) --enable-nacl is set.
1097 bool is_nacl_allowed_by_location =
1098 is_whitelisted_web_ui ||
1099 is_whitelisted_app ||
1100 is_extension_unrestricted ||
1101 is_extension_force_installed ||
1102 is_invoked_by_webstore_installed_extension;
1103 bool is_nacl_allowed = is_nacl_allowed_by_location || is_nacl_unrestricted;
1104 if (is_nacl_allowed) {
1105 // Make sure that PPAPI 'dev' interfaces are only available for unpacked
1106 // and component extensions. Also allow dev interfaces when --enable-nacl
1107 // is set, but do not allow --enable-nacl to provide dev interfaces to
1108 // webstore installed and other normally allowed URLs.
1109 WebString dev_attribute = WebString::fromUTF8("@dev");
1110 if (is_extension_unrestricted ||
1111 (is_nacl_unrestricted && !is_nacl_allowed_by_location)) {
1112 // Add the special '@dev' attribute.
1113 std::vector<base::string16> param_names;
1114 std::vector<base::string16> param_values;
1115 param_names.push_back(dev_attribute);
1116 param_values.push_back(WebString());
1117 AppendParams(
1118 param_names,
1119 param_values,
1120 &params->attributeNames,
1121 &params->attributeValues);
1122 } else {
1123 // If the params somehow contain '@dev', remove it.
1124 size_t attribute_count = params->attributeNames.size();
1125 for (size_t i = 0; i < attribute_count; ++i) {
1126 if (params->attributeNames[i].equals(dev_attribute))
1127 params->attributeNames[i] = WebString();
1128 }
1129 }
1130 }
1131 return is_nacl_allowed;
1132 }
1133 #endif // defined(DISABLE_NACL)
1134
1135 bool ChromeContentRendererClient::HasErrorPage(int http_status_code,
1136 std::string* error_domain) {
1137 // Use an internal error page, if we have one for the status code.
1138 if (!LocalizedError::HasStrings(LocalizedError::kHttpErrorDomain,
1139 http_status_code)) {
1140 return false;
1141 }
1142
1143 *error_domain = LocalizedError::kHttpErrorDomain;
1144 return true;
1145 }
1146
1147 bool ChromeContentRendererClient::ShouldSuppressErrorPage(
1148 content::RenderFrame* render_frame,
1149 const GURL& url) {
1150 // Unit tests for ChromeContentRendererClient pass a NULL RenderFrame here.
1151 // Unfortunately it's very difficult to construct a mock RenderView, so skip
1152 // this functionality in this case.
1153 if (render_frame) {
1154 content::RenderView* render_view = render_frame->GetRenderView();
1155 content::RenderFrame* main_render_frame = render_view->GetMainRenderFrame();
1156 blink::WebFrame* web_frame = render_frame->GetWebFrame();
1157 NetErrorHelper* net_error_helper = NetErrorHelper::Get(main_render_frame);
1158 if (net_error_helper->ShouldSuppressErrorPage(web_frame, url))
1159 return true;
1160 }
1161 // Do not flash an error page if the Instant new tab page fails to load.
1162 return SearchBouncer::GetInstance()->IsNewTabPage(url);
1163 }
1164
1165 void ChromeContentRendererClient::GetNavigationErrorStrings(
1166 content::RenderView* render_view,
1167 blink::WebFrame* frame,
1168 const blink::WebURLRequest& failed_request,
1169 const blink::WebURLError& error,
1170 std::string* error_html,
1171 base::string16* error_description) {
1172 const GURL failed_url = error.unreachableURL;
1173
1174 bool is_post = base::EqualsASCII(
1175 base::StringPiece16(failed_request.httpMethod()), "POST");
1176
1177 if (error_html) {
1178 // TODO(ellyjones): change GetNavigationErrorStrings to take a RenderFrame
1179 // instead of a RenderView, then pass that in.
1180 // This is safe for now because we only install the NetErrorHelper on the
1181 // main render frame anyway; see the TODO(ellyjones) in
1182 // RenderFrameCreated.
1183 content::RenderFrame* main_render_frame = render_view->GetMainRenderFrame();
1184 NetErrorHelper* helper = NetErrorHelper::Get(main_render_frame);
1185 helper->GetErrorHTML(frame, error, is_post, error_html);
1186 }
1187
1188 if (error_description)
1189 *error_description = LocalizedError::GetErrorDetails(error, is_post);
1190 }
1191
1192 bool ChromeContentRendererClient::RunIdleHandlerWhenWidgetsHidden() {
1193 #if defined(ENABLE_EXTENSIONS)
1194 return !IsStandaloneExtensionProcess();
1195 #else
1196 return true;
1197 #endif
1198 }
1199
1200 bool ChromeContentRendererClient::AllowPopup() {
1201 #if defined(ENABLE_EXTENSIONS)
1202 extensions::ScriptContext* current_context =
1203 extension_dispatcher_->script_context_set().GetCurrent();
1204 if (!current_context || !current_context->extension())
1205 return false;
1206 // See http://crbug.com/117446 for the subtlety of this check.
1207 switch (current_context->context_type()) {
1208 case extensions::Feature::UNSPECIFIED_CONTEXT:
1209 case extensions::Feature::WEB_PAGE_CONTEXT:
1210 case extensions::Feature::UNBLESSED_EXTENSION_CONTEXT:
1211 case extensions::Feature::WEBUI_CONTEXT:
1212 return false;
1213 case extensions::Feature::BLESSED_EXTENSION_CONTEXT:
1214 case extensions::Feature::CONTENT_SCRIPT_CONTEXT:
1215 return true;
1216 case extensions::Feature::BLESSED_WEB_PAGE_CONTEXT:
1217 return !current_context->web_frame()->parent();
1218 }
1219 NOTREACHED();
1220 #endif
1221 return false;
1222 }
1223
1224 bool ChromeContentRendererClient::ShouldFork(blink::WebLocalFrame* frame,
1225 const GURL& url,
1226 const std::string& http_method,
1227 bool is_initial_navigation,
1228 bool is_server_redirect,
1229 bool* send_referrer) {
1230 DCHECK(!frame->parent());
1231
1232 // If this is the Instant process, fork all navigations originating from the
1233 // renderer. The destination page will then be bucketed back to this Instant
1234 // process if it is an Instant url, or to another process if not. Conversely,
1235 // fork if this is a non-Instant process navigating to an Instant url, so that
1236 // such navigations can also be bucketed into an Instant renderer.
1237 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1238 switches::kInstantProcess) ||
1239 SearchBouncer::GetInstance()->ShouldFork(url)) {
1240 *send_referrer = true;
1241 return true;
1242 }
1243
1244 // For now, we skip the rest for POST submissions. This is because
1245 // http://crbug.com/101395 is more likely to cause compatibility issues
1246 // with hosted apps and extensions than WebUI pages. We will remove this
1247 // check when cross-process POST submissions are supported.
1248 if (http_method != "GET")
1249 return false;
1250
1251 // If |url| matches one of the prerendered URLs, stop this navigation and try
1252 // to swap in the prerendered page on the browser process. If the prerendered
1253 // page no longer exists by the time the OpenURL IPC is handled, a normal
1254 // navigation is attempted.
1255 if (prerender_dispatcher_.get() &&
1256 prerender_dispatcher_->IsPrerenderURL(url)) {
1257 *send_referrer = true;
1258 return true;
1259 }
1260
1261 #if defined(ENABLE_EXTENSIONS)
1262 const extensions::RendererExtensionRegistry* extension_registry =
1263 extensions::RendererExtensionRegistry::Get();
1264
1265 // Determine if the new URL is an extension (excluding bookmark apps).
1266 const Extension* new_url_extension = extensions::GetNonBookmarkAppExtension(
1267 *extension_registry->GetMainThreadExtensionSet(), url);
1268 bool is_extension_url = !!new_url_extension;
1269
1270 // If the navigation would cross an app extent boundary, we also need
1271 // to defer to the browser to ensure process isolation. This is not necessary
1272 // for server redirects, which will be transferred to a new process by the
1273 // browser process when they are ready to commit. It is necessary for client
1274 // redirects, which won't be transferred in the same way.
1275 if (!is_server_redirect &&
1276 CrossesExtensionExtents(frame, url, is_extension_url,
1277 is_initial_navigation)) {
1278 // Include the referrer in this case since we're going from a hosted web
1279 // page. (the packaged case is handled previously by the extension
1280 // navigation test)
1281 *send_referrer = true;
1282
1283 const Extension* extension =
1284 extension_registry->GetExtensionOrAppByURL(url);
1285 if (extension && extension->is_app()) {
1286 extensions::RecordAppLaunchType(
1287 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION, extension->GetType());
1288 }
1289 return true;
1290 }
1291
1292 // If this is a reload, check whether it has the wrong process type. We
1293 // should send it to the browser if it's an extension URL (e.g., hosted app)
1294 // in a normal process, or if it's a process for an extension that has been
1295 // uninstalled. Without --site-per-process mode, we never fork processes for
1296 // subframes, so this check only makes sense for top-level frames.
1297 // TODO(alexmos,nasko): Figure out how this check should work when reloading
1298 // subframes in --site-per-process mode.
1299 if (!frame->parent() && frame->document().url() == url) {
1300 if (is_extension_url != IsStandaloneExtensionProcess())
1301 return true;
1302 }
1303 #endif // defined(ENABLE_EXTENSIONS)
1304
1305 return false;
1306 }
1307
1308 bool ChromeContentRendererClient::WillSendRequest(
1309 blink::WebFrame* frame,
1310 ui::PageTransition transition_type,
1311 const GURL& url,
1312 const GURL& first_party_for_cookies,
1313 GURL* new_url) {
1314 // Check whether the request should be allowed. If not allowed, we reset the
1315 // URL to something invalid to prevent the request and cause an error.
1316 #if defined(ENABLE_EXTENSIONS)
1317 if (url.SchemeIs(extensions::kExtensionScheme) &&
1318 !extensions::ResourceRequestPolicy::CanRequestResource(url, frame,
1319 transition_type)) {
1320 *new_url = GURL(chrome::kExtensionInvalidRequestURL);
1321 return true;
1322 }
1323
1324 if (url.SchemeIs(extensions::kExtensionResourceScheme) &&
1325 !extensions::ResourceRequestPolicy::CanRequestExtensionResourceScheme(
1326 url,
1327 frame)) {
1328 *new_url = GURL(chrome::kExtensionResourceInvalidRequestURL);
1329 return true;
1330 }
1331 #endif
1332
1333 const content::RenderView* render_view =
1334 content::RenderView::FromWebView(frame->view());
1335 SearchBox* search_box = SearchBox::Get(render_view);
1336 if (search_box && url.SchemeIs(chrome::kChromeSearchScheme)) {
1337 SearchBox::ImageSourceType type = SearchBox::NONE;
1338 if (url.host() == chrome::kChromeUIFaviconHost)
1339 type = SearchBox::FAVICON;
1340 else if (url.host() == chrome::kChromeUILargeIconHost)
1341 type = SearchBox::LARGE_ICON;
1342 else if (url.host() == chrome::kChromeUIFallbackIconHost)
1343 type = SearchBox::FALLBACK_ICON;
1344 else if (url.host() == chrome::kChromeUIThumbnailHost)
1345 type = SearchBox::THUMB;
1346 if (type != SearchBox::NONE)
1347 return search_box->GenerateImageURLFromTransientURL(url, type, new_url);
1348 }
1349
1350 return false;
1351 }
1352
1353 unsigned long long ChromeContentRendererClient::VisitedLinkHash(
1354 const char* canonical_url, size_t length) {
1355 return visited_link_slave_->ComputeURLFingerprint(canonical_url, length);
1356 }
1357
1358 bool ChromeContentRendererClient::IsLinkVisited(unsigned long long link_hash) {
1359 return visited_link_slave_->IsVisited(link_hash);
1360 }
1361
1362 blink::WebPrescientNetworking*
1363 ChromeContentRendererClient::GetPrescientNetworking() {
1364 return prescient_networking_dispatcher_.get();
1365 }
1366
1367 bool ChromeContentRendererClient::ShouldOverridePageVisibilityState(
1368 const content::RenderFrame* render_frame,
1369 blink::WebPageVisibilityState* override_state) {
1370 if (!prerender::PrerenderHelper::IsPrerendering(render_frame))
1371 return false;
1372
1373 *override_state = blink::WebPageVisibilityStatePrerender;
1374 return true;
1375 }
1376
1377 #if defined(ENABLE_EXTENSIONS)
1378 void ChromeContentRendererClient::SetExtensionDispatcherForTest(
1379 extensions::Dispatcher* extension_dispatcher) {
1380 extension_dispatcher_.reset(extension_dispatcher);
1381 permissions_policy_delegate_.reset(
1382 new extensions::RendererPermissionsPolicyDelegate(
1383 extension_dispatcher_.get()));
1384 RenderThread::Get()->RegisterExtension(
1385 extensions::SafeBuiltins::CreateV8Extension());
1386 }
1387
1388 extensions::Dispatcher*
1389 ChromeContentRendererClient::GetExtensionDispatcherForTest() {
1390 return extension_dispatcher_.get();
1391 }
1392
1393 bool ChromeContentRendererClient::CrossesExtensionExtents(
1394 blink::WebLocalFrame* frame,
1395 const GURL& new_url,
1396 bool is_extension_url,
1397 bool is_initial_navigation) {
1398 DCHECK(!frame->parent());
1399 GURL old_url(frame->document().url());
1400
1401 extensions::RendererExtensionRegistry* extension_registry =
1402 extensions::RendererExtensionRegistry::Get();
1403
1404 // If old_url is still empty and this is an initial navigation, then this is
1405 // a window.open operation. We should look at the opener URL. Note that the
1406 // opener is a local frame in this case.
1407 if (is_initial_navigation && old_url.is_empty() && frame->opener()) {
1408 WebLocalFrame* opener_frame = frame->opener()->toWebLocalFrame();
1409
1410 // If we're about to open a normal web page from a same-origin opener stuck
1411 // in an extension process, we want to keep it in process to allow the
1412 // opener to script it.
1413 WebDocument opener_document = opener_frame->document();
1414 WebSecurityOrigin opener_origin = opener_document.securityOrigin();
1415 bool opener_is_extension_url = !opener_origin.isUnique() &&
1416 extension_registry->GetExtensionOrAppByURL(
1417 opener_document.url()) != NULL;
1418 if (!is_extension_url &&
1419 !opener_is_extension_url &&
1420 IsStandaloneExtensionProcess() &&
1421 opener_origin.canRequest(WebURL(new_url)))
1422 return false;
1423
1424 // In all other cases, we want to compare against the URL that determines
1425 // the type of process. In default Chrome, that's the URL of the opener's
1426 // top frame and not the opener frame itself. In --site-per-process, we
1427 // can use the opener frame itself.
1428 // TODO(nick): Either wire this up to SiteIsolationPolicy, or to state on
1429 // |opener_frame|/its ancestors.
1430 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1431 switches::kSitePerProcess))
1432 old_url = opener_frame->document().url();
1433 else
1434 old_url = opener_frame->top()->document().url();
1435 }
1436
1437 // Only consider keeping non-app URLs in an app process if this window
1438 // has an opener (in which case it might be an OAuth popup that tries to
1439 // script an iframe within the app).
1440 bool should_consider_workaround = !!frame->opener();
1441
1442 return extensions::CrossesExtensionProcessBoundary(
1443 *extension_registry->GetMainThreadExtensionSet(), old_url, new_url,
1444 should_consider_workaround);
1445 }
1446 #endif // defined(ENABLE_EXTENSIONS)
1447
1448 #if defined(ENABLE_SPELLCHECK)
1449 void ChromeContentRendererClient::SetSpellcheck(SpellCheck* spellcheck) {
1450 RenderThread* thread = RenderThread::Get();
1451 if (spellcheck_.get() && thread)
1452 thread->RemoveObserver(spellcheck_.get());
1453 spellcheck_.reset(spellcheck);
1454 SpellCheckReplacer replacer(spellcheck_.get());
1455 content::RenderView::ForEach(&replacer);
1456 if (thread)
1457 thread->AddObserver(spellcheck_.get());
1458 }
1459 #endif
1460
1461 // static
1462 bool ChromeContentRendererClient::WasWebRequestUsedBySomeExtensions() {
1463 #if defined(ENABLE_EXTENSIONS)
1464 return g_current_client->extension_dispatcher_
1465 ->WasWebRequestUsedBySomeExtensions();
1466 #else
1467 return false;
1468 #endif
1469 }
1470
1471 const void* ChromeContentRendererClient::CreatePPAPIInterface(
1472 const std::string& interface_name) {
1473 #if defined(ENABLE_PLUGINS) && !defined(DISABLE_NACL)
1474 if (interface_name == PPB_NACL_PRIVATE_INTERFACE)
1475 return nacl::GetNaClPrivateInterface();
1476 #endif
1477 return NULL;
1478 }
1479
1480 bool ChromeContentRendererClient::IsExternalPepperPlugin(
1481 const std::string& module_name) {
1482 // TODO(bbudge) remove this when the trusted NaCl plugin has been removed.
1483 // We must defer certain plugin events for NaCl instances since we switch
1484 // from the in-process to the out-of-process proxy after instantiating them.
1485 return module_name == "Native Client";
1486 }
1487
1488 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1489 bool ChromeContentRendererClient::IsExtensionOrSharedModuleWhitelisted(
1490 const GURL& url, const std::set<std::string>& whitelist) {
1491 const extensions::ExtensionSet* extension_set =
1492 extensions::RendererExtensionRegistry::Get()->GetMainThreadExtensionSet();
1493 return chrome::IsExtensionOrSharedModuleWhitelisted(url, extension_set,
1494 whitelist);
1495 }
1496 #endif
1497
1498 blink::WebSpeechSynthesizer*
1499 ChromeContentRendererClient::OverrideSpeechSynthesizer(
1500 blink::WebSpeechSynthesizerClient* client) {
1501 return new TtsDispatcher(client);
1502 }
1503
1504 bool ChromeContentRendererClient::AllowPepperMediaStreamAPI(
1505 const GURL& url) {
1506 #if !defined(OS_ANDROID)
1507 // Allow only the Hangouts app to use the MediaStream APIs. It's OK to check
1508 // the whitelist in the renderer, since we're only preventing access until
1509 // these APIs are public and stable.
1510 std::string url_host = url.host();
1511 if (url.SchemeIs("https") &&
1512 (base::EndsWith(url_host, "talkgadget.google.com",
1513 base::CompareCase::INSENSITIVE_ASCII) ||
1514 base::EndsWith(url_host, "plus.google.com",
1515 base::CompareCase::INSENSITIVE_ASCII) ||
1516 base::EndsWith(url_host, "plus.sandbox.google.com",
1517 base::CompareCase::INSENSITIVE_ASCII)) &&
1518 base::StartsWith(url.path(), "/hangouts/",
1519 base::CompareCase::INSENSITIVE_ASCII)) {
1520 return true;
1521 }
1522 // Allow access for tests.
1523 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1524 switches::kEnablePepperTesting)) {
1525 return true;
1526 }
1527 #endif // !defined(OS_ANDROID)
1528 return false;
1529 }
1530
1531 void ChromeContentRendererClient::AddKeySystems(
1532 std::vector<media::KeySystemInfo>* key_systems) {
1533 AddChromeKeySystems(key_systems);
1534 }
1535
1536 bool ChromeContentRendererClient::ShouldReportDetailedMessageForSource(
1537 const base::string16& source) const {
1538 #if defined(ENABLE_EXTENSIONS)
1539 return extensions::IsSourceFromAnExtension(source);
1540 #else
1541 return false;
1542 #endif
1543 }
1544
1545 bool ChromeContentRendererClient::ShouldGatherSiteIsolationStats() const {
1546 // Site isolation stats are gathered currently for non-extension renderer
1547 // processes running a normal web page from the Internet.
1548 // TODO(nick): https://crbug.com/268640 Gather stats for extension processes
1549 // too; we would need to check the extension's manifest to know which sites
1550 // it's allowed to access.
1551 #if defined(ENABLE_EXTENSIONS)
1552 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
1553 return !command_line->HasSwitch(extensions::switches::kExtensionProcess);
1554 #else
1555 return true;
1556 #endif
1557 }
1558
1559 blink::WebWorkerContentSettingsClientProxy*
1560 ChromeContentRendererClient::CreateWorkerContentSettingsClientProxy(
1561 content::RenderFrame* render_frame,
1562 blink::WebFrame* frame) {
1563 return new WorkerContentSettingsClientProxy(render_frame, frame);
1564 }
1565
1566 bool ChromeContentRendererClient::IsPluginAllowedToUseDevChannelAPIs() {
1567 #if defined(ENABLE_PLUGINS)
1568 // Allow access for tests.
1569 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1570 switches::kEnablePepperTesting)) {
1571 return true;
1572 }
1573
1574 version_info::Channel channel = chrome::GetChannel();
1575 // Allow dev channel APIs to be used on "Canary", "Dev", and "Unknown"
1576 // releases of Chrome. Permitting "Unknown" allows these APIs to be used on
1577 // Chromium builds as well.
1578 return channel <= version_info::Channel::DEV;
1579 #else
1580 return false;
1581 #endif
1582 }
1583
1584 bool ChromeContentRendererClient::IsPluginAllowedToUseCameraDeviceAPI(
1585 const GURL& url) {
1586 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1587 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1588 switches::kEnablePepperTesting))
1589 return true;
1590
1591 if (IsExtensionOrSharedModuleWhitelisted(url, allowed_camera_device_origins_))
1592 return true;
1593 #endif
1594
1595 return false;
1596 }
1597
1598 bool ChromeContentRendererClient::IsPluginAllowedToUseCompositorAPI(
1599 const GURL& url) {
1600 #if defined(ENABLE_PLUGINS) && defined(ENABLE_EXTENSIONS)
1601 if (base::CommandLine::ForCurrentProcess()->HasSwitch(
1602 switches::kEnablePepperTesting))
1603 return true;
1604 if (IsExtensionOrSharedModuleWhitelisted(url, allowed_compositor_origins_))
1605 return true;
1606
1607 version_info::Channel channel = chrome::GetChannel();
1608 return channel <= version_info::Channel::DEV;
1609 #else
1610 return false;
1611 #endif
1612 }
1613
1614 content::BrowserPluginDelegate*
1615 ChromeContentRendererClient::CreateBrowserPluginDelegate(
1616 content::RenderFrame* render_frame,
1617 const std::string& mime_type,
1618 const GURL& original_url) {
1619 #if defined(ENABLE_EXTENSIONS)
1620 if (mime_type == content::kBrowserPluginMimeType) {
1621 return new extensions::ExtensionsGuestViewContainer(render_frame);
1622 } else {
1623 return new extensions::MimeHandlerViewContainer(
1624 render_frame, mime_type, original_url);
1625 }
1626 #else
1627 return NULL;
1628 #endif
1629 }
1630
1631 void ChromeContentRendererClient::RecordRappor(const std::string& metric,
1632 const std::string& sample) {
1633 RenderThread::Get()->Send(new ChromeViewHostMsg_RecordRappor(metric, sample));
1634 }
1635
1636 void ChromeContentRendererClient::RecordRapporURL(const std::string& metric,
1637 const GURL& url) {
1638 RenderThread::Get()->Send(new ChromeViewHostMsg_RecordRapporURL(metric, url));
1639 }
1640
1641 scoped_ptr<blink::WebAppBannerClient>
1642 ChromeContentRendererClient::CreateAppBannerClient(
1643 content::RenderFrame* render_frame) {
1644 return scoped_ptr<blink::WebAppBannerClient>(
1645 new AppBannerClient(render_frame));
1646 }
1647
1648 void ChromeContentRendererClient::AddImageContextMenuProperties(
1649 const blink::WebURLResponse& response,
1650 std::map<std::string, std::string>* properties) {
1651 DCHECK(properties);
1652 WebString header_key(ASCIIToUTF16(
1653 data_reduction_proxy::chrome_proxy_header()));
1654 if (!response.httpHeaderField(header_key).isNull() &&
1655 response.httpHeaderField(header_key).utf8().find(
1656 data_reduction_proxy::chrome_proxy_lo_fi_directive()) !=
1657 std::string::npos) {
1658 (*properties)[data_reduction_proxy::chrome_proxy_header()] =
1659 data_reduction_proxy::chrome_proxy_lo_fi_directive();
1660 }
1661 }
1662
1663 void
1664 ChromeContentRendererClient::DidInitializeServiceWorkerContextOnWorkerThread(
1665 v8::Local<v8::Context> context,
1666 const GURL& url) {
1667 #if defined(ENABLE_EXTENSIONS)
1668 extensions::Dispatcher::DidInitializeServiceWorkerContextOnWorkerThread(
1669 context, url);
1670 #endif
1671 }