search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
GoogleURLTrackerInfoBarDelegate: Initialize uninitialized member in constructor.
[chromium-blink-merge.git] / chrome / renderer / chrome_content_renderer_client.cc
blobd625a2583bd108389e51bac66c369dcf4d742868
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/renderer/chrome_content_renderer_client.h"
6
7 #include "base/command_line.h"
8 #include "base/debug/crash_logging.h"
9 #include "base/logging.h"
10 #include "base/metrics/histogram.h"
11 #include "base/metrics/user_metrics_action.h"
12 #include "base/path_service.h"
13 #include "base/strings/string_number_conversions.h"
14 #include "base/strings/string_util.h"
15 #include "base/strings/utf_string_conversions.h"
16 #include "base/values.h"
17 #include "chrome/common/chrome_content_client.h"
18 #include "chrome/common/chrome_paths.h"
19 #include "chrome/common/chrome_switches.h"
20 #include "chrome/common/content_settings_pattern.h"
21 #include "chrome/common/crash_keys.h"
22 #include "chrome/common/extensions/chrome_extensions_client.h"
23 #include "chrome/common/extensions/extension_constants.h"
24 #include "chrome/common/extensions/extension_process_policy.h"
25 #include "chrome/common/localized_error.h"
26 #include "chrome/common/pepper_permission_util.h"
27 #include "chrome/common/render_messages.h"
28 #include "chrome/common/url_constants.h"
29 #include "chrome/renderer/benchmarking_extension.h"
30 #include "chrome/renderer/chrome_render_frame_observer.h"
31 #include "chrome/renderer/chrome_render_process_observer.h"
32 #include "chrome/renderer/chrome_render_view_observer.h"
33 #include "chrome/renderer/content_settings_observer.h"
34 #include "chrome/renderer/extensions/chrome_extension_helper.h"
35 #include "chrome/renderer/extensions/chrome_extensions_dispatcher_delegate.h"
36 #include "chrome/renderer/extensions/chrome_extensions_renderer_client.h"
37 #include "chrome/renderer/extensions/extension_frame_helper.h"
38 #include "chrome/renderer/extensions/renderer_permissions_policy_delegate.h"
39 #include "chrome/renderer/extensions/resource_request_policy.h"
40 #include "chrome/renderer/external_extension.h"
41 #include "chrome/renderer/loadtimes_extension_bindings.h"
42 #include "chrome/renderer/media/cast_ipc_dispatcher.h"
43 #include "chrome/renderer/media/chrome_key_systems.h"
44 #include "chrome/renderer/net/net_error_helper.h"
45 #include "chrome/renderer/net/prescient_networking_dispatcher.h"
46 #include "chrome/renderer/net/renderer_net_predictor.h"
47 #include "chrome/renderer/net_benchmarking_extension.h"
48 #include "chrome/renderer/page_load_histograms.h"
49 #include "chrome/renderer/pepper/pepper_helper.h"
50 #include "chrome/renderer/pepper/ppb_pdf_impl.h"
51 #include "chrome/renderer/playback_extension.h"
52 #include "chrome/renderer/plugins/chrome_plugin_placeholder.h"
53 #include "chrome/renderer/plugins/plugin_uma.h"
54 #include "chrome/renderer/prerender/prerender_dispatcher.h"
55 #include "chrome/renderer/prerender/prerender_helper.h"
56 #include "chrome/renderer/prerender/prerender_media_load_deferrer.h"
57 #include "chrome/renderer/prerender/prerenderer_client.h"
58 #include "chrome/renderer/principals_extension_bindings.h"
59 #include "chrome/renderer/printing/print_web_view_helper.h"
60 #include "chrome/renderer/safe_browsing/malware_dom_details.h"
61 #include "chrome/renderer/safe_browsing/phishing_classifier_delegate.h"
62 #include "chrome/renderer/searchbox/search_bouncer.h"
63 #include "chrome/renderer/searchbox/searchbox.h"
64 #include "chrome/renderer/searchbox/searchbox_extension.h"
65 #include "chrome/renderer/tts_dispatcher.h"
66 #include "chrome/renderer/worker_permission_client_proxy.h"
67 #include "components/autofill/content/renderer/autofill_agent.h"
68 #include "components/autofill/content/renderer/password_autofill_agent.h"
69 #include "components/autofill/content/renderer/password_generation_agent.h"
70 #include "components/nacl/renderer/ppb_nacl_private_impl.h"
71 #include "components/plugins/renderer/mobile_youtube_plugin.h"
72 #include "components/signin/core/common/profile_management_switches.h"
73 #include "components/visitedlink/renderer/visitedlink_slave.h"
74 #include "content/public/common/content_constants.h"
75 #include "content/public/renderer/render_frame.h"
76 #include "content/public/renderer/render_thread.h"
77 #include "content/public/renderer/render_view.h"
78 #include "content/public/renderer/render_view_visitor.h"
79 #include "extensions/common/constants.h"
80 #include "extensions/common/extension.h"
81 #include "extensions/common/extension_set.h"
82 #include "extensions/common/extension_urls.h"
83 #include "extensions/common/switches.h"
84 #include "extensions/renderer/dispatcher.h"
85 #include "extensions/renderer/extension_helper.h"
86 #include "extensions/renderer/script_context.h"
87 #include "grit/generated_resources.h"
88 #include "grit/locale_settings.h"
89 #include "grit/renderer_resources.h"
90 #include "ipc/ipc_sync_channel.h"
91 #include "net/base/net_errors.h"
92 #include "ppapi/c/private/ppb_nacl_private.h"
93 #include "ppapi/c/private/ppb_pdf.h"
94 #include "ppapi/shared_impl/ppapi_switches.h"
95 #include "third_party/WebKit/public/platform/WebURL.h"
96 #include "third_party/WebKit/public/platform/WebURLError.h"
97 #include "third_party/WebKit/public/platform/WebURLRequest.h"
98 #include "third_party/WebKit/public/web/WebCache.h"
99 #include "third_party/WebKit/public/web/WebDataSource.h"
100 #include "third_party/WebKit/public/web/WebDocument.h"
101 #include "third_party/WebKit/public/web/WebElement.h"
102 #include "third_party/WebKit/public/web/WebLocalFrame.h"
103 #include "third_party/WebKit/public/web/WebPluginContainer.h"
104 #include "third_party/WebKit/public/web/WebPluginParams.h"
105 #include "third_party/WebKit/public/web/WebSecurityOrigin.h"
106 #include "third_party/WebKit/public/web/WebSecurityPolicy.h"
107 #include "ui/base/l10n/l10n_util.h"
108 #include "ui/base/layout.h"
109 #include "ui/base/resource/resource_bundle.h"
110 #include "ui/base/webui/jstemplate_builder.h"
111 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR.
112
113 #if !defined(DISABLE_NACL)
114 #include "components/nacl/renderer/nacl_helper.h"
115 #endif
116
117 #if defined(ENABLE_WEBRTC)
118 #include "chrome/renderer/media/webrtc_logging_message_filter.h"
119 #endif
120
121 #if defined(ENABLE_SPELLCHECK)
122 #include "chrome/renderer/spellchecker/spellcheck.h"
123 #include "chrome/renderer/spellchecker/spellcheck_provider.h"
124 #endif
125
126 #if defined(OS_WIN)
127 #include "chrome_elf/blacklist/blacklist.h"
128 #endif // OS_WIN
129
130 using autofill::AutofillAgent;
131 using autofill::PasswordAutofillAgent;
132 using autofill::PasswordGenerationAgent;
133 using base::ASCIIToUTF16;
134 using base::UserMetricsAction;
135 using content::RenderThread;
136 using content::WebPluginInfo;
137 using extensions::Extension;
138 using blink::WebCache;
139 using blink::WebConsoleMessage;
140 using blink::WebDataSource;
141 using blink::WebDocument;
142 using blink::WebFrame;
143 using blink::WebLocalFrame;
144 using blink::WebPlugin;
145 using blink::WebPluginParams;
146 using blink::WebSecurityOrigin;
147 using blink::WebSecurityPolicy;
148 using blink::WebString;
149 using blink::WebURL;
150 using blink::WebURLError;
151 using blink::WebURLRequest;
152 using blink::WebURLResponse;
153 using blink::WebVector;
154
155 namespace {
156
157 const char kWebViewTagName[] = "WEBVIEW";
158 const char kAdViewTagName[] = "ADVIEW";
159
160 ChromeContentRendererClient* g_current_client;
161
162 static void AppendParams(const std::vector<base::string16>& additional_names,
163 const std::vector<base::string16>& additional_values,
164 WebVector<WebString>* existing_names,
165 WebVector<WebString>* existing_values) {
166 DCHECK(additional_names.size() == additional_values.size());
167 DCHECK(existing_names->size() == existing_values->size());
168
169 size_t existing_size = existing_names->size();
170 size_t total_size = existing_size + additional_names.size();
171
172 WebVector<WebString> names(total_size);
173 WebVector<WebString> values(total_size);
174
175 for (size_t i = 0; i < existing_size; ++i) {
176 names[i] = (*existing_names)[i];
177 values[i] = (*existing_values)[i];
178 }
179
180 for (size_t i = 0; i < additional_names.size(); ++i) {
181 names[existing_size + i] = additional_names[i];
182 values[existing_size + i] = additional_values[i];
183 }
184
185 existing_names->swap(names);
186 existing_values->swap(values);
187 }
188
189 #if defined(ENABLE_SPELLCHECK)
190 class SpellCheckReplacer : public content::RenderViewVisitor {
191 public:
192 explicit SpellCheckReplacer(SpellCheck* spellcheck)
193 : spellcheck_(spellcheck) {}
194 virtual bool Visit(content::RenderView* render_view) OVERRIDE;
195
196 private:
197 SpellCheck* spellcheck_; // New shared spellcheck for all views. Weak Ptr.
198 DISALLOW_COPY_AND_ASSIGN(SpellCheckReplacer);
199 };
200
201 bool SpellCheckReplacer::Visit(content::RenderView* render_view) {
202 SpellCheckProvider* provider = SpellCheckProvider::Get(render_view);
203 DCHECK(provider);
204 provider->set_spellcheck(spellcheck_);
205 return true;
206 }
207 #endif
208
209 // For certain sandboxed Pepper plugins, use the JavaScript Content Settings.
210 bool ShouldUseJavaScriptSettingForPlugin(const WebPluginInfo& plugin) {
211 if (plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_IN_PROCESS &&
212 plugin.type != WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS) {
213 return false;
214 }
215
216 // Treat Native Client invocations like JavaScript.
217 if (plugin.name == ASCIIToUTF16(ChromeContentClient::kNaClPluginName))
218 return true;
219
220 #if defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
221 // Treat CDM invocations like JavaScript.
222 if (plugin.name == ASCIIToUTF16(kWidevineCdmDisplayName)) {
223 DCHECK(plugin.type == WebPluginInfo::PLUGIN_TYPE_PEPPER_OUT_OF_PROCESS);
224 return true;
225 }
226 #endif // defined(WIDEVINE_CDM_AVAILABLE) && defined(ENABLE_PEPPER_CDMS)
227
228 return false;
229 }
230
231 } // namespace
232
233 ChromeContentRendererClient::ChromeContentRendererClient() {
234 g_current_client = this;
235
236 extensions::ExtensionsClient::Set(
237 extensions::ChromeExtensionsClient::GetInstance());
238 extensions::ExtensionsRendererClient::Set(
239 ChromeExtensionsRendererClient::GetInstance());
240 }
241
242 ChromeContentRendererClient::~ChromeContentRendererClient() {
243 g_current_client = NULL;
244 }
245
246 void ChromeContentRendererClient::RenderThreadStarted() {
247 RenderThread* thread = RenderThread::Get();
248
249 chrome_observer_.reset(new ChromeRenderProcessObserver(this));
250
251 extension_dispatcher_delegate_.reset(
252 new ChromeExtensionsDispatcherDelegate());
253 // ChromeRenderViewTest::SetUp() creates its own ExtensionDispatcher and
254 // injects it using SetExtensionDispatcher(). Don't overwrite it.
255 if (!extension_dispatcher_) {
256 extension_dispatcher_.reset(
257 new extensions::Dispatcher(extension_dispatcher_delegate_.get()));
258 }
259 permissions_policy_delegate_.reset(
260 new extensions::RendererPermissionsPolicyDelegate(
261 extension_dispatcher_.get()));
262 prescient_networking_dispatcher_.reset(new PrescientNetworkingDispatcher());
263 net_predictor_.reset(new RendererNetPredictor());
264 #if defined(ENABLE_SPELLCHECK)
265 // ChromeRenderViewTest::SetUp() creates a Spellcheck and injects it using
266 // SetSpellcheck(). Don't overwrite it.
267 if (!spellcheck_) {
268 spellcheck_.reset(new SpellCheck());
269 thread->AddObserver(spellcheck_.get());
270 }
271 #endif
272 visited_link_slave_.reset(new visitedlink::VisitedLinkSlave());
273 #if defined(FULL_SAFE_BROWSING)
274 phishing_classifier_.reset(safe_browsing::PhishingClassifierFilter::Create());
275 #endif
276 prerender_dispatcher_.reset(new prerender::PrerenderDispatcher());
277 #if defined(ENABLE_WEBRTC)
278 webrtc_logging_message_filter_ = new WebRtcLoggingMessageFilter(
279 content::RenderThread::Get()->GetIOMessageLoopProxy());
280 #endif
281 search_bouncer_.reset(new SearchBouncer());
282
283 thread->AddObserver(chrome_observer_.get());
284 thread->AddObserver(extension_dispatcher_.get());
285 #if defined(FULL_SAFE_BROWSING)
286 thread->AddObserver(phishing_classifier_.get());
287 #endif
288 thread->AddObserver(visited_link_slave_.get());
289 thread->AddObserver(prerender_dispatcher_.get());
290 thread->AddObserver(search_bouncer_.get());
291
292 #if defined(ENABLE_WEBRTC)
293 thread->AddFilter(webrtc_logging_message_filter_.get());
294 #endif
295 thread->AddFilter(new CastIPCDispatcher(
296 content::RenderThread::Get()->GetIOMessageLoopProxy()));
297
298 thread->RegisterExtension(extensions_v8::ExternalExtension::Get());
299 thread->RegisterExtension(extensions_v8::LoadTimesExtension::Get());
300
301 CommandLine* command_line = CommandLine::ForCurrentProcess();
302 if (command_line->HasSwitch(switches::kEnableBenchmarking))
303 thread->RegisterExtension(extensions_v8::BenchmarkingExtension::Get());
304 if (command_line->HasSwitch(switches::kEnableNetBenchmarking))
305 thread->RegisterExtension(extensions_v8::NetBenchmarkingExtension::Get());
306 if (command_line->HasSwitch(switches::kInstantProcess))
307 thread->RegisterExtension(extensions_v8::SearchBoxExtension::Get());
308
309 if (command_line->HasSwitch(switches::kPlaybackMode) ||
310 command_line->HasSwitch(switches::kRecordMode)) {
311 thread->RegisterExtension(extensions_v8::PlaybackExtension::Get());
312 }
313
314 // TODO(guohui): needs to forward the new-profile-management switch to
315 // renderer processes.
316 if (switches::IsNewProfileManagement())
317 thread->RegisterExtension(extensions_v8::PrincipalsExtension::Get());
318
319 // chrome:, chrome-search:, chrome-devtools:, and chrome-distiller: pages
320 // should not be accessible by normal content, and should also be unable to
321 // script anything but themselves (to help limit the damage that a corrupt
322 // page could cause).
323 WebString chrome_ui_scheme(ASCIIToUTF16(content::kChromeUIScheme));
324 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_ui_scheme);
325
326 WebString chrome_search_scheme(ASCIIToUTF16(chrome::kChromeSearchScheme));
327 // The Instant process can only display the content but not read it. Other
328 // processes can't display it or read it.
329 if (!command_line->HasSwitch(switches::kInstantProcess))
330 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(chrome_search_scheme);
331
332 WebString dev_tools_scheme(ASCIIToUTF16(content::kChromeDevToolsScheme));
333 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dev_tools_scheme);
334
335 WebString dom_distiller_scheme(ASCIIToUTF16(chrome::kDomDistillerScheme));
336 // TODO(nyquist): Add test to ensure this happens when the flag is set.
337 WebSecurityPolicy::registerURLSchemeAsDisplayIsolated(dom_distiller_scheme);
338
339 #if defined(OS_CHROMEOS)
340 WebString drive_scheme(ASCIIToUTF16(chrome::kDriveScheme));
341 WebSecurityPolicy::registerURLSchemeAsLocal(drive_scheme);
342 #endif
343
344 // chrome: and chrome-search: pages should not be accessible by bookmarklets
345 // or javascript: URLs typed in the omnibox.
346 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
347 chrome_ui_scheme);
348 WebSecurityPolicy::registerURLSchemeAsNotAllowingJavascriptURLs(
349 chrome_search_scheme);
350
351 // chrome:, chrome-search:, and chrome-extension: resources shouldn't trigger
352 // insecure content warnings.
353 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme);
354 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_search_scheme);
355
356 WebString extension_scheme(ASCIIToUTF16(extensions::kExtensionScheme));
357 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme);
358
359 // chrome-extension: resources should be allowed to receive CORS requests.
360 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme);
361
362 WebString extension_resource_scheme(
363 ASCIIToUTF16(extensions::kExtensionResourceScheme));
364 WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme);
365
366 // chrome-extension-resource: resources should be allowed to receive CORS
367 // requests.
368 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme);
369
370 // chrome-extension: resources should bypass Content Security Policy checks
371 // when included in protected resources.
372 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
373 extension_scheme);
374 WebSecurityPolicy::registerURLSchemeAsBypassingContentSecurityPolicy(
375 extension_resource_scheme);
376
377 #if defined(OS_WIN)
378 // Report if the renderer process has been patched by chrome_elf.
379 // TODO(csharp): Remove once the renderer is no longer getting
380 // patched this way.
381 if (blacklist::IsBlacklistInitialized())
382 UMA_HISTOGRAM_BOOLEAN("Blacklist.PatchedInRenderer", true);
383 #endif
384 }
385
386 void ChromeContentRendererClient::RenderFrameCreated(
387 content::RenderFrame* render_frame) {
388 new ChromeRenderFrameObserver(render_frame);
389
390 ContentSettingsObserver* content_settings =
391 new ContentSettingsObserver(render_frame, extension_dispatcher_.get());
392 if (chrome_observer_.get()) {
393 content_settings->SetContentSettingRules(
394 chrome_observer_->content_setting_rules());
395 }
396
397 new extensions::ExtensionFrameHelper(render_frame,
398 extension_dispatcher_.get());
399
400 #if defined(ENABLE_PLUGINS)
401 new PepperHelper(render_frame);
402 #endif
403
404 #if !defined(DISABLE_NACL)
405 new nacl::NaClHelper(render_frame);
406 #endif
407
408 // TODO(jam): when the frame tree moves into content and parent() works at
409 // RenderFrame construction, simplify this by just checking parent().
410 if (render_frame->GetRenderView()->GetMainRenderFrame() != render_frame) {
411 // Avoid any race conditions from having the browser tell subframes that
412 // they're prerendering.
413 if (prerender::PrerenderHelper::IsPrerendering(
414 render_frame->GetRenderView()->GetMainRenderFrame())) {
415 new prerender::PrerenderHelper(render_frame);
416 }
417 }
418
419 if (render_frame->GetRenderView()->GetMainRenderFrame() == render_frame) {
420 // Only attach NetErrorHelper to the main frame, since only the main frame
421 // should get error pages.
422 new NetErrorHelper(render_frame);
423 }
424 }
425
426 void ChromeContentRendererClient::RenderViewCreated(
427 content::RenderView* render_view) {
428 new extensions::ExtensionHelper(render_view, extension_dispatcher_.get());
429 new extensions::ChromeExtensionHelper(render_view);
430 new PageLoadHistograms(render_view);
431 #if defined(ENABLE_PRINTING)
432 new printing::PrintWebViewHelper(render_view);
433 #endif
434 #if defined(ENABLE_SPELLCHECK)
435 new SpellCheckProvider(render_view, spellcheck_.get());
436 #endif
437 new prerender::PrerendererClient(render_view);
438 #if defined(FULL_SAFE_BROWSING)
439 safe_browsing::MalwareDOMDetails::Create(render_view);
440 #endif
441
442 PasswordGenerationAgent* password_generation_agent =
443 new PasswordGenerationAgent(render_view);
444 PasswordAutofillAgent* password_autofill_agent =
445 new PasswordAutofillAgent(render_view);
446 new AutofillAgent(render_view,
447 password_autofill_agent,
448 password_generation_agent);
449
450 CommandLine* command_line = CommandLine::ForCurrentProcess();
451 if (command_line->HasSwitch(switches::kInstantProcess))
452 new SearchBox(render_view);
453
454 new ChromeRenderViewObserver(render_view, chrome_observer_.get());
455 }
456
457 void ChromeContentRendererClient::SetNumberOfViews(int number_of_views) {
458 base::debug::SetCrashKeyValue(crash_keys::kNumberOfViews,
459 base::IntToString(number_of_views));
460 }
461
462 SkBitmap* ChromeContentRendererClient::GetSadPluginBitmap() {
463 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
464 GetImageNamed(IDR_SAD_PLUGIN).ToSkBitmap());
465 }
466
467 SkBitmap* ChromeContentRendererClient::GetSadWebViewBitmap() {
468 return const_cast<SkBitmap*>(ResourceBundle::GetSharedInstance().
469 GetImageNamed(IDR_SAD_WEBVIEW).ToSkBitmap());
470 }
471
472 std::string ChromeContentRendererClient::GetDefaultEncoding() {
473 return l10n_util::GetStringUTF8(IDS_DEFAULT_ENCODING);
474 }
475
476 const Extension* ChromeContentRendererClient::GetExtensionByOrigin(
477 const WebSecurityOrigin& origin) const {
478 if (!EqualsASCII(origin.protocol(), extensions::kExtensionScheme))
479 return NULL;
480
481 const std::string extension_id = origin.host().utf8().data();
482 return extension_dispatcher_->extensions()->GetByID(extension_id);
483 }
484
485 bool ChromeContentRendererClient::OverrideCreatePlugin(
486 content::RenderFrame* render_frame,
487 WebLocalFrame* frame,
488 const WebPluginParams& params,
489 WebPlugin** plugin) {
490 std::string orig_mime_type = params.mimeType.utf8();
491 if (orig_mime_type == content::kBrowserPluginMimeType) {
492 WebDocument document = frame->document();
493 const Extension* extension =
494 GetExtensionByOrigin(document.securityOrigin());
495 if (extension) {
496 const extensions::APIPermission::ID perms[] = {
497 extensions::APIPermission::kWebView,
498 extensions::APIPermission::kAdView
499 };
500 for (size_t i = 0; i < arraysize(perms); ++i) {
501 if (extension->HasAPIPermission(perms[i]))
502 return false;
503 }
504 }
505 }
506
507 ChromeViewHostMsg_GetPluginInfo_Output output;
508 #if defined(ENABLE_PLUGINS)
509 render_frame->Send(new ChromeViewHostMsg_GetPluginInfo(
510 render_frame->GetRoutingID(), GURL(params.url),
511 frame->top()->document().url(), orig_mime_type, &output));
512
513 if (output.plugin.type == content::WebPluginInfo::PLUGIN_TYPE_BROWSER_PLUGIN)
514 return false;
515 #else
516 output.status.value = ChromeViewHostMsg_GetPluginInfo_Status::kNotFound;
517 #endif
518 *plugin = CreatePlugin(render_frame, frame, params, output);
519 return true;
520 }
521
522 WebPlugin* ChromeContentRendererClient::CreatePluginReplacement(
523 content::RenderFrame* render_frame,
524 const base::FilePath& plugin_path) {
525 ChromePluginPlaceholder* placeholder =
526 ChromePluginPlaceholder::CreateErrorPlugin(render_frame, plugin_path);
527 return placeholder->plugin();
528 }
529
530 void ChromeContentRendererClient::DeferMediaLoad(
531 content::RenderFrame* render_frame,
532 const base::Closure& closure) {
533 #if defined(OS_ANDROID)
534 // Chromium for Android doesn't support prerender yet.
535 closure.Run();
536 return;
537 #else
538 if (!prerender::PrerenderHelper::IsPrerendering(render_frame)) {
539 closure.Run();
540 return;
541 }
542
543 // Lifetime is tied to |render_frame| via content::RenderFrameObserver.
544 new prerender::PrerenderMediaLoadDeferrer(render_frame, closure);
545 #endif
546 }
547
548 WebPlugin* ChromeContentRendererClient::CreatePlugin(
549 content::RenderFrame* render_frame,
550 WebLocalFrame* frame,
551 const WebPluginParams& original_params,
552 const ChromeViewHostMsg_GetPluginInfo_Output& output) {
553 const ChromeViewHostMsg_GetPluginInfo_Status& status = output.status;
554 const WebPluginInfo& plugin = output.plugin;
555 const std::string& actual_mime_type = output.actual_mime_type;
556 const base::string16& group_name = output.group_name;
557 const std::string& identifier = output.group_identifier;
558 ChromeViewHostMsg_GetPluginInfo_Status::Value status_value = status.value;
559 GURL url(original_params.url);
560 std::string orig_mime_type = original_params.mimeType.utf8();
561 ChromePluginPlaceholder* placeholder = NULL;
562
563 // If the browser plugin is to be enabled, this should be handled by the
564 // renderer, so the code won't reach here due to the early exit in
565 // OverrideCreatePlugin.
566 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kNotFound ||
567 orig_mime_type == content::kBrowserPluginMimeType) {
568 #if defined(OS_ANDROID)
569 if (plugins::MobileYouTubePlugin::IsYouTubeURL(url, orig_mime_type)) {
570 base::StringPiece template_html(
571 ResourceBundle::GetSharedInstance().GetRawDataResource(
572 IDR_MOBILE_YOUTUBE_PLUGIN_HTML));
573 return (new plugins::MobileYouTubePlugin(
574 render_frame,
575 frame,
576 original_params,
577 template_html,
578 GURL(ChromePluginPlaceholder::kPluginPlaceholderDataURL)))
579 ->plugin();
580 }
581 #endif
582 PluginUMAReporter::GetInstance()->ReportPluginMissing(orig_mime_type, url);
583 placeholder = ChromePluginPlaceholder::CreateMissingPlugin(
584 render_frame, frame, original_params);
585 } else {
586 // TODO(bauerb): This should be in content/.
587 WebPluginParams params(original_params);
588 for (size_t i = 0; i < plugin.mime_types.size(); ++i) {
589 if (plugin.mime_types[i].mime_type == actual_mime_type) {
590 AppendParams(plugin.mime_types[i].additional_param_names,
591 plugin.mime_types[i].additional_param_values,
592 &params.attributeNames,
593 &params.attributeValues);
594 break;
595 }
596 }
597 if (params.mimeType.isNull() && (actual_mime_type.size() > 0)) {
598 // Webkit might say that mime type is null while we already know the
599 // actual mime type via ChromeViewHostMsg_GetPluginInfo. In that case
600 // we should use what we know since WebpluginDelegateProxy does some
601 // specific initializations based on this information.
602 params.mimeType = WebString::fromUTF8(actual_mime_type.c_str());
603 }
604
605 ContentSettingsObserver* observer =
606 ContentSettingsObserver::Get(render_frame);
607
608 const ContentSettingsType content_type =
609 ShouldUseJavaScriptSettingForPlugin(plugin) ?
610 CONTENT_SETTINGS_TYPE_JAVASCRIPT :
611 CONTENT_SETTINGS_TYPE_PLUGINS;
612
613 if ((status_value ==
614 ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized ||
615 status_value == ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay ||
616 status_value == ChromeViewHostMsg_GetPluginInfo_Status::kBlocked) &&
617 observer->IsPluginTemporarilyAllowed(identifier)) {
618 status_value = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed;
619 }
620
621 // Allow full-page plug-ins for click-to-play.
622 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay &&
623 !frame->parent() &&
624 !frame->opener() &&
625 frame->document().isPluginDocument()) {
626 status_value = ChromeViewHostMsg_GetPluginInfo_Status::kAllowed;
627 }
628
629 #if defined(OS_WIN)
630 // In Windows we need to check if we can load NPAPI plugins.
631 // For example, if the render view is in the Ash desktop, we should not.
632 if (status_value == ChromeViewHostMsg_GetPluginInfo_Status::kAllowed &&
633 plugin.type == content::WebPluginInfo::PLUGIN_TYPE_NPAPI) {
634 if (observer->AreNPAPIPluginsBlocked())
635 status_value =
636 ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported;
637 }
638 #endif
639
640 switch (status_value) {
641 case ChromeViewHostMsg_GetPluginInfo_Status::kNotFound: {
642 NOTREACHED();
643 break;
644 }
645 case ChromeViewHostMsg_GetPluginInfo_Status::kAllowed: {
646 const bool is_nacl_plugin =
647 plugin.name == ASCIIToUTF16(ChromeContentClient::kNaClPluginName);
648 const bool is_nacl_mime_type =
649 actual_mime_type == "application/x-nacl";
650 const bool is_pnacl_mime_type =
651 actual_mime_type == "application/x-pnacl";
652 if (is_nacl_plugin || is_nacl_mime_type || is_pnacl_mime_type) {
653 bool is_nacl_unrestricted = false;
654 if (is_nacl_mime_type) {
655 is_nacl_unrestricted =
656 CommandLine::ForCurrentProcess()->HasSwitch(
657 switches::kEnableNaCl);
658 } else if (is_pnacl_mime_type) {
659 is_nacl_unrestricted =
660 !CommandLine::ForCurrentProcess()->HasSwitch(
661 switches::kDisablePnacl);
662 }
663 GURL manifest_url;
664 GURL app_url;
665 if (is_nacl_mime_type || is_pnacl_mime_type) {
666 // Normal NaCl/PNaCl embed. The app URL is the page URL.
667 manifest_url = url;
668 app_url = frame->top()->document().url();
669 } else {
670 // NaCl is being invoked as a content handler. Look up the NaCl
671 // module using the MIME type. The app URL is the manifest URL.
672 manifest_url = GetNaClContentHandlerURL(actual_mime_type, plugin);
673 app_url = manifest_url;
674 }
675 const Extension* extension =
676 g_current_client->extension_dispatcher_->extensions()->
677 GetExtensionOrAppByURL(manifest_url);
678 if (!IsNaClAllowed(manifest_url,
679 app_url,
680 is_nacl_unrestricted,
681 extension,
682 &params)) {
683 WebString error_message;
684 if (is_nacl_mime_type) {
685 error_message =
686 "Only unpacked extensions and apps installed from the Chrome "
687 "Web Store can load NaCl modules without enabling Native "
688 "Client in about:flags.";
689 } else if (is_pnacl_mime_type) {
690 error_message =
691 "Portable Native Client must not be disabled in about:flags.";
692 }
693 frame->addMessageToConsole(
694 WebConsoleMessage(WebConsoleMessage::LevelError,
695 error_message));
696 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
697 render_frame,
698 frame,
699 params,
700 plugin,
701 identifier,
702 group_name,
703 IDR_BLOCKED_PLUGIN_HTML,
704 #if defined(OS_CHROMEOS)
705 l10n_util::GetStringUTF16(IDS_NACL_PLUGIN_BLOCKED));
706 #else
707 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
708 #endif
709 break;
710 }
711 }
712
713 // Delay loading plugins if prerendering.
714 // TODO(mmenke): In the case of prerendering, feed into
715 // ChromeContentRendererClient::CreatePlugin instead, to
716 // reduce the chance of future regressions.
717 if (prerender::PrerenderHelper::IsPrerendering(render_frame)) {
718 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
719 render_frame,
720 frame,
721 params,
722 plugin,
723 identifier,
724 group_name,
725 IDR_CLICK_TO_PLAY_PLUGIN_HTML,
726 l10n_util::GetStringFUTF16(IDS_PLUGIN_LOAD, group_name));
727 placeholder->set_blocked_for_prerendering(true);
728 placeholder->set_allow_loading(true);
729 break;
730 }
731
732 return render_frame->CreatePlugin(frame, plugin, params);
733 }
734 case ChromeViewHostMsg_GetPluginInfo_Status::kNPAPINotSupported: {
735 RenderThread::Get()->RecordAction(
736 UserMetricsAction("Plugin_NPAPINotSupported"));
737 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
738 render_frame,
739 frame,
740 params,
741 plugin,
742 identifier,
743 group_name,
744 IDR_BLOCKED_PLUGIN_HTML,
745 l10n_util::GetStringUTF16(IDS_PLUGIN_NOT_SUPPORTED_METRO));
746 render_frame->Send(new ChromeViewHostMsg_NPAPINotSupported(
747 render_frame->GetRoutingID(), identifier));
748 break;
749 }
750 case ChromeViewHostMsg_GetPluginInfo_Status::kDisabled: {
751 PluginUMAReporter::GetInstance()->ReportPluginDisabled(orig_mime_type,
752 url);
753 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
754 render_frame,
755 frame,
756 params,
757 plugin,
758 identifier,
759 group_name,
760 IDR_DISABLED_PLUGIN_HTML,
761 l10n_util::GetStringFUTF16(IDS_PLUGIN_DISABLED, group_name));
762 break;
763 }
764 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedBlocked: {
765 #if defined(ENABLE_PLUGIN_INSTALLATION)
766 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
767 render_frame,
768 frame,
769 params,
770 plugin,
771 identifier,
772 group_name,
773 IDR_BLOCKED_PLUGIN_HTML,
774 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
775 placeholder->set_allow_loading(true);
776 render_frame->Send(new ChromeViewHostMsg_BlockedOutdatedPlugin(
777 render_frame->GetRoutingID(), placeholder->CreateRoutingId(),
778 identifier));
779 #else
780 NOTREACHED();
781 #endif
782 break;
783 }
784 case ChromeViewHostMsg_GetPluginInfo_Status::kOutdatedDisallowed: {
785 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
786 render_frame,
787 frame,
788 params,
789 plugin,
790 identifier,
791 group_name,
792 IDR_BLOCKED_PLUGIN_HTML,
793 l10n_util::GetStringFUTF16(IDS_PLUGIN_OUTDATED, group_name));
794 break;
795 }
796 case ChromeViewHostMsg_GetPluginInfo_Status::kUnauthorized: {
797 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
798 render_frame,
799 frame,
800 params,
801 plugin,
802 identifier,
803 group_name,
804 IDR_BLOCKED_PLUGIN_HTML,
805 l10n_util::GetStringFUTF16(IDS_PLUGIN_NOT_AUTHORIZED, group_name));
806 placeholder->set_allow_loading(true);
807 render_frame->Send(new ChromeViewHostMsg_BlockedUnauthorizedPlugin(
808 render_frame->GetRoutingID(),
809 group_name,
810 identifier));
811 break;
812 }
813 case ChromeViewHostMsg_GetPluginInfo_Status::kClickToPlay: {
814 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
815 render_frame,
816 frame,
817 params,
818 plugin,
819 identifier,
820 group_name,
821 IDR_CLICK_TO_PLAY_PLUGIN_HTML,
822 l10n_util::GetStringFUTF16(IDS_PLUGIN_LOAD, group_name));
823 placeholder->set_allow_loading(true);
824 RenderThread::Get()->RecordAction(
825 UserMetricsAction("Plugin_ClickToPlay"));
826 observer->DidBlockContentType(content_type);
827 break;
828 }
829 case ChromeViewHostMsg_GetPluginInfo_Status::kBlocked: {
830 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
831 render_frame,
832 frame,
833 params,
834 plugin,
835 identifier,
836 group_name,
837 IDR_BLOCKED_PLUGIN_HTML,
838 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
839 placeholder->set_allow_loading(true);
840 RenderThread::Get()->RecordAction(UserMetricsAction("Plugin_Blocked"));
841 observer->DidBlockContentType(content_type);
842 break;
843 }
844 case ChromeViewHostMsg_GetPluginInfo_Status::kBlockedByPolicy: {
845 placeholder = ChromePluginPlaceholder::CreateBlockedPlugin(
846 render_frame,
847 frame,
848 params,
849 plugin,
850 identifier,
851 group_name,
852 IDR_BLOCKED_PLUGIN_HTML,
853 l10n_util::GetStringFUTF16(IDS_PLUGIN_BLOCKED, group_name));
854 placeholder->set_allow_loading(false);
855 RenderThread::Get()->RecordAction(
856 UserMetricsAction("Plugin_BlockedByPolicy"));
857 observer->DidBlockContentType(content_type);
858 break;
859 }
860 }
861 }
862 placeholder->SetStatus(status);
863 return placeholder->plugin();
864 }
865
866 // For NaCl content handling plugins, the NaCl manifest is stored in an
867 // additonal 'nacl' param associated with the MIME type.
868 // static
869 GURL ChromeContentRendererClient::GetNaClContentHandlerURL(
870 const std::string& actual_mime_type,
871 const content::WebPluginInfo& plugin) {
872 // Look for the manifest URL among the MIME type's additonal parameters.
873 const char* kNaClPluginManifestAttribute = "nacl";
874 base::string16 nacl_attr = ASCIIToUTF16(kNaClPluginManifestAttribute);
875 for (size_t i = 0; i < plugin.mime_types.size(); ++i) {
876 if (plugin.mime_types[i].mime_type == actual_mime_type) {
877 const content::WebPluginMimeType& content_type = plugin.mime_types[i];
878 for (size_t i = 0; i < content_type.additional_param_names.size(); ++i) {
879 if (content_type.additional_param_names[i] == nacl_attr)
880 return GURL(content_type.additional_param_values[i]);
881 }
882 break;
883 }
884 }
885 return GURL();
886 }
887
888 // static
889 bool ChromeContentRendererClient::IsNaClAllowed(
890 const GURL& manifest_url,
891 const GURL& app_url,
892 bool is_nacl_unrestricted,
893 const Extension* extension,
894 WebPluginParams* params) {
895 // Temporarily allow these whitelisted apps and WebUIs to use NaCl.
896 std::string app_url_host = app_url.host();
897 std::string manifest_url_path = manifest_url.path();
898
899 bool is_whitelisted_web_ui =
900 app_url.spec() == chrome::kChromeUIAppListStartPageURL;
901
902 bool is_photo_app =
903 // Whitelisted apps must be served over https.
904 app_url.SchemeIs("https") &&
905 manifest_url.SchemeIs("https") &&
906 (EndsWith(app_url_host, "plus.google.com", false) ||
907 EndsWith(app_url_host, "plus.sandbox.google.com", false)) &&
908 manifest_url.DomainIs("ssl.gstatic.com") &&
909 (manifest_url_path.find("s2/oz/nacl/") == 1 ||
910 manifest_url_path.find("photos/nacl/") == 1);
911
912 std::string manifest_fs_host;
913 if (manifest_url.SchemeIsFileSystem() && manifest_url.inner_url()) {
914 manifest_fs_host = manifest_url.inner_url()->host();
915 }
916 bool is_hangouts_app =
917 // Whitelisted apps must be served over secure scheme.
918 app_url.SchemeIs("https") &&
919 manifest_url.SchemeIsSecure() &&
920 manifest_url.SchemeIsFileSystem() &&
921 (EndsWith(app_url_host, "talkgadget.google.com", false) ||
922 EndsWith(app_url_host, "plus.google.com", false) ||
923 EndsWith(app_url_host, "plus.sandbox.google.com", false)) &&
924 // The manifest must be loaded from the host's FileSystem.
925 (manifest_fs_host == app_url_host);
926
927 bool is_whitelisted_app = is_photo_app || is_hangouts_app;
928
929 bool is_extension_from_webstore = extension &&
930 extension->from_webstore();
931
932 bool is_invoked_by_hosted_app = extension &&
933 extension->is_hosted_app() &&
934 extension->web_extent().MatchesURL(app_url);
935
936 // Allow built-in extensions and extensions under development.
937 bool is_extension_unrestricted = extension &&
938 (extension->location() == extensions::Manifest::COMPONENT ||
939 extensions::Manifest::IsUnpackedLocation(extension->location()));
940
941 bool is_invoked_by_extension = app_url.SchemeIs("chrome-extension");
942
943 // The NaCl PDF viewer is always allowed and can use 'Dev' interfaces.
944 bool is_nacl_pdf_viewer =
945 (is_extension_from_webstore &&
946 manifest_url.SchemeIs("chrome-extension") &&
947 manifest_url.host() == "acadkphlmlegjaadjagenfimbpphcgnh");
948
949 // Allow Chrome Web Store extensions, built-in extensions and extensions
950 // under development if the invocation comes from a URL with an extension
951 // scheme. Also allow invocations if they are from whitelisted URLs or
952 // if --enable-nacl is set.
953 bool is_nacl_allowed = is_nacl_unrestricted ||
954 is_whitelisted_web_ui ||
955 is_whitelisted_app ||
956 is_nacl_pdf_viewer ||
957 is_invoked_by_hosted_app ||
958 (is_invoked_by_extension &&
959 (is_extension_from_webstore ||
960 is_extension_unrestricted));
961 if (is_nacl_allowed) {
962 bool app_can_use_dev_interfaces = is_nacl_pdf_viewer;
963 // Make sure that PPAPI 'dev' interfaces aren't available for production
964 // apps unless they're whitelisted.
965 WebString dev_attribute = WebString::fromUTF8("@dev");
966 if ((!is_whitelisted_app && !is_extension_from_webstore) ||
967 app_can_use_dev_interfaces) {
968 // Add the special '@dev' attribute.
969 std::vector<base::string16> param_names;
970 std::vector<base::string16> param_values;
971 param_names.push_back(dev_attribute);
972 param_values.push_back(WebString());
973 AppendParams(
974 param_names,
975 param_values,
976 &params->attributeNames,
977 &params->attributeValues);
978 } else {
979 // If the params somehow contain '@dev', remove it.
980 size_t attribute_count = params->attributeNames.size();
981 for (size_t i = 0; i < attribute_count; ++i) {
982 if (params->attributeNames[i].equals(dev_attribute))
983 params->attributeNames[i] = WebString();
984 }
985 }
986 }
987 return is_nacl_allowed;
988 }
989
990 bool ChromeContentRendererClient::HasErrorPage(int http_status_code,
991 std::string* error_domain) {
992 // Use an internal error page, if we have one for the status code.
993 if (!LocalizedError::HasStrings(LocalizedError::kHttpErrorDomain,
994 http_status_code)) {
995 return false;
996 }
997
998 *error_domain = LocalizedError::kHttpErrorDomain;
999 return true;
1000 }
1001
1002 bool ChromeContentRendererClient::ShouldSuppressErrorPage(
1003 content::RenderFrame* render_frame,
1004 const GURL& url) {
1005 // Unit tests for ChromeContentRendererClient pass a NULL RenderFrame here.
1006 // Unfortunately it's very difficult to construct a mock RenderView, so skip
1007 // this functionality in this case.
1008 if (render_frame) {
1009 content::RenderView* render_view = render_frame->GetRenderView();
1010 content::RenderFrame* main_render_frame = render_view->GetMainRenderFrame();
1011 blink::WebFrame* web_frame = render_frame->GetWebFrame();
1012 NetErrorHelper* net_error_helper = NetErrorHelper::Get(main_render_frame);
1013 if (net_error_helper->ShouldSuppressErrorPage(web_frame, url))
1014 return true;
1015 }
1016 // Do not flash an error page if the Instant new tab page fails to load.
1017 return search_bouncer_.get() && search_bouncer_->IsNewTabPage(url);
1018 }
1019
1020 void ChromeContentRendererClient::GetNavigationErrorStrings(
1021 content::RenderView* render_view,
1022 blink::WebFrame* frame,
1023 const blink::WebURLRequest& failed_request,
1024 const blink::WebURLError& error,
1025 std::string* error_html,
1026 base::string16* error_description) {
1027 const GURL failed_url = error.unreachableURL;
1028 const Extension* extension = NULL;
1029
1030 if (failed_url.is_valid() &&
1031 !failed_url.SchemeIs(extensions::kExtensionScheme)) {
1032 extension = extension_dispatcher_->extensions()->GetExtensionOrAppByURL(
1033 failed_url);
1034 }
1035
1036 bool is_post = EqualsASCII(failed_request.httpMethod(), "POST");
1037
1038 if (error_html) {
1039 // Use a local error page.
1040 if (extension && !extension->from_bookmark()) {
1041 // TODO(erikkay): Should we use a different template for different
1042 // error messages?
1043 int resource_id = IDR_ERROR_APP_HTML;
1044 const base::StringPiece template_html(
1045 ResourceBundle::GetSharedInstance().GetRawDataResource(
1046 resource_id));
1047 if (template_html.empty()) {
1048 NOTREACHED() << "unable to load template. ID: " << resource_id;
1049 } else {
1050 base::DictionaryValue error_strings;
1051 LocalizedError::GetAppErrorStrings(failed_url, extension,
1052 &error_strings);
1053 // "t" is the id of the template's root node.
1054 *error_html = webui::GetTemplatesHtml(template_html, &error_strings,
1055 "t");
1056 }
1057 } else {
1058 // TODO(ellyjones): change GetNavigationErrorStrings to take a RenderFrame
1059 // instead of a RenderView, then pass that in.
1060 // This is safe for now because we only install the NetErrorHelper on the
1061 // main render frame anyway; see the TODO(ellyjones) in
1062 // RenderFrameCreated.
1063 content::RenderFrame* main_render_frame =
1064 render_view->GetMainRenderFrame();
1065 NetErrorHelper* helper = NetErrorHelper::Get(main_render_frame);
1066 helper->GetErrorHTML(frame, error, is_post, error_html);
1067 }
1068 }
1069
1070 if (error_description) {
1071 if (!extension)
1072 *error_description = LocalizedError::GetErrorDetails(error, is_post);
1073 }
1074 }
1075
1076 bool ChromeContentRendererClient::RunIdleHandlerWhenWidgetsHidden() {
1077 return !extension_dispatcher_->is_extension_process();
1078 }
1079
1080 bool ChromeContentRendererClient::AllowPopup() {
1081 extensions::ScriptContext* current_context =
1082 extension_dispatcher_->script_context_set().GetCurrent();
1083 if (!current_context || !current_context->extension())
1084 return false;
1085 // See http://crbug.com/117446 for the subtlety of this check.
1086 switch (current_context->context_type()) {
1087 case extensions::Feature::UNSPECIFIED_CONTEXT:
1088 case extensions::Feature::WEB_PAGE_CONTEXT:
1089 case extensions::Feature::UNBLESSED_EXTENSION_CONTEXT:
1090 return false;
1091 case extensions::Feature::BLESSED_EXTENSION_CONTEXT:
1092 case extensions::Feature::CONTENT_SCRIPT_CONTEXT:
1093 return true;
1094 case extensions::Feature::BLESSED_WEB_PAGE_CONTEXT:
1095 return !current_context->web_frame()->parent();
1096 }
1097 NOTREACHED();
1098 return false;
1099 }
1100
1101 bool ChromeContentRendererClient::ShouldFork(WebFrame* frame,
1102 const GURL& url,
1103 const std::string& http_method,
1104 bool is_initial_navigation,
1105 bool is_server_redirect,
1106 bool* send_referrer) {
1107 DCHECK(!frame->parent());
1108
1109 // If this is the Instant process, fork all navigations originating from the
1110 // renderer. The destination page will then be bucketed back to this Instant
1111 // process if it is an Instant url, or to another process if not. Conversely,
1112 // fork if this is a non-Instant process navigating to an Instant url, so that
1113 // such navigations can also be bucketed into an Instant renderer.
1114 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kInstantProcess) ||
1115 (search_bouncer_.get() && search_bouncer_->ShouldFork(url))) {
1116 *send_referrer = true;
1117 return true;
1118 }
1119
1120 // For now, we skip the rest for POST submissions. This is because
1121 // http://crbug.com/101395 is more likely to cause compatibility issues
1122 // with hosted apps and extensions than WebUI pages. We will remove this
1123 // check when cross-process POST submissions are supported.
1124 if (http_method != "GET")
1125 return false;
1126
1127 // If this is the Signin process, fork all navigations originating from the
1128 // renderer. The destination page will then be bucketed back to this Signin
1129 // process if it is a Signin url, or to another process if not.
1130 if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSigninProcess)) {
1131 // We never want to allow non-signin pages to fork-on-POST to a
1132 // signin-related action URL. We'll need to handle this carefully once
1133 // http://crbug.com/101395 is fixed. The CHECK ensures we don't forget.
1134 CHECK_NE(http_method, "POST");
1135 return true;
1136 }
1137
1138 // If |url| matches one of the prerendered URLs, stop this navigation and try
1139 // to swap in the prerendered page on the browser process. If the prerendered
1140 // page no longer exists by the time the OpenURL IPC is handled, a normal
1141 // navigation is attempted.
1142 if (prerender_dispatcher_.get() &&
1143 prerender_dispatcher_->IsPrerenderURL(url)) {
1144 *send_referrer = true;
1145 return true;
1146 }
1147
1148 const extensions::ExtensionSet* extensions =
1149 extension_dispatcher_->extensions();
1150
1151 // Determine if the new URL is an extension (excluding bookmark apps).
1152 const Extension* new_url_extension = extensions::GetNonBookmarkAppExtension(
1153 *extensions, url);
1154 bool is_extension_url = !!new_url_extension;
1155
1156 // If the navigation would cross an app extent boundary, we also need
1157 // to defer to the browser to ensure process isolation. This is not necessary
1158 // for server redirects, which will be transferred to a new process by the
1159 // browser process when they are ready to commit. It is necessary for client
1160 // redirects, which won't be transferred in the same way.
1161 if (!is_server_redirect &&
1162 CrossesExtensionExtents(frame, url, *extensions, is_extension_url,
1163 is_initial_navigation)) {
1164 // Include the referrer in this case since we're going from a hosted web
1165 // page. (the packaged case is handled previously by the extension
1166 // navigation test)
1167 *send_referrer = true;
1168
1169 const Extension* extension =
1170 extension_dispatcher_->extensions()->GetExtensionOrAppByURL(url);
1171 if (extension && extension->is_app()) {
1172 UMA_HISTOGRAM_ENUMERATION(
1173 extension->is_platform_app() ?
1174 extension_misc::kPlatformAppLaunchHistogram :
1175 extension_misc::kAppLaunchHistogram,
1176 extension_misc::APP_LAUNCH_CONTENT_NAVIGATION,
1177 extension_misc::APP_LAUNCH_BUCKET_BOUNDARY);
1178 }
1179 return true;
1180 }
1181
1182 // If this is a reload, check whether it has the wrong process type. We
1183 // should send it to the browser if it's an extension URL (e.g., hosted app)
1184 // in a normal process, or if it's a process for an extension that has been
1185 // uninstalled.
1186 if (frame->top()->document().url() == url) {
1187 if (is_extension_url != extension_dispatcher_->is_extension_process())
1188 return true;
1189 }
1190
1191 return false;
1192 }
1193
1194 bool ChromeContentRendererClient::WillSendRequest(
1195 blink::WebFrame* frame,
1196 content::PageTransition transition_type,
1197 const GURL& url,
1198 const GURL& first_party_for_cookies,
1199 GURL* new_url) {
1200 // Check whether the request should be allowed. If not allowed, we reset the
1201 // URL to something invalid to prevent the request and cause an error.
1202 if (url.SchemeIs(extensions::kExtensionScheme) &&
1203 !extensions::ResourceRequestPolicy::CanRequestResource(
1204 url,
1205 frame,
1206 transition_type,
1207 extension_dispatcher_->extensions())) {
1208 *new_url = GURL(chrome::kExtensionInvalidRequestURL);
1209 return true;
1210 }
1211
1212 if (url.SchemeIs(extensions::kExtensionResourceScheme) &&
1213 !extensions::ResourceRequestPolicy::CanRequestExtensionResourceScheme(
1214 url,
1215 frame)) {
1216 *new_url = GURL(chrome::kExtensionResourceInvalidRequestURL);
1217 return true;
1218 }
1219
1220 const content::RenderView* render_view =
1221 content::RenderView::FromWebView(frame->view());
1222 SearchBox* search_box = SearchBox::Get(render_view);
1223 if (search_box && url.SchemeIs(chrome::kChromeSearchScheme)) {
1224 if (url.host() == chrome::kChromeUIThumbnailHost)
1225 return search_box->GenerateThumbnailURLFromTransientURL(url, new_url);
1226 else if (url.host() == chrome::kChromeUIFaviconHost)
1227 return search_box->GenerateFaviconURLFromTransientURL(url, new_url);
1228 }
1229
1230 return false;
1231 }
1232
1233 void ChromeContentRendererClient::DidCreateScriptContext(
1234 WebFrame* frame, v8::Handle<v8::Context> context, int extension_group,
1235 int world_id) {
1236 extension_dispatcher_->DidCreateScriptContext(
1237 frame, context, extension_group, world_id);
1238 }
1239
1240 unsigned long long ChromeContentRendererClient::VisitedLinkHash(
1241 const char* canonical_url, size_t length) {
1242 return visited_link_slave_->ComputeURLFingerprint(canonical_url, length);
1243 }
1244
1245 bool ChromeContentRendererClient::IsLinkVisited(unsigned long long link_hash) {
1246 return visited_link_slave_->IsVisited(link_hash);
1247 }
1248
1249 blink::WebPrescientNetworking*
1250 ChromeContentRendererClient::GetPrescientNetworking() {
1251 return prescient_networking_dispatcher_.get();
1252 }
1253
1254 bool ChromeContentRendererClient::ShouldOverridePageVisibilityState(
1255 const content::RenderFrame* render_frame,
1256 blink::WebPageVisibilityState* override_state) {
1257 if (!prerender::PrerenderHelper::IsPrerendering(render_frame))
1258 return false;
1259
1260 *override_state = blink::WebPageVisibilityStatePrerender;
1261 return true;
1262 }
1263
1264 void ChromeContentRendererClient::SetExtensionDispatcherForTest(
1265 extensions::Dispatcher* extension_dispatcher) {
1266 extension_dispatcher_.reset(extension_dispatcher);
1267 permissions_policy_delegate_.reset(
1268 new extensions::RendererPermissionsPolicyDelegate(
1269 extension_dispatcher_.get()));
1270 }
1271
1272 extensions::Dispatcher*
1273 ChromeContentRendererClient::GetExtensionDispatcherForTest() {
1274 return extension_dispatcher_.get();
1275 }
1276
1277 bool ChromeContentRendererClient::CrossesExtensionExtents(
1278 WebFrame* frame,
1279 const GURL& new_url,
1280 const extensions::ExtensionSet& extensions,
1281 bool is_extension_url,
1282 bool is_initial_navigation) {
1283 GURL old_url(frame->top()->document().url());
1284
1285 // If old_url is still empty and this is an initial navigation, then this is
1286 // a window.open operation. We should look at the opener URL.
1287 if (is_initial_navigation && old_url.is_empty() && frame->opener()) {
1288 // If we're about to open a normal web page from a same-origin opener stuck
1289 // in an extension process, we want to keep it in process to allow the
1290 // opener to script it.
1291 WebDocument opener_document = frame->opener()->document();
1292 WebSecurityOrigin opener = frame->opener()->document().securityOrigin();
1293 bool opener_is_extension_url =
1294 !opener.isUnique() && extensions.GetExtensionOrAppByURL(
1295 opener_document.url()) != NULL;
1296 if (!is_extension_url &&
1297 !opener_is_extension_url &&
1298 extension_dispatcher_->is_extension_process() &&
1299 opener.canRequest(WebURL(new_url)))
1300 return false;
1301
1302 // In all other cases, we want to compare against the top frame's URL (as
1303 // opposed to the opener frame's), since that's what determines the type of
1304 // process. This allows iframes outside an app to open a popup in the app.
1305 old_url = frame->top()->opener()->top()->document().url();
1306 }
1307
1308 // Only consider keeping non-app URLs in an app process if this window
1309 // has an opener (in which case it might be an OAuth popup that tries to
1310 // script an iframe within the app).
1311 bool should_consider_workaround = !!frame->opener();
1312
1313 return extensions::CrossesExtensionProcessBoundary(
1314 extensions, old_url, new_url, should_consider_workaround);
1315 }
1316
1317 #if defined(ENABLE_SPELLCHECK)
1318 void ChromeContentRendererClient::SetSpellcheck(SpellCheck* spellcheck) {
1319 RenderThread* thread = RenderThread::Get();
1320 if (spellcheck_.get() && thread)
1321 thread->RemoveObserver(spellcheck_.get());
1322 spellcheck_.reset(spellcheck);
1323 SpellCheckReplacer replacer(spellcheck_.get());
1324 content::RenderView::ForEach(&replacer);
1325 if (thread)
1326 thread->AddObserver(spellcheck_.get());
1327 }
1328 #endif
1329
1330 bool ChromeContentRendererClient::IsAdblockInstalled() {
1331 return g_current_client->extension_dispatcher_->extensions()->Contains(
1332 "gighmmpiobklfepjocnamgkkbiglidom");
1333 }
1334
1335 bool ChromeContentRendererClient::IsAdblockPlusInstalled() {
1336 return g_current_client->extension_dispatcher_->extensions()->Contains(
1337 "cfhdojbkjhnklbpkdaibdccddilifddb");
1338 }
1339
1340 bool ChromeContentRendererClient::IsAdblockWithWebRequestInstalled() {
1341 return g_current_client->extension_dispatcher_delegate_
1342 ->IsAdblockWithWebRequestInstalled();
1343 }
1344
1345 bool ChromeContentRendererClient::IsAdblockPlusWithWebRequestInstalled() {
1346 return g_current_client->extension_dispatcher_delegate_
1347 ->IsAdblockPlusWithWebRequestInstalled();
1348 }
1349
1350 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() {
1351 return g_current_client->extension_dispatcher_delegate_
1352 ->IsOtherExtensionWithWebRequestInstalled();
1353 }
1354
1355 const void* ChromeContentRendererClient::CreatePPAPIInterface(
1356 const std::string& interface_name) {
1357 #if defined(ENABLE_PLUGINS)
1358 #if !defined(DISABLE_NACL)
1359 if (interface_name == PPB_NACL_PRIVATE_INTERFACE)
1360 return nacl::GetNaClPrivateInterface();
1361 #endif // DISABLE_NACL
1362 if (interface_name == PPB_PDF_INTERFACE)
1363 return PPB_PDF_Impl::GetInterface();
1364 #endif
1365 return NULL;
1366 }
1367
1368 bool ChromeContentRendererClient::IsExternalPepperPlugin(
1369 const std::string& module_name) {
1370 // TODO(bbudge) remove this when the trusted NaCl plugin has been removed.
1371 // We must defer certain plugin events for NaCl instances since we switch
1372 // from the in-process to the out-of-process proxy after instantiating them.
1373 return module_name == "Native Client";
1374 }
1375
1376 bool ChromeContentRendererClient::IsExtensionOrSharedModuleWhitelisted(
1377 const GURL& url, const std::set<std::string>& whitelist) {
1378 const extensions::ExtensionSet* extension_set =
1379 g_current_client->extension_dispatcher_->extensions();
1380 return chrome::IsExtensionOrSharedModuleWhitelisted(url, extension_set,
1381 whitelist);
1382 }
1383
1384 blink::WebSpeechSynthesizer*
1385 ChromeContentRendererClient::OverrideSpeechSynthesizer(
1386 blink::WebSpeechSynthesizerClient* client) {
1387 return new TtsDispatcher(client);
1388 }
1389
1390 bool ChromeContentRendererClient::AllowBrowserPlugin(
1391 blink::WebPluginContainer* container) {
1392 // If this |BrowserPlugin| <object> in the |container| is not inside a
1393 // <webview>/<adview> shadowHost, we disable instantiating this plugin. This
1394 // is to discourage and prevent developers from accidentally attaching
1395 // <object> directly in apps.
1396 //
1397 // Note that this check below does *not* ensure any security, it is still
1398 // possible to bypass this check.
1399 // TODO(lazyboy): http://crbug.com/178663, Ensure we properly disallow
1400 // instantiating BrowserPlugin outside of the <webview>/<adview> shim.
1401 if (container->element().isNull())
1402 return false;
1403
1404 if (container->element().shadowHost().isNull())
1405 return false;
1406
1407 WebString tag_name = container->element().shadowHost().tagName();
1408 return tag_name.equals(WebString::fromUTF8(kWebViewTagName)) ||
1409 tag_name.equals(WebString::fromUTF8(kAdViewTagName));
1410 }
1411
1412 bool ChromeContentRendererClient::AllowPepperMediaStreamAPI(
1413 const GURL& url) {
1414 #if !defined(OS_ANDROID)
1415 // Allow only the Hangouts app to use the MediaStream APIs. It's OK to check
1416 // the whitelist in the renderer, since we're only preventing access until
1417 // these APIs are public and stable.
1418 std::string url_host = url.host();
1419 if (url.SchemeIs("https") &&
1420 (EndsWith(url_host, "talkgadget.google.com", false) ||
1421 EndsWith(url_host, "plus.google.com", false) ||
1422 EndsWith(url_host, "plus.sandbox.google.com", false)) &&
1423 StartsWithASCII(url.path(), "/hangouts/", false)) {
1424 return true;
1425 }
1426 // Allow access for tests.
1427 if (CommandLine::ForCurrentProcess()->HasSwitch(
1428 switches::kEnablePepperTesting)) {
1429 return true;
1430 }
1431 #endif // !defined(OS_ANDROID)
1432 return false;
1433 }
1434
1435 void ChromeContentRendererClient::AddKeySystems(
1436 std::vector<content::KeySystemInfo>* key_systems) {
1437 AddChromeKeySystems(key_systems);
1438 }
1439
1440 bool ChromeContentRendererClient::ShouldReportDetailedMessageForSource(
1441 const base::string16& source) const {
1442 return extensions::IsSourceFromAnExtension(source);
1443 }
1444
1445 bool ChromeContentRendererClient::ShouldEnableSiteIsolationPolicy() const {
1446 // SiteIsolationPolicy is off by default. We would like to activate cross-site
1447 // document blocking (for UMA data collection) for normal renderer processes
1448 // running a normal web page from the Internet. We only turn on
1449 // SiteIsolationPolicy for a renderer process that does not have the extension
1450 // flag on.
1451 CommandLine* command_line = CommandLine::ForCurrentProcess();
1452 return !command_line->HasSwitch(extensions::switches::kExtensionProcess);
1453 }
1454
1455 blink::WebWorkerPermissionClientProxy*
1456 ChromeContentRendererClient::CreateWorkerPermissionClientProxy(
1457 content::RenderFrame* render_frame,
1458 blink::WebFrame* frame) {
1459 return new WorkerPermissionClientProxy(render_frame, frame);
1460 }